createCommand.withPrivileged(privilegedMode);
List<Bind> binds = new ArrayList<>(); binds.add(new Bind("//var/run/docker.sock", new Volume("/var/run/docker.sock"))); String ryukContainerId = client.createContainerCmd(ryukImage).withHostConfig(new HostConfig().withAutoRemove(true)).withExposedPorts(new ExposedPort(8080)).withPublishAllPorts(true).withName("testcontainers-ryuk-" + DockerClientFactory.SESSION_ID).withLabels(Collections.singletonMap(DockerClientFactory.TESTCONTAINERS_LABEL, "true")).withBinds(binds).withPrivileged(TestcontainersConfiguration.getInstance().isRyukPrivileged()).exec().getId(); client.startContainerCmd(ryukContainerId).exec(); InspectContainerResponse inspectedContainer = client.inspectContainerCmd(ryukContainerId).exec();
.withCapAdd(new ArrayList<>(addCapabilities)) .withCapDrop(new ArrayList<>(dropCapabilities)) .withPrivileged(privileged);
public void startNode(String id, BrowserType browserType, String nodeName, String imageId, boolean record, String containerIp) { // Create node pullImageIfNecessary(imageId, true); log.debug("Creating container for browser '{}'", id); CreateContainerCmd createContainerCmd = getClient().createContainerCmd(imageId).withPrivileged(true).withCapAdd(SYS_ADMIN).withName(nodeName); mountDefaultFolders(createContainerCmd); mountFiles(createContainerCmd); createContainerCmd.withNetworkMode("none"); Map<String, String> labels = new HashMap<>(); labels.put("KurentoDnat", "true"); labels.put("Transport", getProperty(TEST_SELENIUM_TRANSPORT)); labels.put("IpAddress", containerIp); createContainerCmd.withLabels(labels); createContainerCmd.exec(); log.debug("Container {} started...", nodeName); // Start node if stopped startContainer(nodeName); startRecordingIfNeeded(id, nodeName, record); logMounts(nodeName); logNetworks(nodeName); }
cmd.withPrivileged(conf.isPrivileged()); cmd.withNetworkMode(conf.getNetworkMode());
public void startNode(String id, BrowserType browserType, String nodeName, String imageId, boolean record, String containerIp) { // Create node pullImageIfNecessary(imageId, true); log.debug("Creating container for browser '{}'", id); CreateContainerCmd createContainerCmd = getClient().createContainerCmd(imageId).withPrivileged(true).withCapAdd(SYS_ADMIN).withName(nodeName); mountDefaultFolders(createContainerCmd); mountFiles(createContainerCmd); createContainerCmd.withNetworkMode("none"); Map<String, String> labels = new HashMap<>(); labels.put("KurentoDnat", "true"); labels.put("Transport", getProperty(TEST_SELENIUM_TRANSPORT)); labels.put("IpAddress", containerIp); createContainerCmd.withLabels(labels); createContainerCmd.exec(); log.debug("Container {} started...", nodeName); // Start node if stopped startContainer(nodeName); startRecordingIfNeeded(id, nodeName, record); logMounts(nodeName); logNetworks(nodeName); }
containerConfig.withPrivileged(privileged);
createCommand.withPrivileged(privilegedMode);
? cmd.withNetworkMode("host").withExtraHosts(extraHosts).withPrivileged(true) : cmd.withExtraHosts(extraHosts).withPrivileged(true); } else if (SystemUtils.IS_OS_LINUX || SystemUtils.IS_OS_MAC) { cmd = microservice.isRootHostAccess() ? cmd.withNetworkMode("host").withPrivileged(true) : cmd.withExtraHosts(extraHosts).withPrivileged(true);
private CreateContainerCmd getBaseCommand() { String hostDir = MesosCluster.getClusterHostDir().getAbsolutePath(); List<Bind> binds = new ArrayList<>(); binds.add(Bind.parse("/var/run/docker.sock:/var/run/docker.sock:rw")); binds.add(Bind.parse("/sys/fs/cgroup:/sys/fs/cgroup")); binds.add(Bind.parse(hostDir + ":" + hostDir)); if (getCluster().getMapAgentSandboxVolume()) { binds.add(Bind.parse(String.format("%s:%s:rw", hostDir + "/.minimesos/sandbox-" + getClusterId() + "/" + hostName, MESOS_AGENT_WORK_DIR + hostName + "/slaves"))); } CreateContainerCmd cmd = DockerClientFactory.build().createContainerCmd(getImageName() + ":" + getImageTag()) .withName(getName()) .withHostName(hostName) .withPrivileged(true) .withVolumes(new Volume(MESOS_AGENT_WORK_DIR + hostName)) .withEnv(newEnvironment() .withValues(getMesosAgentEnvVars()) .withValues(getSharedEnvVars()) .createEnvironment()) .withPidMode("host") .withLinks(new Link(getZooKeeper().getContainerId(), "minimesos-zookeeper")) .withBinds(binds.stream().toArray(Bind[]::new)); MesosDns mesosDns = getCluster().getMesosDns(); if (mesosDns != null) { cmd.withDns(mesosDns.getIpAddress()); } return cmd; }
public void startNode(String id, BrowserType browserType, String nodeName, String imageId, boolean record) { // Create node pullImageIfNecessary(imageId, true); log.debug("Creating container for browser '{}'", id); CreateContainerCmd createContainerCmd = getClient().createContainerCmd(imageId).withPrivileged(true).withCapAdd(SYS_ADMIN).withName(nodeName); mountDefaultFolders(createContainerCmd); mountFiles(createContainerCmd); if (isRunningInContainer()) { createContainerCmd.withNetworkMode("bridge"); } createContainerCmd.exec(); log.debug("Container {} started...", nodeName); // Start node if stopped startContainer(nodeName); startRecordingIfNeeded(id, nodeName, record); logMounts(nodeName); logNetworks(nodeName); listFolderInContainer(nodeName, KurentoTest.getTestFilesDiskPath()); }
public void startNode(String id, BrowserType browserType, String nodeName, String imageId, boolean record) { // Create node pullImageIfNecessary(imageId, true); log.debug("Creating container for browser '{}'", id); CreateContainerCmd createContainerCmd = getClient().createContainerCmd(imageId).withPrivileged(true).withCapAdd(SYS_ADMIN).withName(nodeName); mountDefaultFolders(createContainerCmd); mountFiles(createContainerCmd); if (isRunningInContainer()) { createContainerCmd.withNetworkMode("bridge"); } createContainerCmd.exec(); log.debug("Container {} started...", nodeName); // Start node if stopped startContainer(nodeName); startRecordingIfNeeded(id, nodeName, record); logMounts(nodeName); logNetworks(nodeName); listFolderInContainer(nodeName, KurentoTest.getTestFilesDiskPath()); }
CreateContainerResponse resp = cfgCmd.withPublishAllPorts(publishAllPorts).withPrivileged(privileged).exec(); InspectContainerResponse inspectResp = client.inspectContainerCmd(resp.getId()).exec();
createContainerCmd.withPrivileged(containerConfiguration.getPrivileged());
createContainerCmd.withPrivileged(containerConfiguration.getPrivileged());