-3

I need to access a USB Device from a docker container running in Kubernetes. In order to do this I need to have an image with drivers inside. I also need to guarantee that I have OpenJDK 8 64 bit installed to run the app. I am using OpenJDK:alpine base image Here is how I install on a host:

sudo apt-get install pcscd 
sudo apt-get install pcsc-tools // same as pcsc-lite                                    
// For OMNIKEY for driver Then unpack the file and run the installer:
cd /home/cccam/ifdokccid_lnx_x64-3.7.0/ 
chmod 755 install
sudo ./install

Tried it without the drivers installed in the image and accessing using hostPath volumes and it does not work.

Average Bear
  • 191
  • 1
  • 3
  • 13
  • Hi Average Bear, welcome to SO. Are you running the container with `securityContext: privileged: true`, because otherwise I don't believe docker allows accessing host devices. Have you tried accessing that USB device using `docker` but outside of kubernetes, to ensure what you are trying is even possible? And, finally, what does "does not work" mean -- error? nothing happens? hangs? sparks fly out of your ethernet port? what? – mdaniel Nov 02 '19 at 05:31
  • Good questions. So basically it does not see see the card reader. Now this behavior also happens on the host machine unless OpenJDK 8 64 bit JVM is used. For example if I use Oracle 8 JVM and run standalone right on the host it also wont reach the OMNIKey card reader. The reason is I am using javax.cardio to access and it varies from JVM to JVM what is supported. – Average Bear Nov 02 '19 at 05:52
  • Having said that I have heard from some experienced kubernetes folks that it is necessary to have any non-kernal drivers in the container and not just on the host. – Average Bear Nov 02 '19 at 05:56
  • So I have two pieces of software to make this work one is pcsc lite because this is a character device. I dont know if this is kernal driver but I had to install using apt. The other one is clearly not a kernal driver but from OMNIKey. – Average Bear Nov 02 '19 at 05:57
  • PCSC-Lite might not be a driver but some type of middleware for character devices .. https://pcsclite.apdu.fr – Average Bear Nov 02 '19 at 06:00
  • The problem is tough but no need for downvoting! – Average Bear Nov 02 '19 at 06:02
  • Accessing hardware devices from Kubernetes doesn't usually make sense: part of the point of Kubernetes is that you have multiple nodes, and can easily add and remove nodes, so if a pod gets scheduled on a node that doesn't have the device you're expecting things can get confusing. – David Maze Nov 02 '19 at 09:38
  • 1
    I'd suggest editing your question to add some of these details from comments into the question itself. If the problem is that you can't see the corresponding character device, how have you tried to make it visible to the container/pod? Can you include the `docker run` command or Kubernetes deployment spec you're using? [ask] in the SO Help Center has some more suggestions on writing good questions. – David Maze Nov 02 '19 at 09:41
  • @DavidMaze so David how do you know I have not already asked people very experienced and been told that i need the drivers in the container and not on the host. As far as why one would do this there are a bunch of reasons one of them being that time to call a service outside the cluster and the need for HA. Both are reasonable approaches. My question was not about architectural advice its very specific. How do I load these drivers into the container. – Average Bear Nov 02 '19 at 10:12
  • Obviously loading drivers into the container is not something I am doing for fun. I am doing it because its needed. – Average Bear Nov 02 '19 at 10:13
  • I think here is another question along the same line but not exactly the same: https://stackoverflow.com/questions/28641128/where-to-install-device-drivers-to-make-docker-recognize-the-device and frankly not fully answered – Average Bear Nov 02 '19 at 10:17
  • 1
    https://github.com/linuxserver/docker-oscam might help you – oktapodia Nov 02 '19 at 11:10
  • @oktapodia that looks interesting. Node is on Ubuntu 18.04 I wonder if I need base image also based on ubuntu or not ... – Average Bear Nov 03 '19 at 10:02

1 Answers1

1

Elementary my dear Watson! Just run the scripts as command:

FROM openjdk:11
VOLUME /tmp
RUN 
sudo apt-get install pcscd 
sudo apt-get install pcsc-tools
ARG DEPENDENCY=target/dependency

ENTRYPOINT ["java","- 
cp","app:app/lib/*","com.mygroup.myapp.MyApp" .  ]
Average Bear
  • 191
  • 1
  • 3
  • 13