Alpine Linux运行Distrobox
快速起步
备注
Distrobox 使用 docker.io 镜像仓库,该仓库被 GFW屏蔽 ,所以需要先设置代理环境变量:
export http_proxy="http://192.168.1.20:3128"
export HTTP_PROXY="http://192.168.1.20:3128"
export https_proxy="http://192.168.1.20:3128"
export HTTPS_PROXY="http://192.168.1.20:3128"
创建debian系统容器:
distrobox create --name debian-dev --init --image debian:latest
如果要创建一个全功能包含 Systemd进程管理器 的容器(类似LXC):
distrobox create --name test --init --image debian:latest \
--additional-packages "systemd libpam-systemd pipewire-audio-client-libraries"
启动并进入创建的
debian-dev容器:
distrobox enter debian-dev
这里会长时间卡在 Installing basic packages... :
Starting container... [ OK ]
Installing basic packages...
我最初以为死机了或者容器有异常,实际上这个安装包过程非常耗费时间,原因是debian仓库 deb.debian.org 从国内访问非常缓慢,整个更新安装过程需要较长时间
要验证容器是否正常,可以使用 podman 工具:
检查运行容器:
podman ps
可以看到正在运行的容器 debian-dev :
debian-devCONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e81f86ac51bd docker.io/library/debian:latest --verbose --name ... 17 minutes ago Up 17 minutes debian-dev
通过
podman logs -f可以持续检查容器日志,其中不断滚动的安装命令显示该debian-dev正在 缓慢 更新系统:
podman logs -f debian-dev
可以看到输出信息中安装软件包进度
+ stat /run/host/etc/shadow
+ stat -c %u /run/host/etc/shadow
+ [ 65534 = 0 ]
+ [ -f /run/host/etc/locale.conf ]
+ [ -f /run/host/etc/default/locale ]
+ [ -z ]
+ HOST_LOCALE=en_US.UTF-8
+ HOST_LOCALE_ENCODING=UTF-8
+ HOST_LOCALE_LANG=en_US
+ [ -n ]
+ printf distrobox: Installing basic packages...\n
distrobox: Installing basic packages...
+ basename sh
+ shell_pkg=sh
+ [ sh = ash ]
+ missing_packages=0
...
+ apt-get install -y apt-utils bash bash-completion bc bzip2 curl dialog diffutils findutils gnupg gnupg2 gpgsm hostname iproute2 iputils-ping keyutils less libcap2-bin libegl-mesa0 libegl1 libgl1 libglx-mesa0 libkrb5-3 libnss-mdns libnss-myhostname libvte-2.91-common libvte-common libvulkan1 locales lsof man-db manpages mesa-vulkan-drivers mtr ncurses-base openssh-client passwd pigz pinentry-curses procps rsync sudo tcpdump time traceroute tree tzdata unzip util-linux wget xauth xz-utils zip
...
ssh访问
在 Disgrobox运行Debian 容器中需要外部能够访问需要创建容器时设置端口映射:
distrobox create --name debian-dev --init --image debian:latest --additional-flags "--publish 2222:22"
备注
默认创建的 distrobox 容器内部有一个 sshd 进程,但是不是常规的 openssh-server ,似乎是一个 ssh agent:
nobody 2400 0.0 0.0 6736 3856 ? S Nov02 0:00 sshd: /usr/sbin/sshd [listener] 0 of 10-100 startups
没有监听端口22
需要在容器内部安装
openssh-server: Disgrobox运行Debian容器中ssh服务
异常排查
我在启用了端口映射 --publish 2222:22 之后:
distrobox create --name debian-dev --init --image debian:latest --additional-flags "--publish 2222:22"
发现
distrobox enter debian-dev显示初始化失败:
Starting container... [ OK ]
Installing basic packages... [ OK ]
Setting up devpts mounts... [ OK ]
Setting up read-only mounts... [ OK ]
Setting up read-write mounts... [ OK ]
Setting up host's sockets integration... [ OK ]
Integrating host's themes, icons, fonts... [ OK ]
Setting up distrobox profile... [ OK ]
Setting up sudo... [ OK ]
Setting up user's group list... [ OK ]
Setting up init system... [ OK ]
Firing up init system...
Container Setup Failure!
由于底层是 podman 所以需要使用 podman logs 来检查容器内部日志:
podman logs 检查容器日志podman logs -f debian-dev
可以看到由于tty0没有权限打开导致失败:
podman logs 检查容器日志看到 Fail to open /dev/tty0systemd 257.8-1~deb13u2 running in system mode (+PAM +AUDIT +SELINUX +APPARMOR +IMA +IPE +SMACK +SECCOMP +GCRYPT -GNUTLS +OPENSSL +ACL +BLKID +CURL +ELFUTILS +FIDO2 +IDN2 -IDN +IPTC +KMOD +LIBCRYPTSETUP +LIBCRYPTSETUP_PLUGINS +LIBFDISK +PCRE2 +PWQUALITY +P11KIT +QRENCODE +TPM2 +BZIP2 +LZ4 +XZ +ZLIB +ZSTD +BPF_FRAMEWORK +BTF -XKBCOMMON -UTMP +SYSVINIT +LIBARCHIVE)
Detected virtualization podman.
Detected architecture x86-64.
Welcome to Debian GNU/Linux 13 (trixie)!
Failed to open /dev/tty0, ignoring: Permission denied
Failed to create /init.scope control group: Permission denied
Failed to allocate manager object: Permission denied
[!!!!!!] Failed to allocate manager object.
Exiting PID 1...
Unable to access /dev/tty0 in a rootless container #18870 提到似乎rootless容器确实不能访问 /dev/tty*
警告
没有找到原因
睡了一觉,醒来重新创建:
distrobox rm debian-dev
distrobox create --name debian-dev --image debian-dev:latest --additional-flags "-p 2222:22"
居然就成功了
容器目录
类似 Lima: Linux Machines / Colima , distrobox 将运行 podman 容器的用户目录和 Host 主机的用户目录绑定,这样进入到容器内部以后, $HOME 目录实际上就是 Host 主机上的 $HOME 目录。这带来了文件访问的便利性。
通过 podman inspect debian-dev 可以看到存储bind的设置,其中包括 /home/admin :
bind Host主机的 /home/admin 目录...
{
"Type": "bind",
"Source": "/home/admin",
"Destination": "/home/admin",
"Driver": "",
"Mode": "",
"Options": [
"rbind"
],
"RW": true,
"Propagation": "rslave"
},
...