Dockerfile preferred flag for Docker container (required due to Apache error) AWS
I would like to start a container with privileges. I can do this manually by typing:
sudo docker run -privileged name/image
But how can I generate a container from a dockerfile with privileges, is there any command for this in the dockerfile?
In my case, I am doing deployment to amazon, if it cannot be done from Dockerfile, can this be done from Dockerrun.aws.json?
PS. To give some context to this question, I need privileges in the docker container to be able to change the ulimit due to apache.
Edit:
I am not changing it locally in the container because in Docker the ulimit of the container is one of the host. This is why the change does not affect the container if I change it locally.
source to share
Running an elevated container is probably causing all sorts of security and reliability issues.
I would suggest that instead of starting an entire Docker session with elevated privileges, which could potentially mean everyone running on it will be elevated, instead you create a docker container with a modified set of numbers for the ulimit.
I'm not an expert, but the instructions for creating your own container looks clear enough, and then sudo vi /etc/security/limits.conf
in your new container, changing soft nofile
and soft nproc
, saving and then exporting the new container seems to be the way to go. Then you can start a new container with normal privilege levels.
Another option that seems to be used in many places is to run multiple container instances to avoid overload issues.
source to share