Docker Centos7:无法将 tmpfs 挂载为 /run:不允许操作
[英]Docker Centos7: Failed to mount tmpfs as /run: Operation not permitted
问题描述
So I wanted to get systemctl working on the docker container for an assignment so I used the command:
所以我想让 systemctl 在 docker 容器上工作以进行分配,所以我使用了命令:
docker run --privileged -ti -e container=docker -v /sys/fs/cgroup:/sys/fs/cgroup s3696653/usap-a1 usr/sbin/init
Everything worked well, but I haven't fully read the spec and we are not supposed to use systemctl.一切正常,但我还没有完全阅读规范,我们不应该使用 systemctl。 So I stopped the container and tried to run the container like normal using:所以我停止了容器并尝试使用以下方法正常运行容器:
docker run -i -t s3696653/usap-a1
But it no longer works.但它不再起作用了。 I get the error:我收到错误:
Failed to mount tmpfs as /run: Operation not permitted
[!!!!!!] Failed to mount API filesystems, freezing.
What can I do to get it running with the normal run command?我该怎么做才能使用正常的运行命令运行它? Thanks in advance.提前致谢。
1 个解决方案
解决方案1
2 2020-09-05 10:41:35
While it is recommended not using systemd inside a container or using priviledged mode, recommendations are not edicts that if not followed to the letter will cause the New Jersey State Police to drag you at night and take you away.虽然建议不要在容器内使用 systemd 或使用特权模式,但建议并不是法令,如果不遵守信函会导致新泽西州警察在晚上拖着你把你带走。 If you got it running using --priviledged, next try to see what it takes to run it without it as avoiding it makes your setup more secure.如果您使用 --priviledged 运行它,接下来尝试看看在没有它的情况下运行它需要什么,因为避免它会使您的设置更安全。
Using the -v (called a bind mount by the docker official documentation) should help you pass the volumes you need without requiring the --privileged option.使用 -v(docker官方文档称为绑定挂载)应该可以帮助您传递所需的卷,而无需 --privileged 选项。 In fact, here is systemd-in-docker example from an old stackoverflow thread asking a similar question:事实上,这里是一个来自旧的 stackoverflow 线程的systemd-in-docker 示例,该线程提出了一个类似的问题:
docker run -ti --tmpfs /tmp --tmpfs /run -v /sys/fs/cgroup:/sys/fs/cgroup:ro -p 80:80 local/centos7-systemd
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.