How to enter in a Docker container already running

2019-01-07 01:04发布

站内问答 / Docker
1099 9 4

I have a container that is running the Apache service in the foreground. I would like to be able to access the container from another shell in order to "poke around" inside it and examine the files. At the moment, if I attach to the container, I am left looking at the Apache daemon and cannot run any commands.

Is it possible to attach another tty to a running container? Possibly, I can take advantage of the fact that Docker is actually just wrapping around LXC containers? I have tried sudo lxc-console -n [container-id] -t [1-4] but it appears that only one tty is made available and that is the one running the apache daemon. Perhaps there is a way to enable multiple lxc consoles during the build?

I would rather not configure and build the container with an openssh service if possible.

标签: docker tty
举报
9条回答
Ridiculous、
2楼-- · 2019-01-07 01:42

You should use Jérôme Petazzoni's tool called 'nsenter' to enter a container without using SSH. See: https://github.com/jpetazzo/nsenter

Install with simply running: docker run -v /usr/local/bin:/target jpetazzo/nsenter

Then use the command docker-enter <container-id> to enter the container.

查看更多
0人赞 添加讨论(0) 举报
▲ chillily
3楼-- · 2019-01-07 01:46

Update

As of docker 0.9, for the steps below to now work, one now has to update the /etc/default/docker file with the '-e lxc' to the docker daemon startup option before restarting the daemon (I did this by rebooting the host).

update to the /etc/default/docker file

This is all because...

...it [docker 0.9] contains a new "engine driver" abstraction to make possible the use of other API than LXC to start containers. It also provide a new engine driver based on a new API library (libcontainer) which is able to handle Control Groups without using LXC tools. The main issue is that if you are relying on lxc-attach to perform actions on your container, like starting a shell inside the container, which is insanely useful for developpment environment...

source

Please note that this will prevent the new host only networking optional feature of docker 0.11 from "working" and you will only see the loopback interface. bug report

It turns out that the solution to a different question was also the solution to this one:

...you can use docker ps -notrunc to get the full lxc container ID and then use lxc-attach -n <container_id> run bash in that container as root.

Update: You will soon need to use ps --no-trunc instead of ps -notrunc which is being deprecated.

enter image description here Find the full container ID

enter image description here Enter the lxc attach command.

enter image description here Top shows my apache process running that docker started.

查看更多
0人赞 添加讨论(0) 举报
老娘就宠你
4楼-- · 2019-01-07 01:49

The "nsinit" way is:

install nsinit

git clone git@github.com:dotcloud/docker.git
cd docker
make shell

from inside the container:

go install github.com/dotcloud/docker/pkg/libcontainer/nsinit/nsinit

from outside:

docker cp id_docker_container:/go/bin/nsinit /root/

use it

cd /var/lib/docker/execdriver/native/<container_id>/
nsinit exec bash
查看更多
0人赞 添加讨论(0) 举报
女痞
5楼-- · 2019-01-07 01:50

nsenter does that. However I also needed to enter a container in a simple way and nsenter didn't suffice for my needs. It was buggy in some occasions (black screen plus -wd flag not working). Furthermore I wanted to login as a specific user and in a specific directory.

I ended up making my own tool to enter containers. You can find it at: https://github.com/Pithikos/docker-enter

Its usage is as easy as

./docker-enter [-u <user>] [-d <directory>] <container ID>
查看更多
0人赞 添加讨论(0) 举报
对你真心纯属浪费
6楼-- · 2019-01-07 01:50 
docker exec -t -i container_name /bin/bash

Will take you to the containers console.

查看更多
0人赞 添加讨论(0) 举报
不美不萌又怎样
7楼-- · 2019-01-07 01:59

With docker 1.3, there is a new command docker exec. This allows you to enter a running docker:

docker exec -it [container-id] bash
查看更多
0人赞 添加讨论(0) 举报
1 2 下一页
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)