Although the question is old this is still an issue.
The Linux kernel does not propagate device registration events to containers which is why /dev/* files do not appear within the container for devices that are added while the container is running.
As a workaround within the container you can look for missing device files and create them like the following shell script does:
FILTER='^loop'
lsblk --raw -a --output "NAME,MAJ:MIN" --noheadings | grep -E "$FILTER" | while read LINE; do
DEV=/dev/$(echo $LINE | cut -d' ' -f1)
MAJMIN=$(echo $LINE | cut -d' ' -f2)
MAJ=$(echo $MAJMIN | cut -d: -f1)
MIN=$(echo $MAJMIN | cut -d: -f2)
[ -b "$DEV" ] || mknod "$DEV" b $MAJ $MIN
done
(I used FILTER='^(r|n)bd' to match /dev/rbdX and /dev/nbdX devices ceph creates dynamically in my case.)
Please be aware that the script above does not unregister devices that have been removed on the host. In case you also need to do this you can run the following as well (FILTER needs to be specified):
find /dev -mindepth 1 -maxdepth 1 -type b | cut -d/ -f3 | grep -E "$FILTER" | sort > /tmp/devs-created
lsblk --raw -a --output "NAME" --noheadings | grep -E "$FILTER" | sort > /tmp/devs-available
for ORPHAN in $(comm -23 /tmp/devs-created /tmp/devs-available); do
rm /dev/$ORPHAN
done
If your devices are created dynamically you may want to run both scripts periodically within the container.
You still need to run your container --privileged in order to work with devices.
Also see this moby issue comment my script is based on.
