Since the 0.9 version, Docker is shipped with the libcontainer execution driver and the containers can be accessed with the nsenter util (e.g. you don't need to install SSH in a container anymore!).

Nsenter is included in the util-linux package, from version 2.23.

If your distribution has an older versione of util-linux, you can compile it:

~$ curl https://www.kernel.org/pub/linux/utils/util-linux/v2.24/util-linux-2.24.tar.gz | tar -zxf-
~$ cd util-linux-2.24
~$ ./configure --without-ncurses
~$ make nsenter
~$ sudo cp nsenter /usr/local/bin

To enter a container you need to know its pid, which can be found with docker inspect knowing its ID:

~$ PID=$(docker inspect --format '{{.State.Pid}}' CONTAINER_ID)

Using the PID you can then enter the container:

~$ sudo nsenter --target $PID --mount --uts --ipc --net --pid /bin/bash

If you don't specify which program launch inside the container, ${SHELL} is run. I prefer to specify it (/bin/bash) because I use ZSH but I don't usually want to to install it inside the containers.

blog comments powered by Disqus