Add --device flag to allow additional host devices in container#6134
Add --device flag to allow additional host devices in container#6134timthelion wants to merge 1 commit intomoby:masterfrom
Conversation
|
Just pushed a little tweek to make sure we don't end up passing around unparsed data in strings. |
|
docs LGTM |
|
@jamtur01 Oops, thanks. Fixed. |
|
Ping @crosbymichael |
|
Looks like this might need a rebase, but after a quick test using native and lxc, it worked well. |
|
Yeah this looks good. Better than the one I did. @ewindisch you should take a look too. |
|
@timthelion Here is what I had to change after a rebase from origin/master if you want to take a look or add it to your patch. calfonso@3eef699 |
|
FYI @calfonso and I are now working on a patch to add devices at runtime based on top of this work. |
|
@timthelion, @imain I've rebased off the devices3 branch and placed the devadd plumbing commit on top of it on my devadd branch (force-pushed) |
|
I just rebased and everything is still looking OK. @calfonso I hope that rebasing didn't break things for you, given that you based some commits off my work. |
|
@timthelion I rebased as well, still looks good. |
|
@timthelion have you received any out-of-band updates re this PR? |
|
needs another rebase after updating to the latest libcontainer |
|
@calfonso I have not received any news but last time I discussed this with @crosbymichael he was very aware of it, so I'm hoping that is still the case. I'll rebase soon. |
|
@calfonso . @crosbymichael just rebased and tests still seem to be passing. |
|
Ping @calfonso just rebased. Ping @SvenDowideit just changed the docs to warn about a security problem. Ping @crosbymichael @vieux when will this get merged? |
|
I'm sorry for the late review, this is very useful. ping @crosbymichael @vieux @tiborvass LGTM |
There was a problem hiding this comment.
It'd be useful to add some context to the error.
We add a --device flag which can be used like: docker run --device /dev/sda:/dev/xvda:rwm ubuntu /bin/bash To allow the container to have read write permissions to access the host's /dev/sda via a node named /dev/xvda in the container. Note: Much of this code was written by Dinesh Subhraveti [email protected] (github: dineshs-altiscale) and so he deserves a ton of credit. Docker-DCO-1.1-Signed-off-by: Timothy <[email protected]> (github: timthelion)
|
@tiborvass Is this better? |
|
Does this work for LXC also? |
|
@crosbymichael I'm not sure whether to be offended of flattered by your question ;) OF COURSE it works with lxc. What do you think that giant device refactoring PR I got through just before 1.0 was about? ;) ... Though do keep in mind that on my machine #6671 obscures this fact. Yeah, if I do |
|
Ping @tiborvass , @crosbymichael , @vieux |
|
@crosbymichael Is there any hope of me getting an ETA on this? I have a bit of a deadline coming up in a little over a month and I'd like to know if I should be waiting for this or working on a work around. |
|
#assignee=crosbymichael |
There was a problem hiding this comment.
- Need to get rid of the passive voice here. Recast to something like: You may sometimes need to expose devices directly to a container.
- Need to have single back-ticks (`) for code style in markdown. (There are multiple instances of this throughout, I'm only flagging this one.) Also, please add "The" to avoid starting a sentence with lower-case.
|
@vieux @crosbymichael I added a couple of notes to clean up the docs. Not sure how I would re-open this, however. |
|
@fredlf @crosbymichael is carrying this PR here: #6961 He'll do the modification there. Thanks |
|
Hi, @calfonso , I install docker in my host with docker info in this verson, device modifying is not supported, so what should I do, if I want to add/remove a device to the running container? Thanks! |
|
@thaJeztah , so can you tell me how can i deploy docker with source code which contains device-modifying function? |
|
@drngsl you'd have to write that, because that PR was still in a "proposal" stage, no code was written yet, afaik |
|
@drngsl that's not something I can answer for you; if you can build that, and you are comfortable running that code, then it's up to you to decide if you want to run it. But it won't be an official docker build, and it's not "supported". |
|
But I'd seriously discourage running it, I just looked at those branches, and the last modifications are over a year ago, so you'd be running a really old version of docker, that doesn't have security updates, and chances are that it will no longer work with Docker Hub when registry v1 support is removed. |
|
@thaJeztah , thanks ! |
11 participants
I know I said I was out for the weekend, but I got up early this morning, and with a bit of repasting(it's like rebasing, but for the unenlightened), I bring you:
We add a --device flag which can be used like:
To allow the container to have read write permissions to access the host's /dev/sda via a node named /dev/xvda in the container.
Docker-DCO-1.1-Signed-off-by: Timothy [email protected] (github: https://github.com/timthelion)
Big thanks to @dineshs-altiscale !