[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Running sshd in a Docker Container on Openshift




On 10 Jul 2017, at 11:55 PM, Itamar Turner-Trauring <itamar datawire io> wrote:

It is possible to run sshd on OpenShift, if other options don't work - we do it as part of the Telepresence remote debugging tool we built for OpenShift and Kubernetes (https://telepresence.io).

Here's a shortened (and untested) Dockerfile:

...

And here's run.sh:

#!/usr/bin/env sh
set -e
USER_ID="$(id -u)"
GROUP_ID="$(id -g)"

# This is a terrible hack to allow SSH login to a runtime-specified UID
echo "telepresence::${USER_ID}:${GROUP_ID}:Telepresence User:/usr/src/app:/bin/ash" >> /etc/passwd

I wouldn't say this is a terrible hack. Necessary in some cases, but not terrible.

Some of the current S2I builders use a different way of achieving the same thing by pre-loading shared libraries into applications using nss_wrapper package. Making the passwd file writable and adding an entry in startup screen is cleaner and no one has been able to identify any potential problems from making passwd file group writable. It is possible that nss_wrapper method will be replaced with way you are doing it.

Graham

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]