If you would like to use Docker as a non-root user, you should now consider
adding your user to the "docker" group with something like:
sudo usermod -aG docker cjeong
Remember that you will have to log out and back in for this to take effect!
To enable sshd, run: apt-get install openssh-server
For security reason, container images ship without user accounts
and without a root password.
Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.
- Brief intro to network namespaces
-
add namespace:
ip netns add BLUE
-
list namespace:
ip netns list
-
assigning network interface to network namespaces:
- one cannot assign physical network interface to a namespace -- one can only assign virtual Ethernet (veth) interfaces to a network namespace
- veth always come in pairs, connected like a tube
- create veth pair:
ip link add veth0 type veth peer name veth1
- list veth pair:
ip link list: this "listing" only shows global namespace
-
connecting veth-pair network interfaces to namespace:
ip link set veth1 netns BLUE- now veth1 interface has disappeared from global namespace and put into BLUE namespace
- so, to see veth* list the BLUE namespace
ip netns exec BLUE ip link list-
ip netns exec <namespace></namespace>: prefix to use when executing command in a namespace
- configuring network interface:
ip netns exec BLUE ifconfig veth1 10.1.1./24 up- assigns an IP address to veth1 interface and bring that interface up