Deploying Applications in a Container
To enable the commercial cryptography application in a common container, you only need to map some device files to the container and integrate libsdf.so into the container.
- Start the container.
1 2
docker run -it --mount type=bind,source=/var/itrustee/teecd,target=/var/itrustee/teecd,readonly --device /dev/teelog:/dev/teelog:wr --device /dev/tc_ns_cvm:/dev/tc_ns_cvm:wr -d <demo_image> docker logs -f <container_id>
- To enable a container to run the cryptographic module, map the following devices to the container.
- --mount type=bind,source=/var/itrustee/teecd,target=/var/itrustee/teecd,readonly
- --device /dev/teelog:/dev/teelog:wr
- --device /dev/tc_ns_cvm:/dev/tc_ns_cvm:wr
- demo_image is the customer container image, which can be a basic openEuler container image.
- To enable a container to run the cryptographic module, map the following devices to the container.
- Copy necessary files to the container.
docker cp /lib64/libsdf.so <container_id>:/lib64/ docker cp /lib64/libteec.so <container_id>:/lib64/ docker cp /lib64/libboundscheck.so <container_id>:/lib64/ docker cp /bin/tlogcat <container_id>:/bin/
- Run the cryptographic module applications in the container, which is the same as running them on the host.
Parent topic: Developer Guide