[DOCKER] How to develop in a container with --privileged and / sbin / init passed in VSCode Remote Containers

Introduction

When developing with VSCode Remote Containers, if you write a Dockerfile and say "Reopen in Container", the Docker container will start, but at this time VSCode will execute docker run. Therefore, if you start it without worrying about anything and referring to Official procedure etc., you can not add the --privileged option. You can't run systemctl on the container because you can't pass / sbin / init to ENTRYPOINT either.

In this article, as mentioned in the title, I will introduce the research process for passing --privileged and / sbin / init to docker run in the container used by VSCode Remote Containers, and the method that was realized.

0. Preface: Survey

First of all, when I investigated whether it could be done in a straightforward manner, I found that devcontainer.json in the configuration file has a parameter called "runArgs", and here I can add a parameter for docker run. Reference: devcontainer.json reference However, this method allowed me to add --privileged but not overwrite --entrypoint. When you start the docker container with "Reopen in Container" in VSCode Remote Containers, the argument of docker run is ** --entrypoint / bin / sh <your own Docker Image> -c echo Container started; trap "exit 0" "15; while sleep 1 & wait $ !; do :; done ** has been added, and it seems that the parameters written in devcontainer.json cannot overwrite this.

You can check what kind of command is flowing at startup from the log that can be seen by pressing the link in the pop-up below that is displayed during startup. image.png

Also, as explained in the following link, the --entrypoint specified in the argument takes precedence over the ENTRYPOINT and CMD written in the Dockerfile, so even if you write it in the Dockerfile, it cannot be overwritten. This is the highest priority because VSCode always appends --entrypoint to docker run as an argument. Reference: Build with Dockerfile

1. Realization procedure

Therefore, I decided to follow the steps below.

(1) First, execute "Reopen in Container" according to the procedure.

This procedure builds the Docker image and launches the container. At this time, open the log from the link in the pop-up above, find the following command in the log, and copy it.

docker run -a STDOUT -a STDERR --mount type=bind,source=<The path of your environment>,target=<The path of your environment>,consistency=cached -l vsch.quality=stable -l vsch.remote.devPort=0 -l vsch.local.folder=<The path of your environment> --entrypoint /bin/sh <Your own Docker Image> -c echo Container started ; trap "exit 0" 15; while sleep 1 & wait $!; do :; done

(2) Disconnect from the container with VSCode

The container started in (1) is not --privileged, so use VSCode to disconnect it once.

(3) Partially change the copied command

Add --privileged to the copied command and rewrite --entrypoint.

docker run -a STDOUT -a STDERR --mount type=bind,source=<The path of your environment>,target=<The path of your environment>,consistency=cached -l vsch.quality=stable -l vsch.remote.devPort=0 -l vsch.local.folder=<The path of your environment> --privileged --entrypoint /sbin/init <Your own Docker Image>

(4) Execute the above command in the local terminal

When executed, the docker container will be started according to the option (3). You can check the startup status with docker ps.

(5) Execute "Attach to Running Container" with VS Code

Next, attach the container started in (4) to VSCode. First, select "Attach to Running Container" as shown in the image below.

image.png

Next, on the screen for selecting a running container, just select the container. image.png

At this point, you can connect to the container from VSCode and open the development environment.

2. Operation check

Open the container's terminal with VSCode and try typing systemctl.

bash-4.2# systemctl
  UNIT                          LOAD   ACTIVE     SUB       DESCRIPTION
  dev-vda1.device               loaded activating tentative /dev/vda1
  -.mount                       loaded active     mounted   /
  dev-hugepages.mount           loaded active     mounted   Huge Pages File System
  dev-mqueue.mount              loaded active     mounted   POSIX Message Queue File Syste
  etc-hostname.mount            loaded active     mounted   /etc/hostname
  etc-hosts.mount               loaded active     mounted   /etc/hosts
(Since it is long below, it is omitted)

In this way, the error is resolved and you can hit it.

Finally

By following the steps to connect to the launched container from VSCode in this way, you will be able to run systemctl on VSCode Remote Containers as well. This time, it's a bit annoying, but I decided that it would be faster to run up to docker build with VSCode and find the docker run command with various options from the VSCode log. (There may be a better way, but if found, I'll add it)

As the name implies, --privileged means privilege, so you should use it systematically.

References

Recommended Posts

How to develop in a container with --privileged and / sbin / init passed in VSCode Remote Containers
How to develop from VScode in a remote destination environment or a remote destination container environment
I wanted to develop PHP with vscode remote container
How to develop and register a Sota app in Java
How to start a Docker container with a volume mounted in a batch file
[How to insert a video in haml with Rails]
How to convert A to a and a to A using AND and OR in Java
Ssh connect from container to git with VSCode Remote Container
[Docker] How to update using a container on Heroku and how to deal with Migrate Error
How to deploy VS Code Remote Containers in a docker-compose project that includes both the API and the front app
How to monitor nginx with docker-compose with datadog
How to think when you suddenly understand about generics
How to develop in a container with --privileged and / sbin / init passed in VSCode Remote Containers
Think about how to divide MVC into M and V
How to set Docker nginx
How to number (number) with html.erb
How to update with activerecord-import
[Note] How to restart the Windows container set up with docker-compose
How to think about class design (division) in a business system (1)
Mapping to a class with a value object in How to MyBatis
[Docker context] ~ How to access docker in remote environment from VScode ~
How to set up a proxy with authentication in Feign
How to make a jar file with no dependencies in Maven
How to run a job with docker login in AWS batch
How to rename a model with foreign key constraints in Rails
How to encrypt and decrypt with RSA public key in Java
How to make a Java container
How to test a private method in Java and partially mock that method
[Personal memo] How to interact with a random number generator in Java
[Rails] How to log in with a name by adding a devise name column
Starting with installing Docker on EC2 and running Yellowfin in a container
Create a program to post to Slack with GO and make it a container
How to create a server executable JAR and WAR with Spring gradle
How to make an app with a plugin mechanism [C # and Java]
How to compile Java with VsCode & Ant
How to insert a video in Rails
How to use Docker in VSCode DevContainer
How to publish a library in jCenter
How to get the ID of a user authenticated with Firebase in Swift
How to send custom metrics and events to datadog with laravel in docker-compose environment
How to ZIP a JAVA CSV file and manage it in a Byte array
How to store data simultaneously in a model associated with a nested form (Rails 6.0.0)
How to specify a tag containing a colon (:) and namespace with Nokogiri's css selector
How to build a Jenkins server with a Docker container on CentOS 7 of VirtualBox and access the Jenkins server from a local PC
How to deploy a container on AWS Lambda
How to get a heapdump from a Docker container
How to display a web page in Java
Setting to exit from Docker container with VScode
How to run a djUnit task in Ant
How to add a classpath in Spring Boot
How to update pre-built files in docker container
How to create a theme in Liferay 7 / DXP
How to implement a like feature in Rails
How to easily create a pull-down in Rails
How to build API with GraphQL and Rails
How to make a follow function in Rails
How to automatically generate a constructor in Eclipse
Create a Java (Gradle) project with VS Code and develop it on a Docker container
[Rails] [Docker] Copy and paste is OK! How to build a Rails development environment with Docker
[Personal application work memo] How to display a bar graph and a line graph in one graph
Create a private key / public key in CentOS8.2 and connect to SSH with VS Code
How to save a file with the specified extension under the directory specified in Java to the list
[Docker] How to see the contents of Volumes. Start a container with root privileges.
How to quit Docker for Mac and build a Docker development environment with Ubuntu + Vagrant
[Part 1] How to deploy Docker containers and static files with CircleCI + ECS + ECR + CloudFront
Create a Java (Maven) project with VS Code and develop it on a Docker container
How to use a structure with variable length array or bit field in Ruby-FFI
How to deal with errors in Rails s could not find a JavaScript runtime.
How to implement a circular profile image in Rails using CarrierWave and R Magick