使用VSCODE DEVCONTAINER(Debian)的Host(Mac)Docker
我在我的Mac上使用Debian 的:
FROM debian
# Create sudo user "dev"
ARG USERNAME=dev
ARG USER_UID=1000
ARG USER_GID=$USER_UID
# Create the `dev` user
# https://code.visualstudio.com/remote/advancedcontainers/add-nonroot-user
RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID -m $USERNAME \
&& apt-get update \
&& apt-get install -y sudo \
&& echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME
USER $USERNAME
# Install docker
RUN sudo apt install -y \
ca-certificates \
curl \
gnupg \
lsb-release
RUN sudo mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
RUN echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN sudo apt update
RUN sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
RUN sudo usermod -aG docker $USERNAME
I'm trying to use the host docker socket.通过使用绑定安装。
"source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind",
我在Docker Group和Docker中与Sudo合作的非根户用户:
➜ free2z git:(metarepo) ✗ groups
dev docker
➜ free2z git:(metarepo) ✗ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied
➜ free2z git:(metarepo) ✗ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9167a45c8223 vsc-free2z-597acf8d147e25327effb72c17e8d21f "/bin/sh -c 'echo Co…" 20 hours ago Up 20 hours gallant_morse
I am using a from debian in a VSCode devcontainer on my mac:
FROM debian
# Create sudo user "dev"
ARG USERNAME=dev
ARG USER_UID=1000
ARG USER_GID=$USER_UID
# Create the `dev` user
# https://code.visualstudio.com/remote/advancedcontainers/add-nonroot-user
RUN groupadd --gid $USER_GID $USERNAME \
&& useradd --uid $USER_UID --gid $USER_GID -m $USERNAME \
&& apt-get update \
&& apt-get install -y sudo \
&& echo $USERNAME ALL=\(root\) NOPASSWD:ALL > /etc/sudoers.d/$USERNAME \
&& chmod 0440 /etc/sudoers.d/$USERNAME
USER $USERNAME
# Install docker
RUN sudo apt install -y \
ca-certificates \
curl \
gnupg \
lsb-release
RUN sudo mkdir -p /etc/apt/keyrings
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
RUN echo \
"deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/debian \
$(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
RUN sudo apt update
RUN sudo apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
RUN sudo usermod -aG docker $USERNAME
I'm trying to use the host docker socket. By using a bind mount.
"source=/var/run/docker.sock,target=/var/run/docker.sock,type=bind",
My non-root user in the docker group and docker works with sudo:
➜ free2z git:(metarepo) ✗ groups
dev docker
➜ free2z git:(metarepo) ✗ docker ps
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permission denied
➜ free2z git:(metarepo) ✗ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
9167a45c8223 vsc-free2z-597acf8d147e25327effb72c17e8d21f "/bin/sh -c 'echo Co…" 20 hours ago Up 20 hours gallant_morse
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
root仍然拥有套接字,您可以将其chown到.devcontainer.json中的非root用户。
Root still owns the socket, you can chown it to the non-root user in your .devcontainer.json