How to create an Image with non-root access from a Dockerfile for OpenShift?
Question
I need to create an image from a docker file with non-root permission, because I don't have root access on our OpenShift Container Platform. Root access is forbidden by our service provider. When I try to pull the image from docker hub:
https://s19.directupload.net/images/191029/2vvyrpw2.jpg
Container is not runing, because it's need root access.
https://s19.directupload.net/images/191029/f42sreci.jpg
I tried to re-build the image and changed the permission of the path.
Docker File:
RUN set -x \ && chmod g+rx /usr/local/HelpSystems/GoAnywhere/jre/bin/java
I get this error now:
/usr/local/HelpSystems/GoAnywhere/tomcat/bin/../../jre/bin/java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory
How can I create an image with non-root-access?
1 answers
solution1
1 2019-10-30 13:37:44
By default, OpenShift does not allow containers to run as root . This is a great security feature from Red Hat.
When creating a Docker image using a Dockerfile , I always create a non-root user:
- Create a non-root user (
USER 1001) when running a command to perform some action in your Dockerfile:RUN a,b,c - At the end of my Dockerfile, I will set
USER 1001so the container will run as the 1001 user, ie non-root.
If you need a container to run as root ,
- Create the image off the OpenShift platform
- Grant privileged access to the container. I would not recommend this.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.