无法构build泊坞窗图像,“必须是root用户”
我正在通过在容器中安装应用程序(应该是安装的根用户)来创build一个Docker镜像。
# cat Dockerfile FROM ubuntu:16.04 COPY $pwd/intel_virtual_gateway_console64_1_9_0.tar /root/ COPY $pwd/login.exp /root/ WORKDIR /root/ RUN tar -xvf intel_virtual_gateway_console64_1_9_0.tar RUN apt-get update && apt-get install -y expect \ expect-dev \ libxml2-utils RUN whoami RUN expect login.exp Docker镜像的构build过程:
root@labadmin-VirtualBox:~/RAGHU/krishna# docker build -t release:4.0 . Sending build context to Docker daemon 633.5MB Step 1/8 : FROM ubuntu:16.04 ---> 6a2f32de169d Step 2/8 : COPY $pwd/intel_virtual_gateway_console64_1_9_0.tar /root/ ---> Using cache ---> 36e9ea407082 Step 3/8 : COPY $pwd/login.exp /root/ ---> Using cache ---> 0fad538973d4 Step 4/8 : WORKDIR /root/ ---> Using cache ---> f5d7f36bc37f Step 5/8 : RUN tar -xvf intel_virtual_gateway_console64_1_9_0.tar ---> Using cache ---> 6cab428f1bc2 Step 6/8 : RUN apt-get update && apt-get install -y expect expect-dev libxml2-utils ---> Using cache ---> 5bb1ee67332f
确认容器以root用户身份运行:
Step 7/8 : RUN whoami ---> Running in 112b87d77a08 root ---> 0c7eb38cc06b Removing intermediate container 112b87d77a08 Step 8/8 : RUN expect login.exp ---> Running in 5f186baf2f8d spawn ./virtualgatewayconsole_package/virtual_gateway_console_intel64 Install Error -------------------------------------------------------------------------------- To install the application, you must be a root user. -------------------------------------------------------------------------------- Type any key to exit: ^C
无法找出应用程序安装失败的原因,即使它以root用户身份运行。
编辑:添加login.exp脚本:这个脚本是如此基本,以完成我的function。
#cat login.exp #!/usr/bin/expect -f if 0 { *************************READ THIS BEFORE START********************* User password must consist of at least 3 of the following categories: uppercase, lowercase, numeric, and non-alphanumeric. In case of violation of this rule the Installation will fail! ******************************************************************** } set passwd "ISHAAN@p2017" set username "raghu" spawn ./virtualgatewayconsole_package/virtual_gateway_console_intel64 expect "Press Enter key to continue or q to quit:" send "\n" expect "Press ENTER for more, or q when done" send "q" sleep 5 #expect "conditions of this license agreement?" expect "*(accept/decline): " send "accept\n" #Product installation expect "*Please type a selection \[1\]:" send "\n" expect "*Please type a selection (Press Enter to next):" send "\n" sleep 2 #Configure TLS settings expect "*Enter TLS keystore password (only numbers, letters and !@#$%^*()_+{}|.:?=-):" send $passwd send "\n" expect "*Retype TLS keystore password:" send $passwd send "\n" sleep 2 expect "Please type a selection (Press Enter to next):" send "\n" #Configure host expect "Please type a selection (Press Enter to next):" send "\n" expect "Please type a selection (Press Enter to next):" send "\n" #Configure user for logging on the management console expect "Please type a selection (Press Enter to next):" send "\n" sleep 2 expect "Enter user password (only numbers, letters, spaces and !@#$%^*()_+{}|.:?=-):" send $passwd send "\n" expect "Retype user password:" send $passwd send "\n" expect "Please type a selection (Press Enter to next):" send "\n" sleep 2 #Configure PostgreSQL service expect "Please type a selection (Press Enter to next):" send "\n" expect "Enter PostgreSQL user password (only numbers, letters and !@#$%^*()_+{}|.:?=-):" send $passwd send "\n" expect "Retype PostgreSQL user password:" send $passwd send "\n" expect "Please type a selection (Press Enter to next):" send "\n" sleep 60 #Create Keystore expect "What is your first and last name?" send $username send "\n" expect "What is the name of your organizational unit?" send "radisys" send "\n" expect "What is the name of your organization?" send "radisys" send "\n" sleep 2 expect "What is the name of your City or Locality?" send "banglore" send "\n" expect "What is the name of your State or Province?" send "karnataka" send "\n" expect "What is the two-letter country code for this unit?" send "IND" send "\n" sleep 2 expect "Is CN=raghu, OU=radisys, O=radisys, L=banglore, ST=karnataka, C=IND correct?" send "yes" send "\n" sleep 2 expect "Please type a selection \[q\]:" send "q" expect eof
根目录的容器版本和主机上的根目录不一定是相同的东西。 最大的区别是,docker从root用户中删除了各种function,以防止它们突破容器,因此用户无法访问物理硬件设备,他们可以直接在容器中安装硬盘驱动器,或者调整cgroup设置来转义命名空间。
从您运行的文件的名称看来,您正在尝试安装需要访问硬件的KVM。 我不认为这将是一个容器的最佳用例,这个容器是为便携性和硬件隔离而devise的,而这个应用程序可能是用硬件特定的configuration和访问作为关键要求来devise的。
虽然docker build不允许硬件访问,你可能会使用docker run --privileged来手动执行安装,然后docker run --privileged docker commit将该容器保存到映像。 这通常是您想要构build图像的最后一种方式,但在这种情况下,它可能是唯一的方法,假设它是可能的。