Join our Discord Server
Collabnix
Ajeet Raina Ajeet Singh Raina is a former Docker Captain, Community Leader and Arm Ambassador. He is a founder of Collabnix blogging site and has authored more than 570+ blogs on Docker, Kubernetes and Cloud-Native Technology. He runs a community Slack of 8900+ members and discord server close to 2200+ members. You can follow him on Twitter(@ajeetsraina).

How to access Docker namespace?

1 min read

It is never recommended to install openssh-server on the container for just mere shell access. It is always suggested to keep your container lightweight rather than dumping layer after layer to Docker image. That affects the speed on which Docker containers work.

Today we are going to look at a tool called nsenter which helps in accessing the container.nsenter is a small tool allowing to enter into namespaces. Technically, it can enter existing namespaces, or spawn a process into a new set of namespaces.

Let’s try hands on with nsenter, starting with the installation of this tool.

~]# docker run -v /usr/local/bin:/target jpetazzo/nsenter
Unable to find image ‘jpetazzo/nsenter:latest’ locally
Pulling repository jpetazzo/nsenter
5b5e2a9ac1ed: Download complete
39bb80489af7: Download complete
df2a0347c9d0: Download complete
f1832acc3426: Download complete
583dc530ffc5: Download complete
d2e281974a6c: Download complete
1163cc921b8d: Download complete
ddce93d8b3b0: Download complete
e9517c1eb80c: Download complete
ff3960a5eba2: Download complete
b2679efcfacc: Download complete
c098590e3285: Download complete
5c95da16f5fc: Download complete
a573b1fe27d5: Download complete
cb98c725f79b: Download complete
a65dda0b4d00: Download complete
cd357b02e2c5: Download complete
b523f9bb0eb3: Download complete
919e39552773: Download complete
7d8d6f61f978: Download complete
Status: Downloaded newer image for jpetazzo/nsenter:latest
Installing nsenter to /target
Installing docker-enter to /target
Installing importenv to /target
[root@localhost ~]#
Let us find what containers are running currently:

[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES

There is no container running. Let’s start a container:
[root@localhost ~]# docker run -it fd44297e2ddb /bin/bash [root@10028f741e90 /]#
[root@localhost ~]#

Press Ctrl P + Q to come out of the shell without stopping the container.

Verify that the container is running now:

[root@localhost ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES
10028f741e90 centos:7 “/bin/bash” 6 seconds ago Up 5 seconds
nostalgic_bohr

Run the below command to fetch the PID for the container

[root@localhost ~]# PID=$(docker inspect –format {{.State.Pid}} 10028f741e90)

Verify if the PID variable is effective:

[root@localhost ~]# echo $PID
8480

Finally run the nsenter utility on the host machine to access the namespace:

[root@localhost ~]# nsenter –target $PID –mount –uts –ipc –net –pid
[root@10028f741e90 /]#

Here you go, entered into container shell without any hiccups.

Have Queries? Join https://launchpass.com/collabnix

Ajeet Raina Ajeet Singh Raina is a former Docker Captain, Community Leader and Arm Ambassador. He is a founder of Collabnix blogging site and has authored more than 570+ blogs on Docker, Kubernetes and Cloud-Native Technology. He runs a community Slack of 8900+ members and discord server close to 2200+ members. You can follow him on Twitter(@ajeetsraina).
«
»

Kubernetes Service External IP Stuck on Pending? Here’s How…

Arsheen Kour
Apr 19, 2024 2 min read

Navigating the Digital Highway: A Comprehensive VPN Selection Guide…

Avinash Bendigeri
Apr 19, 2024 3 min read

Error: Docker pull Intermittent TLS handshake timeout

Abraham Dahunsi
Apr 15, 2024 2 min read
Join our Discord Server