I've built a very basic docker container to try and proof of concept running an xterm window from inside it.
In it, I have a basic install of RHEL 7.3 and xterm
I build as normal, open xhost xhost + and then run the docker run command like so:
docker run -ti --rm -e DISPLAY=${DISPLAY} -v /tmp/.X11-unix:/tmp.X11-unix xtermDemo /bin/bash
This runs perfectly when my base host is linux. The problem is that most of the developers in my organization run with a Windows/Mac host and log into a VNC session. When running the docker image from the VNC session xterm can’t run.
Any ideas? My only hunch at the moment is that the VNC Xorg isn't being ran natively and that somehow is causing the issue.
Related
I have this Dockerfile :
FROM ubuntu:20.04
EXPOSE 80
After installing apache2 package in the container I can't acces the default page of apache from the network. Also docker is in a virtual machine with debian 10. If I try the official apache image (https://hub.docker.com/_/httpd) everything works fine but I want to know why installing it manually doesn't work.
To build the container from the image I use this command :
sudo docker run --name ubuntu -p 80:80 -it ubuntu /bin/bash
I have run the exactly same test on my virtual centos machine and found working.
I've build the image using your dockerfile and run apache installation using below command.
docker build -t ubuntu
docker run --name ubuntu -p 80:80 -it ubuntu /bin/bash
and In terminal opened by the above mentioned command, i ran the below command.
apt-get update
apt-get install apache2
service apache2 start
After that opened another ssh terminal keeping the current running as i have not run the Ubuntu container in detached mode and checked by using.
docker ps -a
and found container is running with exposing 0.0.0.0:80 and checked
curl localhost
Please make sure you have not stoped docker container before running curl command or hit in the browser as its not run in detached mode or background.
I have a host with ubuntu 20.04, and I run firefox in container from ubuntu:20.04 image.
When firefox is already started on the host: container stops immediately, new window of firefox appears, and I can see all my host browsing history, sessions and so on.
When firefox is NOT started on the host: container is running, new window of "firefox [container hash]" appears, I can see only container browsing history and sessions there (as expected). BUT when I start firefox on the host while container is still running: new window of "firefox [same container hash]" appears, and I can see only container browsing history and sessions.
If I run firefox as a different user, like
sudo -H -u some-user firefox
and having umask 077 - I've got perfect isolation and parallel running without docker, but that's not the full goal
My dockerfile:
FROM ubuntu:20.04
WORKDIR /usr/src/app
RUN apt-get update && apt-get install -y firefox
CMD firefox
Terminal history:
xhost +local:docker
docker build -t firefox .
docker create -ti -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --name ff firefox
docker start ff
I suppose this behavior of process launch from container is not really obvious and expected. Could you please explain what exactly is happening and why?
Docker container is not an isolated machine. The commands that run inside docker container are executed on the host machine (or the docker VM if using Docker for Mac).
This can be verified in the following way:
Run a command inside docker container docker exec -it <container-name> sleep 100
On the host machine, grep for this command ps -ef | grep sleep. For mac, docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh will provide a shell into the running docker VM.
On my machine:
# ps -ef | grep sleep
2609 root 0:00 sleep 100
2616 root 0:00 grep sleep
When you run a daemon, it creates a socket file in temp directory.
This file is the gateway to communication with the application.
For instance, when mysql is running in the system, it creates a socket file /var/run/mysqld/mysqld.sock which is used for communication by mysql client.
These daemons can also bind to a port, and be accessed through the network this way. These ports are simply socket connections to your application which are visible over the network.
Coming back to your question,
docker create -ti -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --name ff firefox
/tmp/.X11-unix is managing Unix-domain sockets. Since this is mounted within the container, the socket space between the container and host is shared.
When firefox is running on the host, the socket is occupied already. Thus the container fails to start
When firefox is not running on host and container is started, the socket is free and hence the container is able to start. This uses the filesystem inside container to store history etc. Thus you do not see the history from host.
If you run firefox from host now, it will simply connect to this unix socket and launch a firefox window.
I executed the, "docker pull nginx" in Windows Powershell.
On pulling it downloads an image which is in a few MB's
I have Windows 10 pro.
Then i ran nginx as below,
"docker run --name mynginx1 -P -d nginx"
Does the pull command also install nginx on my Windows machine as well ?
No - the docker pull command doesn't install anything, it just downloads the docker image locally. After the pull there's no container running on the host (which is actually a VM in Windows - slightly different if you're using docker desktop or docker-machine, but I won't get into the weeds here). The docker run command is what actually runs a container in the docker host.
I am trying to compile a "hello world" Rust program inside a Docker container and then remotely debug it using GDBServer and CLion, but I don't think gdbserver is starting correctly. When I start it, I don't get the "process started" and "listening on port..." messages I expect; I get nothing.
I have successfully done this with a Raspberry Pi on my home network, but can't get it to work when using Docker.
My ultimate goal is to deploy this Docker container on a Digital Ocean droplet and debug remotely from my local machine. For now, I've got Docker running on the local machine.
I am working on a Mac (Mojave), running Docker (v18.09), and spinning up a Docker container that is an image built from Debian with Rust and gdbserver installed. GDBServer and Rust are installed by:
# install curl (needed to install rust)
apt-get update && apt-get install -y curl gdb g++-multilib lib32stdc++6 libssl-dev libncurses5-dev
# install rust + cargo nightly
curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain nightly
I start the container with docker run --rm -it -v $(pwd):/source -p 7777:7777 schickling/rust which starts up bash by default.
Once in the container, I compile the Rust program using rustc -g -o ./program ./src/main.rs which outputs a single file: program. I can run the program fine (it only outputs Hello World).
When I run gdbserver localhost:7777 ./program inside Docker, the terminal just hangs. I've let it sit for 20 minutes. I can't connect to it from CLion, and even ping doesn't work from my Mac. I've tried adding the --debug flag which outputs my_waitpid (11, 0x0) and then hangs. I've also tried :7777, 127.0.0.1:7777, and host:7777. I've tried several different ports.
I'm not sure where my problem is. It may be that GDBServer is running and the issue is in my CLion setup, but I doubt it. I have path mappings setup and target remote args is tcp:127.0.0.1:7777. I just get Connection closed. Symbol File and Sys Root are empty, but that has worked in the past with my Raspberry Pi.
I figured out how to run my Docker container as --privileged which allows gdbserver to run correctly. I also updated some of my CLion configs and got it working.
The useful links:
https://visualgdb.com/tutorials/linux/docker/
Run gdb inside docker container running systemd
gdb does not hit any breakpoints when I run it from inside Docker container
https://github.com/mdklatt/clion-remote
My updated docker command docker run --rm -it -v $(pwd):/source -p 7777:7777 -e container=docker --privileged schickling/rust
And my Run configuration:
GDB: Bundled
'target remote' args: tcp:localhost:7777
Symbolfile: The local copy of my compiled binary (copied from Docker thanks to volumes)
Sysroot: (blank)
Pathmappings: The absolute path to my project directory in Docker, and the absolute path to the same project directory on my local machine (the same volume)
Works like a charm.
To play around with a docker image, I installed docker and ran a sample docker ubuntu image as follows. (I hope I am using terminology correctly, still a docker noob)
docker run -it ubuntu
Because gvim or anyother gui based program was not installed, by default, I did, inside the ubuntu docker container
apt-get update
apt-get install x11-apps vim-gtk
However, on running xclock I get
root#59be2b1afca0:/# xclock
Error: Can't open display: :0
root#59be2b1afca0:/#
On running gvim I get
root#59be2b1afca0:/# gvim
E233: cannot open display
Press ENTER or type command to continue
So why won't gui apps work?
Containers weren't quite designed originally for gui apps, but rather for services, workers, processes, etc.. On the other hand since containerisation is a kernel construct to isolate and dedicate resources in a more managed way which can expose ports or share volumes, and devices etc..
This means you can technically map your screen, audio, webcam devices to a container by using --device /dev/xyz when you run your docker run command:
docker run [--rm [-it]|-d] \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-e DISPLAY \
--device /dev/dri \
myimage [cmd]
I actually found an article describing this here - including audio, camera and other device mapping.
http://somatorio.org/en/post/running-gui-apps-with-docker/
Hope this helps a bit!