nsinit
provides a handy way to access a shell inside a running container's namespace. This is useful for learning about how containers work, debugging your system without worrying about sshd daemons, and even hot fixes in production all you sad pandas!
:p
Running the docker daemon with the lxc driver allows you to use lxc-attach
to do this. But now that docker deafults to the new native libcontainer driver, nsinit
is probably the best way to go. jpetazzo's blog has a great high level summary.
The new issue is that the libcontainer .json format is under heavy development so you need to keep an nsinit
binary built from the exact release tag from the the docker github repo. The tricky part for me was understanding that golang is designed with certain assumptions about dependencies vs versioning with regards to when you push to master, push to a topic branch, and fork a project.