VBox guest additions #284
VBox guest additions #284
Conversation
|
Is there a workaround for now? How can I manually install the vbox guest additions on the boot2docker image? |
|
The best and easiest way is to build the image yourself from the |
|
👍 @steeve you are a hero! now it will be very easy to access e.g. IP of VM and other stuff thru the GuestProperty API and on the Guest with the corresponding VBoxControl commands |
Setup HOME directory mounting using this [workaround](boot2docker/boot2docker#284). Uses an forked boot2docker shell script (based on boot2docker/boot2docker#93) but fast forward to the latest master to allow a fixed ip address for guest and host (aka localdocker). Removed Vagrant, VM is managed by VirtualBox alone.
|
For me this is the only thing that makes me keep around my custom docker environment (vagrant basically) -v is required for happy docker usage :) |
|
Can we merge this already guys ? |
|
sorry if this is super reductive, but i was playing around with this and noticed that the hardcoded guest-additions are likely to be incompatible with most folks' virtualbox installs. does it make sense to
but they both add a time-overhead over just downloading a 'working' boot2docker image, but it seems like there would almost certainly be compatibility issues between guest-addition versions (which seem to change every week or so). also i could be totally missing something. let me know if i'm approaching this in a naive way, i'm mostly trying to simplify an install of docker among a group of computers in a super heterogenous environment and this point jumped out at me. thanks for any feedback. |
|
Well, boot2docker has an amazing feature, which makes most of your concerns go away imho: the OS is read only. Obviously the guest additions evolve rapidly, but VBox versions don't get released that often. And when they do we take a good look at them. The thing is, boot2docker strives to Just WorkTM, and to provide the best experience for folks without doing anything (it's a goal 😃). Plus the added weight/complexity to the image is negligible, as we already have some VM (QEMU/VMware/VBox) detection mechanism going on to force That said, I should probably update the PR with the newly released VBox. |
|
I'm still -1 on this change in general, as it further reduces the agnosticism of boot2docker and encourages what is a fairly destructive and confusing pattern. The problem of bind mounts not working from a remote Docker client is one that's general to all instances of a Docker daemon that listens non-locally, so I firmly believe the "proper" solution to this needs to (and indeed will, given time) come from the Docker side. Just my 2¢. |
|
@tianon has this been raised as a Docker issue then? |
|
Absolutely, this is being discussed in moby/moby#4023. |
|
+1 |
|
Sorry to step in, but I've run these commands using the 0.7 boot2docker image linked to along with the 0.7 boot2docker script and I just get (on the final step): "modprobe: module vboxsf not found in modules.dep" I understand this has something to do with having the VBAdditions available, but I'm unable to figure out how to install this or enable it. NB. I've also built using the Dockerfile in the commit (which seems successful), but leads to the same problem. I'm building on a Mac and some poking around seems to suggest VBAdditions isn't available for OSX. Can anyone suggest a solution until this is merged? |
|
I think you may not be booting from the right ISO file— On Mon, Apr 14, 2014 at 9:44 AM, Ian Wootten notifications@github.com
|
|
For those willing to automate to the maximum this workaround and are fine with maintaining a custom image, I recommend adding (Note that this is simply a slight variation of what's suggested in the issue description, removing the need to resolve |
|
What are the steps required to build a 'custom' iso like the one posted above under 'steeve's first comment: Can this somehow be done 'scripted', or automated to the maximum, as bjaglin called it above, by using a Dockerfile somehow? |
|
@TheBigBear producing a custom iso is a fairly documented and simple process: https://github.com/boot2docker/boot2docker/blob/master/doc/BUILD.md |
|
Thanks bjaglin that is great and very helpful. |
|
fundamentally, we are working towards not doing sharing this using vbox specific extensions. instead, the solution will come from either docker itself, or using a network shared volume container - see https://github.com/SvenDowideit/dockerfiles/blob/master/samba/Dockerfile for what I use to share my boot2docker tools with my Windows desktop. bind-mounting a directory that is actually located remotely to the docker daemon is both risky and slow, whereas using network shared volume containers matches much more closely what you would do in deployment. |
|
I'm a Mac user and really hoping an easy way of using docker with it. My development heavily relies on Virtualbox VM's and I want to convert it to docker containers. I can't make use of docker just because of this sharing folders issue. Is there a plan to solve this in near releases? |
|
Same here. @tunix Using https://github.com/noplay/docker-osx in the meanwhile works out for me. |
|
OK, I am too new to docker to really know or understand how this all works together , just yet. But I have seen enough (mainly Mac) people's posts, and I am also one of them, that would like (even if it's temporary) a virtual box shared file integration. The main question I have on this I think is how do I work a single Dockerfile so I can have the combination of these two manual lines: $ sudo docker build -t boot2docker/boot2docker:base base/ I believe that once I understand how to do that, I think I can then "merge" all those pieces and instructions together into one final Dockerfile. (hopefully) Thanks for a quick sample Dockerfile that achives the above two manual steps with a single Dockerfile? |
Sure, but that doesn't stop users from accidentally allowing this with a I'll move discussion over to the other issue. |
|
Pardon my ignorance but if Docker running on Linux directly allows you to share whatever (what I understand from @bfirsh comment above) and therefore is OK running nasty |
|
@steeve no, you are not going to merge this. b2d 1.3.0 will solve it properly, and we do not have time to test all the problems it will cause before 1.2.0 is released. see boot2docker/boot2docker-cli#202 for the plan. |
|
one particularly scary user-story I told the other day, is when someone installs b2d on their family computer to try out some SW that can be run using it, then days later is finished, and forgets all about it. for the next 5 years, b2d is running (for some auto-start at boot time reason), and therefore is not updated to fix what we missed - then someone else clicks a link in an email that gets around a tls impl issue and hands the magically run container the docker socket
boot2docker is already a tool that can be used by non-developers - and there will be more all the time. |
|
You cannot protect people who are willing to copy and paste from the
|
|
@SvenDowideit, in any computer security discussion, the first thing is to define a threat model. Because, will boot2docker protect users against NSA as well? |
@wavded Well, this is why Sven says he runs boot2docker when working with Docker in Linux as well. It provides an additional layer of security should something wonky happen. Additionally on Linux you have to deliberately add the user to the
@1mentat Sure you can. This is why Facebook attempts to mitigate attacks made by tricking people into copy-pasting malicious JavaScript into their URL bar. Just because someone will always fall for tricks doesn't mean you shouldn't even try. Even people who know better copy-paste commands and code from the Internet from time to time. Not to mention that's not the only attack surface, there are a huge variety of attacks and if a Docker exploit comes out tomorrow we're all going to be very glad we have a VM sitting between Docker and our "real" computer.
If only. Keep in mind everyone that most likely the solution implemented will allow you to share your home directory if you want to, but it won't do that by default. Being vulnerable should be "opt-in" not "opt-out". |
|
@SvenDowideit alright, closing then. |
|
Just so other people don't have to scroll around to find it, here is the new issue: |
|
I'm pretty sure we're going to need this if we do some kind of directory sharing as described in boot2docker/boot2docker-cli#202. |
Vulnerable to whom and for what? Again, what is a threat model? |
|
This has now been reopened as #534. (Just so you all get a notification!) |
|
VirtualBox Guest Additions are unusable/slow for project with lots of small files ( tested with 17K files ). Is it just me? I created Hodor github.com/gansbrest/hodor to streamline dev workflow for Mac and Linux. Let me know what you guys think. |
|
@gansbrest @dduportal Yeah. You are not alone. Had the same problem. :( |
|
@gansbrest @dduportal is there a workaround for the VBox guest addition horrible performance issue? I haven't looked at hodor yet. |
|
@jmreicha hodor! )) |
|
hi, any news for this, i'm use docker1.7 but still have same problem. please help. |
|
@nathan-zhu no single solution yet. The performance issue isn't related to Docker itself, just the VBox guest additions. You can find some alternative approaches in the discussion above though, that might help in your situation. However, the Docker 1.7 "experimental build" offers "Volume Drivers" (see https://github.com/docker/docker/blob/master/experimental/plugins_volume.md), which could potentially open up some possibilities (for example, see moby/moby#13420 (comment)) |
|
@nathan-zhu Check out https://github.com/synack/docker-rsync. It's pretty experimental though. |
|
@nathan-zhu I guess I still have to recommend Hodor (https://github.com/gansbrest/hodor) for now for fast bidirectional sync through Unison. |
|
Hi, Windows 7 Do you have an example to use it on windows? I'm using Vagrant and docker as a provider. |
|
When I run |
|
Hello @ehernandez-xk !
For now, I strongly recommend you to stay on Vagrant 1.8.1 and VirtualBox 5.0.x line, since Vagrant support of VBox 5.1.x landed on... vagrant 1.8.2... |
|
Thank you @dduportal |
This is a PR in response to #282.
It adds ~400kb to the unpacked system.
Please discuss wether vboxsf are a good option of not in #282, not here.
Add a shared folder to the VM:
Now mount the folder inside the VM:
You can now run
docker -vtransparently as long as the volume is inside$HOME.A test ISO based on 0.7 is at https://dl.dropboxusercontent.com/u/12014139/boot2docker.iso