[英]How to create an Image with non-root access from a Dockerfile for OpenShift?
I need to create an image from a docker file with non-root permission, because I don't have root access on our OpenShift Container Platform.我需要从具有非 root 权限的 docker 文件创建一个映像,因为我在我们的 OpenShift 容器平台上没有 root 访问权限。 Root access is forbidden by our service provider.我们的服务提供商禁止 Root 访问。 When I try to pull the image from docker hub:当我尝试从 docker 集线器中提取图像时:
https://s19.directupload.net/images/191029/2vvyrpw2.jpg https://s19.directupload.net/images/191029/2vvyrpw2.jpg
Container is not runing, because it's need root access.容器没有运行,因为它需要 root 访问权限。
https://s19.directupload.net/images/191029/f42sreci.jpg https://s19.directupload.net/images/191029/f42sreci.jpg
I tried to re-build the image and changed the permission of the path.我试图重新构建图像并更改路径的权限。
Docker File: Docker 文件:
RUN set -x \ && chmod g+rx /usr/local/HelpSystems/GoAnywhere/jre/bin/java
I get this error now:我现在收到此错误:
/usr/local/HelpSystems/GoAnywhere/tomcat/bin/../../jre/bin/java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory
How can I create an image with non-root-access?如何创建具有非 root 访问权限的图像?
By default, OpenShift does not allow containers to run as root
.默认情况下,OpenShift 不允许容器以root
身份运行。 This is a great security feature from Red Hat.这是 Red Hat 的一项出色的安全功能。
When creating a Docker image using a Dockerfile
, I always create a non-root
user:使用Dockerfile
创建 Docker 映像时,我总是创建一个non-root
用户:
USER 1001
) when running a command to perform some action in your Dockerfile: RUN a,b,c
在运行命令以在 Dockerfile 中执行某些操作时创建非 root 用户 ( USER 1001
): RUN a,b,c
USER 1001
so the container will run as the 1001 user, ie non-root.在我的 Dockerfile 结束时,我将设置USER 1001
,以便容器将以 1001 用户身份运行,即非 root。 If you need a container to run as root
,如果您需要一个容器以root
身份运行,
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.