Docker:从主机上的特权容器内部运行任意命令
[英]Docker: Run an arbitrary command from inside a priveleged container on the host
问题描述
I'm trying to run a command from a priveleged docker. 
我正在尝试从特权docker运行命令。 Specifically the command nmcli . 具体来说,命令nmcli 。
When I try to add nmcli as a volume, it complains that it's missing other files. 当我尝试将nmcli添加为卷时,它抱怨缺少其他文件。
When I add the entire /usr/bin it complains about python being unable to add site-packages. 当我添加整个/usr/bin它抱怨python无法添加站点程序包。
Is there a way, I can run a command on the host machine from a child container 有没有办法,我可以从子容器在主机上运行命令
1 个解决方案
解决方案1
1 已采纳 2017-03-29 04:31:37
The majority of tools that are installed with a package manager like yum or apt will make use of shared libraries to reduce the overall size of the install. 与软件包管理器一起安装的大多数工具(例如yum或apt将利用共享库来减小安装的总体规模。
The container would either need to be the same distro and have the same package dependencies installed, or mount all the dependencies of the binary into the container. 容器要么需要是相同的发行版,并且要安装相同的软件包依赖项,要么将二进制文件的所有依赖项装入容器中。
Something like this should work: 这样的事情应该起作用:
docker run \
-v /lib:/lib \
-v /usr/lib/:/usr/lib \
-v /usr/bin/nmcli:/usr/bin/nmcli \
busybox \
/usr/bin/nmcli
But you might need to be more specific about the library mounts if you want the container to use it's own shared libraries as well. 但是,如果您希望容器也使用它自己的共享库,则可能需要更详细地说明库的挂载。
Some packages can provide a "static binary" that include's all their dependencies in the executable. 某些软件包可以提供“静态二进制文件”,其中包括它们在可执行文件中的所有依赖性。 I doubt this exists for nmcli as it's a RHEL specific tool to manage a RHEL box, whose policy is to use yum to manage shared libraries. 我怀疑nmcli是否存在,因为它是管理RHEL框的RHEL专用工具,其策略是使用yum来管理共享库。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.