TWpower Reading time ~1 minute

Run privileged mode container in Docker or Kubernetes Pod


Environment and Prerequisite

  • Linux base system
  • Bash shell(/bin/bash)
  • Docker
  • Kubernetes


Run Privileged Mode

What is Privileged Mode?

--cap-add: Add Linux capabilities
--cap-drop: Drop Linux capabilities
--privileged=false: Give extended privileges to this container
--device=[]: Allows you to run devices inside the container without the --privileged flag.
  • By default, Docker containers are “unprivileged” and cannot, for example, run a Docker daemon inside a Docker container. This is because by default a container is not allowed to access any devices, but a “privileged” container is given access to all devices.
  • By using docker run --privileged, container can not only access to all hosts devices but also use most of host computer’s kernel functions. You can use like systemctl program or run docker daemon in docker container.
  • You can add or drop needed linux kernel(host) capabilities by using --cap-add and --cap-drop options. There are many option values in docker official page.


Docker Container Privileged Mode Usage

  • Give --privileged option when running container.
sudo docker run --privileged [IMAGE NAME] [OTHER OPTIONS...]

Docker Container Privileged Mode Example

  • Download CentOS image and use systemctl command
  • /sbin/init should be run before using systemctl
# Run docker container in privileged mode
# Run "/sbin/init" command in background
$ sudo docker run -d --privileged --name centos-example centos /sbin/init

# Access to docker container
$ sudo docker exec -it centos-example /bin/bash

# Run systemctl command
$ systemctl -a
...


Kubernetes Pod Container Privileged Mode Usage

  • Add securityContext with privileged: true option to Pod YAML file.
  • Examples are from openstack-helm and official page.
...
containers:
  - name: pod-name
    image: image-name
    securityContext:
      privileged: true
...

Kubernetes Pod Container Privileged Mode Example

apiVersion: v1
kind: Pod
metadata:
  name: privileged-pod
spec:
  containers:
    - name:  pause
      image: k8s.gcr.io/pause
      securityContext:
        privileged: true


Reference

TWpower Reading time ~1 minute

원격에 있는 스크립트를 받아서 바로 실행해보자.


환경

  • Linux 기반 시스템
  • Bash shell(/bin/bash)
  • url을 보시면 스크립트 내용을 확인할 수 있습니다. 해당 링크는 GitHub Gist입니다.


curl을 이용해 원격에 있는 쉘스크립트를 받아서 실행

(방법1) 리다이렉션(Redirection) 이용하기

형태

bash <(curl -s [URL])

예제

bash <(curl -s https://gist.githubusercontent.com/TWpower/1c3e78ef762d493f6df3033f30165afc/raw/55688b960b8d31f2185d3dbfe80c6815efd4a47a/remote-sh-test.sh)


(방법2) 파이프(Pipe) 이용하기

형태

curl -s [URL] | bash -s arg1 arg2 arg3 ...

예제

curl -s https://gist.githubusercontent.com/TWpower/1c3e78ef762d493f6df3033f30165afc/raw/55688b960b8d31f2185d3dbfe80c6815efd4a47a/remote-sh-test.sh | bash -s

# With sudo
echo [!!PASSWORD!!] | sudo -S curl -s https://gist.githubusercontent.com/TWpower/8fb35a2bdc297ef897cf6f3aae5a6598/raw/f988316bb7a4ef9ba9551593e4b472b609b2865b/remote-sh-sudo-test.sh | bash -s


참고자료

TWpower Reading time ~1 minute

Run remote shell script in local computer.


Environment and Prerequisite

  • Linux base system
  • Bash shell(/bin/bash)
  • You can see script content in url. It is code on GitHub Gist.


Down and run remote shell script in local by using curl

(Method1) Use Redirection

Usage

bash <(curl -s [URL])

Example

bash <(curl -s https://gist.githubusercontent.com/TWpower/1c3e78ef762d493f6df3033f30165afc/raw/55688b960b8d31f2185d3dbfe80c6815efd4a47a/remote-sh-test.sh)


(Method2) Use Pipe

Usage

curl -s [URL] | bash -s arg1 arg2 arg3 ...

Example

curl -s https://gist.githubusercontent.com/TWpower/1c3e78ef762d493f6df3033f30165afc/raw/55688b960b8d31f2185d3dbfe80c6815efd4a47a/remote-sh-test.sh | bash -s

# With sudo
echo [!!PASSWORD!!] | sudo -S curl -s https://gist.githubusercontent.com/TWpower/8fb35a2bdc297ef897cf6f3aae5a6598/raw/f988316bb7a4ef9ba9551593e4b472b609b2865b/remote-sh-sudo-test.sh | bash -s


Reference

TWpower Reading time ~1 minute

특정 디렉토리에서 파일이나 폴더를 검색하고 보여줄 수 있는 find 명령어를 사용해보자


환경

  • Linux 기반 시스템
  • Bash shell(/bin/bash)


find란?

find

  • find: 디렉토리 계층에 있는 파일들과 폴더들을 나열해줍니다.
  • 하단 예시 참조
# Basic Usage
$ find [-H] [-L] [-P] [-D debugopts] [-Olevel] [starting-point...] [expression]

# Example1
$ find .
.
./test2.txt
./test_in
./test_in/another_test.txt
./pid_test_shell.sh
./test.txt
./tools

# Example2
$ find ./ -name "*.txt"
./test2.txt
./test_in/another_test.txt
./test.txt

# Example3
# -L option follow symbolic link
$ find -L ./ -name "*.sh"
./pid_test_shell.sh
./tools/upgrade_packages.sh
./tools/run_jupyter_notebook.sh
./tools/install_packages.sh


예시

grep을 이용해 원하는 파일 찾기

  • Pipe와 grep 명령어를 이용
  • find path | grep file_name
$ find . | grep test.txt
./anaconda3/pkgs/pylint-1.7.4-py36hb9d4533_0/lib/python3.6/site-packages/pylint/test/functional/using_constant_test.txt
./anaconda3/lib/python3.6/site-packages/pylint/test/functional/using_constant_test.txt
./test/test_in/another_test.txt
./test/test.txt
./.pyenv/versions/3.5.3/lib/python3.5/test/test_doctest.txt
./.pyenv/versions/3.5.2/lib/python3.5/test/test_doctest.txt
./.pyenv/versions/3.6.1/lib/python3.6/test/test_doctest.txt


파일명을 이용해 파일 찾기

  • 명령어와 함께 -name을 이용
  • find path -name file_name
$find . -name test.txt
./test/test.txt


symbolic를 따라가서 탐색하기

  • 명령어와 함께 -L 옵션을 이용
$ ls -l
total 16
-rwxrwxr-x 1 twpower twpower  119 May  6 18:36 pid_test_shell.sh
-rw-rw-r-- 1 twpower twpower    8 May  6 18:30 test2.txt
drwxrwxr-x 2 twpower twpower 4096 May 26 23:31 test_in
-rw-rw-r-- 1 twpower twpower   84 May  6 18:31 test.txt
lrwxrwxrwx 1 twpower twpower   20 May 26 14:53 tools -> /home/twpower/tools/

$ find ./ -name "*.sh"
./pid_test_shell.sh

$ find -L ./ -name "*.sh"
./pid_test_shell.sh
./tools/upgrade_packages.sh
./tools/run_jupyter_notebook.sh
./tools/install_packages.sh


xargs를 이용해 파일의 내용 검색하기

  • 다음처럼 find, pipe, xargs 그리고 grep 명령어를 이용합니다.
  • find . -name "*.txt" | xargs grep "He"
$ find . -name "*.txt" | xargs grep "He"
./test2.txt:Hello
./test2.txt:Hellot
./test2.txt:tHello


참고자료

TWpower Reading time ~1 minute

Use find command in specific directory(path) to find file or directory


Environment and Prerequisite

  • Linux base system
  • Bash shell(/bin/bash)


What is find?

find

  • find: search for files in a directory hierarchy
  • Below are examples of find command usages
# Basic Usage
$ find [-H] [-L] [-P] [-D debugopts] [-Olevel] [starting-point...] [expression]

# Example1
$ find .
.
./test2.txt
./test_in
./test_in/another_test.txt
./pid_test_shell.sh
./test.txt
./tools

# Example2
$ find ./ -name "*.txt"
./test2.txt
./test_in/another_test.txt
./test.txt

# Example3
# -L option follow symbolic link
$ find -L ./ -name "*.sh"
./pid_test_shell.sh
./tools/upgrade_packages.sh
./tools/run_jupyter_notebook.sh
./tools/install_packages.sh


Examples

Find file using with grep

  • Use pipe and grep command
  • find path | grep file_name
$ find . | grep test.txt
./anaconda3/pkgs/pylint-1.7.4-py36hb9d4533_0/lib/python3.6/site-packages/pylint/test/functional/using_constant_test.txt
./anaconda3/lib/python3.6/site-packages/pylint/test/functional/using_constant_test.txt
./test/test_in/another_test.txt
./test/test.txt
./.pyenv/versions/3.5.3/lib/python3.5/test/test_doctest.txt
./.pyenv/versions/3.5.2/lib/python3.5/test/test_doctest.txt
./.pyenv/versions/3.6.1/lib/python3.6/test/test_doctest.txt


Find file using file name

  • Use command with -name
  • find path -name file_name
$find . -name test.txt
./test/test.txt


  • Use command with -L
$ ls -l
total 16
-rwxrwxr-x 1 twpower twpower  119 May  6 18:36 pid_test_shell.sh
-rw-rw-r-- 1 twpower twpower    8 May  6 18:30 test2.txt
drwxrwxr-x 2 twpower twpower 4096 May 26 23:31 test_in
-rw-rw-r-- 1 twpower twpower   84 May  6 18:31 test.txt
lrwxrwxrwx 1 twpower twpower   20 May 26 14:53 tools -> /home/twpower/tools/

$ find ./ -name "*.sh"
./pid_test_shell.sh

$ find -L ./ -name "*.sh"
./pid_test_shell.sh
./tools/upgrade_packages.sh
./tools/run_jupyter_notebook.sh
./tools/install_packages.sh


Search file contents using with xargs

  • Use find, pipe, xargs and grep command.
  • find . -name "*.txt" | xargs grep "He"
$ find . -name "*.txt" | xargs grep "He"
./test2.txt:Hello
./test2.txt:Hellot
./test2.txt:tHello


Reference