run apps using audio in a docker container

爱⌒轻易说出口 提交于 2019-12-17 15:26:55

问题


This question is inspired by Can you run GUI apps in a docker container?.

The basic idea is to run apps with audio and ui (vlc, firefox, skype, ...)

I was searching for docker containers using pulseaudio but all containers I found where using pulseaudio streaming over tcp. (security sandboxing of the applications)

  • https://gist.github.com/hybris42/ce429de428e5af3a344a
  • https://github.com/jlund/docker-chrome-pulseaudio
  • https://github.com/tomparys/docker-skype-pulseaudio

In my case I would prefere playing audio from an app inside the container directly to my host pulseaudio. (without ssh tunneling and bloated docker images)

Pulseaudio because my qt app is using it ;)


回答1:


it took me some time until i found out what is needed. (Ubuntu)

we start with the docker run command docker run -ti --rm myContainer sh -c "echo run something"

ALSA:
we need /dev/snd and some hardware access as it looks like. when we put this together we have

docker run -ti --rm \
    -v /dev/snd:/dev/snd \
    --lxc-conf='lxc.cgroup.devices.allow = c 116:* rwm' \
    myContainer sh -c "echo run something"`

In new docker versions without lxc flags you shoud use this:

docker run -ti --rm \
    -v /dev/snd:/dev/snd \
     --privileged \
    myContainer sh -c "echo run something"`

PULSEAUDIO:
Here we need basically /dev/shm, /etc/machine-id and /run/user/$uid/pulse. But that is not all (maybe because of Ubuntu and how they did it in the past). The envirorment variable XDG_RUNTIME_DIR has to be the same in the host system and in your docker container. You may also need /var/lib/dbus because some apps are accessing the machine id from here (may only containing a symbolic link to the 'real' machine id). And at least you may need the hidden home folder ~/.pulse for some temp data (i am not sure about this).

docker run -ti --rm \
    -v /dev/shm:/dev/shm \
    -v /etc/machine-id:/etc/machine-id \
    -v /run/user/$uid/pulse:/run/user/$uid/pulse \
    -v /var/lib/dbus:/var/lib/dbus \
    -v ~/.pulse:/home/$dockerUsername/.pulse \
    myContainer sh -c "echo run something"

In new docker versions you might need to add --privileged.
Of course you can combine both together and use it together with xServer ui forwarding like here: https://stackoverflow.com/a/28971413/2835523

Just to mention:

  • you can handle most of this (all without the used id) in the dockerfile
  • using uid=$(id -u) to get the user id and gid with id -g
  • creating a docker user with this id

create user script:

mkdir -p /home/$dockerUsername && \
echo "$dockerUsername:x:${uid}:${gid}:$dockerUsername,,,:/home/$dockerUsername:/bin/bash" >> /etc/passwd && \
echo "$dockerUsername:x:${uid}:" >> /etc/group && \
mkdir /etc/sudoers.d && \
echo "$dockerUsername ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$dockerUsername && \
chmod 0440 /etc/sudoers.d/$dockerUsername && \
chown ${uid}:${gid} -R /home/$dockerUsername



回答2:


Inspired by the links you've posted, I was able to create the following solution. It is as lightweight as I could get it. However, I'm not sure if it is (1) secure, and (2) entirely fits your use-case (as it still uses the network).

  1. Install paprefson your host system, e.g. using sudo apt-get install paprefs on an Ubuntu machine.
  2. Launch PulseAudio Preferences, go to the "Network Server" tab, and check the "Enable network access to local sound devices" checkbox [1]
  3. Restart your computer. (Only restarting Pulseaudio didn't work for me on Ubuntu 14.10)
  4. Install Pulseaudio in your container, e.g. sudo apt-get install -y pulseaudio
  5. In your container, run export "PULSE_SERVER=tcp:<host IP address>:<host Pulseaudio port>". For example, export "PULSE_SERVER=tcp:172.16.86.13:4713" [2]. You can find out your IP address using ifconfig and the Pulseaudio port using pax11publish [1].
  6. That's it. Step 5 should probably be automated if the IP address and Pulseaudio port are subject to change. Additionally, I'm not sure if Docker permanently stores environment variables like PULSE_SERVER: If it doesn't then you have to initialize it after each container start.

Suggestions to make my approach even better would be greatly appreciated, since I'm currently working on a similar problem as the OP.

References:
[1] https://github.com/jlund/docker-chrome-pulseaudio
[2] https://github.com/jlund/docker-chrome-pulseaudio/blob/master/Dockerfile

UPDATE (and probably the better solution):
This also works using a Unix socket instead of a TCP socket:

  1. Start the container with -v /run/user/$UID/pulse/native:/path/to/pulseaudio/socket
  2. In the container, run export "PULSE_SERVER=unix:/path/to/pulseaudio/socket"

The /path/to/pulseaudio/socket can be anything, for testing purposes I used /home/user/pulse.
Maybe it will even work with the same path as on the host (taking care of the $UID part) as the default socket, this way the ultimate solution would be -v /run/user/$UID/pulse/native:/run/user/<UID in container>/pulse; I haven't tested this however.




回答3:


After trying most of the solutions described here I found only PulseAudio over network to be really working. However you can make it safe by keeping the authentication.

  1. Install paprefs (on host machine):

    $ apt-get install paprefs
    
  2. Launch paprefs (PulseAudio Preferences) > Network Server > [X] Enable network access to local sound devices.

  3. Restart PulseAudio:

    $ service pulseaudio restart
    
  4. Check it worked or restart machine:

    $ (pax11publish || xprop -root PULSE_SERVER) | grep -Eo 'tcp:[^ ]*'
    tcp:myhostname:4713
    

Now use that socket:

$ docker run \
    -e PULSE_SERVER=tcp:$(hostname -i):4713 \
    -e PULSE_COOKIE=/run/pulse/cookie \
    -v ~/.config/pulse/cookie:/run/pulse/cookie \
    ...

Check that the user running inside the container has access to the cookie file ~/.config/pulse/cookie.

To test it works:

$ apt-get install mplayer
$ mplayer /usr/share/sounds/alsa/Front_Right.wav

For more info may check Docker Mopidy project.




回答4:


Assuming pulseaudio is installed on host and in image, one can provide pulseaudio sound over tcp with only a few steps. pulseaudio does not need to be restarted, and no configuration has to be done on host or in image either. This way it is included in x11docker, without the need of VNC or SSH:

First, find a free tcp port:

read LOWERPORT UPPERPORT < /proc/sys/net/ipv4/ip_local_port_range
while : ; do
  PULSE_PORT="`shuf -i $LOWERPORT-$UPPERPORT -n 1`"
  ss -lpn | grep -q ":$PULSE_PORT " || break
done

Get ip adress of docker daemon. I always find it being 172.17.42.1/16

ip -4 -o a | grep docker0 | awk '{print $4}'

Load pulseaudio tcp module, authenticate connection to docker ip:

PULSE_MODULE_ID=$(pactl load-module module-native-protocol-tcp port=$PULSE_PORT auth-ip-acl=172.17.42.1/16)

On docker run, create environment variable PULSE_SERVER

docker run -e PULSE_SERVER=tcp:172.17.42.1:$PULSE_PORT yourimage

Afterwards, unload tcp module. (Note: for unknown reasons, unloading this module can stop pulseaudio daemon on host):

pactl unload-module $PULSE_MODULE_ID

Edit: How-To for ALSA and Pulseaudio in container



来源:https://stackoverflow.com/questions/28985714/run-apps-using-audio-in-a-docker-container

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!