Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Docker operation method and device, server and storage medium

An operation method and technology of operation instructions, applied in the direction of program control devices, instruments, program control design, etc., can solve problems such as poor security and user data leakage, and achieve the effect of strengthening management, improving security, and avoiding leakage risks.

Pending Publication Date: 2021-09-24
DAWNING INFORMATION IND BEIJING
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] However, because Docker's own mechanism is authorization or trust, users with Docker command permissions have all the permissions of Docker, that is, users in the Docker group can access any other user's container, there is a risk of user data leakage, and the security is extremely poor

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Docker operation method and device, server and storage medium
  • Docker operation method and device, server and storage medium
  • Docker operation method and device, server and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0033] figure 1 It is a flow chart of a Docker operation method provided by Embodiment 1 of the present invention. This embodiment is applicable to a situation where a non-Docker user group user executes a corresponding operation in Docker through a Docker command in a multi-user environment. The method can Executed by the operating device of Docker in the embodiment of the present invention, the device can be implemented by software and / or hardware, and integrated in a server, typically, it can be integrated in a management server equipped with a Linux system. The method specifically includes the following steps :

[0034] S110. When the operation instruction issued by the target user is obtained, judge whether the operation instruction is a virtual Docker command; wherein, the virtual Docker command is different from the Docker command, and the target user includes a non-Docker user group user.

[0035]A Docker command consists of at least two identification information, na...

Embodiment 2

[0051] figure 2It is a flowchart of a Docker operation method provided by Embodiment 2 of the present invention. This embodiment is embodied on the basis of the above technical solution. In this embodiment, the operation type of the operation instruction is determined to be container access. The method Specifically include:

[0052] S210. When the operation instruction issued by the target user is obtained, judge whether the operation instruction is a virtual Docker command; wherein, the virtual Docker command is different from the Docker command, and the target user includes a non-Docker user group user; perform S220.

[0053] S220. If it is determined that the operation instruction is a virtual Docker command, determine whether the operation instruction is valid; execute S230.

[0054] S230. If it is determined that the operation instruction is valid, determine the operation type of the operation instruction according to the operation identifier of the operation instructio...

Embodiment 3

[0067] image 3 A flowchart of a Docker operation method provided by Embodiment 3 of the present invention. This embodiment is embodied on the basis of the above-mentioned technical solution. In this embodiment, judging whether the operation command is valid includes judging whether the target user is a virtual Docker user group user, and judging whether there is an identical target operation identification with the operation identification of the operation instruction in the operation identification of at least one target Docker command, the method specifically includes:

[0068] S310. Create a virtual Docker user group; execute S320.

[0069] S320. Encapsulate at least one target Docker command through an encapsulation script; wherein, the encapsulation script includes an encapsulation identifier; perform S330.

[0070] S330. Obtain an operation instruction issued by the target user; wherein, the target user includes a user who is not in the Docker user group; perform S340....

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The embodiment of the invention discloses a Docker operation method and device, a server and a storage medium, and the method comprises the steps: judging whether an operation instruction is a virtual Docker command when the operation instruction sent by a target user is obtained; wherein the virtual Docker command is different from the Docker command, and the target user comprises a non-Docker user group user; if it is determined that the operation instruction is the virtual Docker command, judging whether the operation instruction is valid; and if it is determined that the operation instruction is valid, setting a temporary Docker permission for the target user, and responding to the operation instruction through the Docker. According to the method provided by the embodiment of the invention, the operation of the users in the non-Docker user group on the Docker is realized, the convenience of Docker operation is improved, the leakage risk of user data is avoided, and the safety of the Docker is greatly improved.

Description

technical field [0001] The embodiment of the present invention relates to the field of software development, and in particular to a Docker operation method, device, server and storage medium. Background technique [0002] Docker is an open source application container engine. Because it is based on the sandbox mechanism and there is no communication interface between them, the performance overhead is extremely low. At the same time, it is independent of language and framework, so it is widely used in software programs. In development. [0003] The execution of the Docker command needs to connect to the Unix Socket file (ie " / var / run / docker.sock" file) used by the Docker, and the access rights of this file are strictly controlled. In the prior art, if you want to give the user the Docker permission to To manage your own container, you usually add the user to the Docker user group. [0004] However, because Docker's own mechanism is authorization or trust, users with Docker ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F9/455
CPCG06F9/45558G06F2009/45562G06F2009/45583G06F2009/45587
Inventor 原帅郝文静张涛吕灼恒
Owner DAWNING INFORMATION IND BEIJING
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products