进入容器的4种方法
一、进入容器的4种方法
1.使用docker attach
使用方法:docker attach CONTAINER ID
缺点:多个窗口操作会同步显示,而且如果一个窗口阻塞,其他窗口也阻塞,所以不推荐。
2.使用ssh
使用方法:在容器中安装ssh sever,多个用户即可以同时进入容器。
缺点:没研究,有空参考链接(为什么不需要在 Docker 容器中运行 sshd):https://www.oschina.net/translate/why-you-dont-need-to-run-sshd-in-docker?cmp
3.使用nsenter
why:nsenter可以访问另一个进程的名称空间。nsenter的使用方法请使用命令 nsenter --help.
使用方法:docker inspect+nsenter
inspect用来获取容器的进程pid,可以使用命令 sudo docker inspect -f {{.State.Pid}} CONTAINER ID。拿到进程的pid后,我们可以使用nsenter进入容器,命令如下。
sudo nsenter --target 8700 --mount --uts --ipc --net --pid
4.使用docker exec
sudo docker exec --help
sudo docker ps
docker exec -it container id /bin/bash
二、进入容器实例
2.1 docker attach
root@os-machine ~]# docker attach --help Usage:docker attach [OPTIONS] CONTAINER Attach to a running container Options: --detach-keys string Override the key sequence for detaching a container --help Print usage --no-stdin Do not attach STDIN --sig-proxy Proxy all received signals to the process (default true) [root@os-machine ~]# docker attach michael_ubuntu root@929ed50d2fdb:/#
2.2 ssh
略过
2.3 nsenter
[root@os-machine ~]# nsenter --help Usage: nsenter [options] <program> [<argument>...] Run a program with namespaces of other processes. Options: -t, --target <pid> target process to get namespaces from -m, --mount[=<file>] enter mount namespace -u, --uts[=<file>] enter UTS namespace (hostname etc) -i, --ipc[=<file>] enter System V IPC namespace -n, --net[=<file>] enter network namespace -p, --pid[=<file>] enter pid namespace -U, --user[=<file>] enter user namespace -S, --setuid <uid> set uid in entered namespace -G, --setgid <gid> set gid in entered namespace --preserve-credentials do not touch uids or gids -r, --root[=<dir>] set the root directory -w, --wd[=<dir>] set the working directory -F, --no-fork do not fork before exec'ing <program> -Z, --follow-context set SELinux context according to --target PID -h, --help display this help and exit -V, --version output version information and exit For more details see nsenter(1).
[root@os-machine ~]# docker ps |grep michael 929ed50d2fdb ubuntu:14.04.2 "/bin/bash" 2 minutes ago Up 28 seconds michael_ubuntu [root@os-machine ~]# sudo docker inspect -f {{.State.Pid}} michael_ubuntu 104604 [root@os-machine ~]# sudo nsenter --target 104604 --mount --uts --ipc --net --pid root@929ed50d2fdb:/#
2.4 docker exec
[root@os-machine ~]# docker exec --help Usage:docker exec [OPTIONS] CONTAINER COMMAND [ARG...] Run a command in a running container Options: -d, --detach Detached mode: run command in the background --detach-keys string Override the key sequence for detaching a container -e, --env list Set environment variables (default []) --help Print usage -i, --interactive Keep STDIN open even if not attached --privileged Give extended privileges to the command -t, --tty Allocate a pseudo-TTY -u, --user string Username or UID (format: <name|uid>[:<group|gid>]) [root@os-machine ~]# docker exec -it michael_ubuntu /bin/bash root@929ed50d2fdb:/#
参考链接:
[1]https://www.cnblogs.com/xhyan/p/6593075.html
转载于:https://blog.51cto.com/huwho/2114617