docker 使用加密狗加密

[lpj0822]

1.完成docker使用加密狗加密 2.测试运行没有问题

[lpj0822]

需要把http://118.31.19.101:8080/software/dongle/senseshield-2.3.0.45988-x86_64.deb 安装到easy_runtime @vitahlin

[lpj0822]

使用命令

ps -ef | grep senseshield

查看到 senseshield 进程正在运行。

[lpj0822]

容器启动修改

docker run -it -v /scp/:/scp --privileged centos:latest /bin/bash

增加--privileged参数 同时需要启动容器中的进程

docker exec CONTAINER ID “./usr/lib/senseshield/senseshield

查看 运行状态

docker exec CONTAINER ID ps -aux | grep sense

[MiniBullLab]

测试带有加密狗的docker工具，出现以下报错:

Error response from daemon: could not select device driver ““ with capabilities: [[gpu]]

发现是没有安装nvidia-container-runtime的库，可以参考以下链接安装:

https://blog.csdn.net/bigdata_mining/article/details/104991349

[MiniBullLab]

安装完nvidia库后继续运行有以下错误:

Starting docker container...
Current user id: 1000
Current user name: wfw
Current group id: 1001
Current group name: docker
Starting docker container easy_runtime_wfw ...
65d46a3baa48707d4c2bd4fcde5615f8525295f2480540edc8c7a828269040b2
Runtime is not root, begin to create user...
Adding group `docker' (GID 1001) ...
Done.
usermod: user 'wfw' does not exist
chown: invalid user: 'wfw:docker'
chown: invalid user: 'wfw:docker'
Docker user create success
Check senseshield...
root        42  0.0  0.0  45848   552 ?        R    08:29   0:00 /usr/lib/senseshield/senseshield
Finished setting up EasyAi docker environment. Now you can enter with: \nbash docker_into.sh

[vitahlin]

更新下develop分支代码，然后再执行一下docker_start.sh脚本，把详细的错误内容贴出来看看。 @foww-0001

[foww-0001]

更新完后，结果如下：

Starting docker container...
Current user id: 1000
Current user name: wfw
Current group id: 1001
Current group name: docker
easy_runtime_wfw is running, stop and remove ...
easy_runtime_wfw stop and remove success...
Starting docker container easy_runtime_wfw ...
e61faec5be3702a9fa5938e1cc0c8f37516181aa41761c771ccbdf934009f0cc
Runtime is not root, begin to create user...
Adding group `docker' (GID 1001) ...
Done.
usermod: user 'wfw' does not exist
chown: invalid user: 'wfw:docker'
chown: invalid user: 'wfw:docker'
Docker user create success
Check senseshield...
root        45  0.0  0.0  45848   552 ?        R    13:48   0:00 /usr/lib/senseshield/senseshield
Finished setting up EasyAi docker environment. Now you can enter with: \nbash docker_into.sh

@lpj0822

[foww-0001]

拉取最新develop分支代码，安装完docker，运行

docker load -i easy_xxx.tar

出现报错：

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.24/images/load?quiet=0: dial unix /var/run/docker.sock: connect: permission denied

[MiniBullLab]

使用2号加密狗，运行：

 ./scripts/run/docker_start.sh

报以下错误：

Starting docker container...
Current user id: 1000
Current user name: wfw
Current group id: 1000
Current group name: wfw
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json?all=1: dial unix /var/run/docker.sock: connect: permission denied
Starting docker container easy_runtime_wfw ...
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create?name=easy_runtime_wfw: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.
Failed to start docker container "easy_runtime_wfw" based on image: easy_runtime

@lpj0822

[lpj0822]

源： https://download.docker.com/linux/ubuntu https://nvidia.github.io/libnvidia-container/stable/ubuntu18.04 https://nvidia.github.io/nvidia-container-runtime/stable/ubuntu18.04/ https://nvidia.github.io/nvidia-docker/ubuntu18.04/

@foww-0001

[foww-0001]

通过新的安装脚本ubuntu_offline_docker_install.sh进行安装，docker安装正常，docker loader正常。 而运行训练脚步出错：

bash: /usr/local/lib/python3.6/dist-packages/easy_tools/train_scripts/ClassNET_tool.sh: Permission denied

@lpj0822

[MiniBullLab]

权限问题，要重新打包

[MiniBullLab]

多用户docker_into有些问题，具体操作流程如下：

1. 加入用户lpj

   sudo adduser lpj

2. 将用户写入管理员权限
3. 通过远程ssh连接到该用户
4. 在用户下运行docker_into命令，报错：

   Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/easy_runtime_lpj/json: dial unix /var/run/docker.sock: connect: permission denied

5. 尝试运行docker_start命令，报错：

   Starting docker container...
   Current user id: 1001
   Current user name: lpj
   Current group id: 1001
   Current group name: lpj
   Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json?all=1: dial unix /var/run/docker.sock: connect: permission denied
   Starting docker container easy_runtime_lpj ...
   docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create?name=easy_runtime_lpj: dial unix /var/run/docker.sock: connect: permission denied.
   See 'docker run --help'.
   Failed to start docker container "easy_runtime_lpj" based on image: easy_runtime

   @lpj0822

[vitahlin]

拉取最新的develop分之代码，最好是在自己机器上build镜像，然后通过docker_start.sh脚本启动，我简单测试了下，应该没什么问题。 错误提示内容见doc目录：https://github.com/MiniBullLab/easy_docker/blob/develop/doc/镜像启动错误详细说明.md

[vitahlin]

@foww-0001 测试下，如果有问题开新的issue