OpenClaw执行命令于Docker上
创建容器
docker run -it --net=host --name OpenClaw1 --env="DISPLAY=host.docker.internal:0.0" --env="QT_X11_NO_MITSHM=1" --privileged -v C:\Users\TT\.openclaw\workspace:/home/openclaw ubuntu:noble /bin/bash其中:
- --net=host: 若无需网络连接也可设置为--net=none;
- --env="DISPLAY=host.docker.internal:0.0" --env="QT_X11_NO_MITSHM=1": 这个参数是为了利用 VcXsrv 将 Docker 内的图形界面输出到宿主机上(比如浏览器等),这一功能要求同时在宿主机上运行 VcXsrv 。VcXsrv 启动文件config.xlaunch内容参考:
<?xml version="1.0" encoding="UTF-8"?>
<XLaunch WindowMode="MultiWindow" ClientMode="NoClient" LocalClient="False" Display="-1" LocalProgram="xcalc" RemoteProgram="xterm" RemotePassword="" PrivateKey="" RemoteHost="" RemoteUser="" XDMCPHost="" XDMCPBroadcast="False" XDMCPIndirect="False" Clipboard="True" ClipboardPrimary="True" ExtraParams="" Wgl="False" DisableAC="True" XDMCPTerminate="False"/>- C:\Users\TT\.openclaw\workspace:/home/openclaw: 挂载目录;
- ubuntu:noble: 镜像名称。
然后封装为一个镜像:
docker commit OpenClaw1 openclaw_image:1安装基本工具(示例)
apt update && apt install -y git curl wget ca-certificates python3 python3-pip nodejs npm build-essential jq tree vim nano && apt clean && rm -rf /var/lib/apt/lists/*配置 OpenClaw
在openclaw.json中修改为:
"agents": {
"defaults": {
"sandbox": {
"mode": "all",
"scope": "shared",
"workspaceAccess": "rw",
"workspaceRoot": "C:\\Users\\TT\\.openclaw\\workspace",
"docker": {
"image": "openclaw_image:1",
"workdir": "/home/openclaw",
"user": "1000:1000",
"network": "bridge",
"readOnlyRoot": true,
"capDrop": ["ALL"],
"memory": "1g",
"cpus": 1,
"setupCommand": ""
},
"prune": {
"idleHours": 24,
"maxAgeDays": 7
}
},
...
}
}
...
"tools": {
"profile": "full",
"exec": {
"host": "sandbox",
"security": "full",
"ask": "off"
}
},