Commit 80795f84 authored by David Johnson's avatar David Johnson

Add DockerContainer.docker_entrypoint; improve entrypoint docs.

parent 9ea48904
......@@ -380,20 +380,34 @@ recall that the augmentation process overrides the @tt{ENTRYPOINT} and/or
that was specified for the original image. Moreover, @tt{runit} must be
run as root, but the image creator may have specified a different
@tt{USER} for processes that execute in the container. To fix these
problems, @(tb) emulates the original @tt{ENTRYPOINT} as an runit service
problems, @(tb) emulates the original (or runtime-specific) @tt{ENTRYPOINT} as an runit service
and handles several related Dockerfile settings as well: @tt{CMD},
@tt{WORKDIR}, @tt{ENV}, and @tt{USER}. The emulation preserves the
semantics of these settings, with the exception that the user-specified
semantics of these settings (see @link["https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact"]{Docker's reference on interaction between @tt{ENTRYPOINT} and @tt{CMD}}), with the exception that the user-specified
@tt{ENTRYPOINT} or @tt{CMD} is not executed as @tt{PID 1}. Only the
@tt{ENTRYPOINT} and @tt{CMD} processes run as @tt{USER}; processes
started from outside the container via @tt{docker exec} run as root.
You can customize the @tt{CMD} for each container you create by setting
the @(geni-lib "geni.rspec.igext.DockerContainer.docker_cmd" "docker_cmd")
member variable of a @tt{geni-lib}
You can customize the @tt{ENTRYPOINT} and @tt{CMD} for each container you create by setting
the @(geni-lib "geni.rspec.igext.DockerContainer.docker_entrypoint" "docker_entrypoint")
and the @(geni-lib "geni.rspec.igext.DockerContainer.docker_cmd" "docker_cmd")
member variables of a @tt{geni-lib}
@(geni-lib "geni.rspec.igext.DockerContainer" "DockerContainer")
object instance.
The @tt{runit} service that performs this emulation is named
@tt{dockerentrypoint}. If this service exits, it is not automatically
restarted, unlike most @tt{runit} services. You can start it again by
running @tt{sv start dockerentrypoint} within a container. You can also
@link["http://smarden.org/runit/"]{browse the @tt{runit} documentation}
for more examples of interacting with @tt{runit}.
This emulation process is complicated, so ifyou suspect problems, there
are logfiles written in each container that may help. The @tt{stdout}
and @tt{stderr} output from the @tt{ENTRYPOINT} and @tt{CMD} emulation
is logged to @tt{/var/log/entrypoint.log}, and additional debugging
information is logged in @tt{/var/log/entrypoint-debug.log}.
@subsection[#:tag "docker-shared-mode"]{Shared Containers}
In @(tb), Docker containers can be created in @italic{dedicated} or
......@@ -465,6 +479,8 @@ above, or by browsing the
(list "Specify what happens when you ssh to your node; must be either " @tt{direct} " or " @tt{exec} ". See " @seclink["docker-remote-access"]{the section on remote access} "."))
(list (geni-lib "geni.rspec.igext.DockerContainer.docker_exec_shell" "docker_exec_shell")
(list "The shell to run if the value of " (geni-lib "geni.rspec.igext.DockerContainer.docker_ssh_style" "docker_ssh_style") " is " @tt{direct} "; ignored otherwise."))
(list (geni-lib "geni.rspec.igext.DockerContainer.docker_entrypoint" "docker_entrypoint")
(list "Change/set the Docker " @tt{ENTRYPOINT} " option for this container; see " @seclink["docker-entrypoint-cmd"]{the section on Docker @tt{ENTRYPOINT} and @tt{CMD} handling} "."))
(list (geni-lib "geni.rspec.igext.DockerContainer.docker_cmd" "docker_cmd")
(list "Change/set the Docker " @tt{CMD} " option for this container; see " @seclink["docker-entrypoint-cmd"]{the section on Docker @tt{ENTRYPOINT} and @tt{CMD} handling} "."))
(list (geni-lib "geni.rspec.igext.DockerContainer.docker_env" "docker_env")
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment