I'm running the Docker community edition on MacOS BigSur (11.2.2), and am trying to get into the virtual environment.
This article from 2018 says to do
$screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
and this one from February 2020 says
$ screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
But neither of those things seem to work in my current install.
$docker --version Docker version 20.10.5, build 55c4c88
The methods you have found are backdoors for entering in the virtual machine, and they change when the releases are changing, and both mentioned methods are no longer supported on the latest Docker-for-mac.
The most canonical way to get terminal access to the virtual machine (create a sh process in the virtual machine and get tty from it), you need the following command.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
This approach will create a container and will join it to the namespace of the host, after which it will create a new shell in the namespace of the init (pid 1) by executing the nsenter command. This will not change much with the later releases since it relies on stabile docker features to get the access to the vm. In the example I had used debian, but you can replace this with any image that has nsenter (ex. alpine, busybox, etc.)
Also, you can get access trough the current debug socket which will create a shell directly in the virtual machine and connect to it. This is more a backdor created for debugging and might be removed/changed in future releases.
stty -echo -icanon && nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock && stty sane
Related
On a mac, docker utilizes HyperKit in order to create a LinuxKit VM. This means, for example, among other things, that I cannot see any of the image layers that are pulled down for a given container in places like /var/lib/docker, since the VM controls all of that.
Is there a way to actually get a shell on that VM to be able to do that sort of introspection?
In Docker Desktop 2.4 for Mac, it is possible to get a nearly full terminal into the LinuxKit VM, with sane tab auto-completion, and be able to inspect its contents.
For example, to see the layers of pulled down docker images, you may perform the following commands:
$ stty -echo -icanon && nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock && stty sane
/ # ls -al /var/lib/docker/overlay2/
The nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock may be run on its own, per the Docker release docs, but if it is not combined with stty per the above example, you will not see very good output, nor will you have tab completion in the vm.
I'm working with a poor internet connection and trying to pull and run a image.
I wanted to download one layer at a time and per documentation tried adding a flat --max-concurrent-downloads like so:
docker run --rm -p 8787:8787 -e PASSWORD=blah --max-concurrent-downloads=1 rocker/verse
But this gives an error:
unknown flag: --max-concurrent-downloads See 'docker run --help'.
I tried typing docker run --help and interestingly did not see the option --max-concurrent-downloads.
I'm using Docker Toolbox since I'm on a old Mac.
Over here under l there's an option for --max-concurrent-downloads however this doesn't appear on my terminal when typing docker run --help
How can I change the default of downloading 3 layers at a time to just one?
From the official documentation: (https://docs.docker.com/engine/reference/commandline/pull/#concurrent-downloads)
You can pass --max-concurrent-downloads during a pull operation.
You can set --max-concurrent-downloads with the dockerd command.
If you're using the docker Desktop GUI for Mac or Windows:
You can edit the .json file directly in docker engine settings:
This setting needs to be passed to dockerd when starting the daemon, not to the docker client CLI. The dockerd process is running inside of a VM with docker-machine (and other docker desktop environments).
With docker-machine that is used in toolbox, you typically pass the engine flags on the docker-machine create command line, e.g.
docker-machine create --engine-opt max-concurrent-downloads=1
Once you have a created machine, you can follow the steps from these answers to modify the config of an already running machine, mainly:
SSH into your local docker VM.
note: if 'default' is not the name of your docker machine then substitute 'default' with your docker machine name $
docker-machine ssh default
Open Docker profile $ sudo vi /var/lib/boot2docker/profile
Then in that profile, you would add your --engine-opt max-concurrent-downloads=1.
Newer versions of docker desktop (along with any Linux install) make this much easier with a configuration menu daemon -> advanced where you can specify your daemon.json entries like:
{
"max-concurrent-downloads": 1
}
Docker for Mac uses a Linux VM created by HyperKit for storing and running containers on Mac.
With Docker Toolbox, I can just open VirtualBox and access the docker-machine VM. But with Docker for Mac, how do I access the VM created by HyperKit?
Update 2019-01-31, thanks to ru10's update, now there is a better way:
screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
Original Answer:
After a while, I found following way to get a shell of the VM that was created by HyperKit:
Run from terminal:
screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
You will see an empty screen, then type enter, you will get a login prompt. Login as root and hit enter, you will get a shell (no password), you will gett the shell:
To exit the session, type Ctrl-A k (then y to confirm).
It is a little bit hacky, but it seems to work for now (Sep 2016) (Sep 2017).
Mac OS High Sierra Docker version 18.06.0-ce-mac70 (26399)
screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
instead of
screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
According to this GitHub issue comment by a Docker maintainer, the recommended way to access the VM is through a privileged docker container.
Try logging into the VM: (I recommend this instead of using screen on the TTY)
$ docker run -it --privileged --pid=host justincormack/nsenter1
In fact, the answer from augurar is the only working as of 2021 as smammy says, the other options are deprecated.
So:
$ docker run -it --privileged --pid=host justincormack/nsenter1
was the right answer and worked for me in MacOS Big Sur as of July 2021.
I'm using docker desktop 4.7.1 on Mac. As mentioned, some of the good solutions proposed above does not work on newer docker desktop (tty link is gone).
I preferred the solution of Smammy which does not involve using image from unverified publisher (image: justincormack/nsenter1, though the image comes from a docker maintainer and the repository has a lot of stars), especially when it needs to run the docker with '--privileged' flag which grant the docker full access to the host machine.
This worked for me (using busybox image, which contains nsenter utility):
docker run -it --rm --privileged --pid=host busybox nsenter -t1 -m -u -i -n
you can find explanation of the command at
https://www.bretfisher.com/docker-for-mac-commands-for-getting-into-local-docker-vm/ (and similar suggestion, using debian image instead of busybox)
another solution proposed there (but less convenient, as it does not have auto-completion) is to use netcat
nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock
I'm trying to something with Docker.
Steps I'm doing:
- Launch Docker Quickstart Terminal
- run docker run hello-world
Then I get error like:
bash: /c/Program Files/Docker Toolbox/docker: Bad address
I have to say that I was able to run hello-world image, but now I'm not. I don't know what happend.
I don't know if it matters however I had some problems at instalation step.
Since I have git installed in non standard location. However it seems git bash.exe working correctly for Docker.
My environment:
Windows 10
Git 2.5.0 (installed before Docker)
Docker Toolbox 1.9.1a
I have the same issue with bash: /c/Program Files/Docker Toolbox/docker: Bad address
I thought the problems is "bash doesn't support docker.exe".
SO I fix this problem by use powershell ,not the bash.
and if you use powershell maybe face this
An error occurred trying to connect: Get http://localhost:2375/v1.21/containers/json: dial tcp 127.0.0.1:2375: ConnectExenter code here
tcp: No connection could be made because the target machine actively refused it.
You can export variable from bash use export and import to powershell by this below
$env:DOCKER_HOST="tcp://192.168.99.100:2376"
$env:DOCKER_MACHINE_NAME="default"
$env:DOCKER_TLS_VERIFY="1"
$env:DOCKER_TOOLBOX_INSTALL_PATH="C:\\Program Files\\Docker Toolbox"
$env:DOCKER_CERT_PATH="C:\\Users\\kk580\\.docker\\machine\\machines\\default"
that's all
ps:I found this problem fixed by update git from 2.5.0 to 2.6.3.
Not entirely sure what the issue is, report it to the project on github. I find the docker mac and windows tools a bit flakey from time to time as they are still maturing. If you don't mind seeing what's underneath, you can try running docker-machine directly or set up your own host pretty quickly with Vagrant.
Docker Machine
Run a command or bash prompt to see what machines you have.
docker-machine ls
Create a machine if you don't have one listed
docker-machine create -d "virtualbox" default-docker
Then connect to the listed machine (or default-docker)
docker-machine ssh default-docker
Vagrant
If that doesn't work you can always use vagrant to manage VM's
Install VirtualBox (Which you probably have already if you installed the toolbox)
Reinstall Git, make sure you select the option for adding ALL the tools to your system PATH (for vagrant ssh)
Install Vagrant
Run a command or bash prompt
mkdir docker
cd docker
vagrant init debian/jessie64
vagrant up --provider virtualbox
Then to connect to your docker host you can run (from the same docker directory you created above)
vagrant ssh
Now your on the docker host, Install the latest docker the first time
curl https://get.docker.com/ | sudo sh
Docker
Now you have either a vagrant or docker-machine host up, you can docker away after that.
sudo docker run -ti busybox bash
You could also use PuTTY to connect to vagrant machines instead of installing git/ssh and running vagrant ssh. It provides a nicer shell experience but it requires some manual setup of the ssh connections.
How can I share a folder between my Windows files and a docker container, by mounting a volume with simple --volume command using Docker Toolbox on?
I'm using "Docker Quickstart Terminal" and when I try this:
winpty docker run -it --rm --volume /C/Users/myuser:/myuser ubuntu
I have this error:
Invalid value "C:\\Users\\myuser\\:\\myuser" for flag --volume: bad mount mode specified : \myuser
See 'docker run --help'.
Following this, I also tried
winpty docker run -it --rm --volume "//C/Users/myuser:/myuser" ubuntu
and got
Invalid value "\\\\C:\\Users\\myuser\\:\\myuser" for flag --volume: \myuser is not an absolute path
See 'docker run --help'.
This is an improvement of the selected answer because that answer is limited to c:\Users folder. If you want to create a volume using a directory outside of c:\Users this is an extension.
In windows 7, I used docker toolbox. It used Virtual Box.
Open virtual box
Select the machine (in my case default).
Right clicked and select settings option
Go to Shared Folders
Include a new machine folder.
For example, in my case I have included:
**Name**: c:\dev
**Path**: c/dev
Click and close
Open "Docker Quickstart Terminal" and restart the docker machine.
Use this command:
$ docker-machine restart
To verify that it worked, following these steps:
SSH to the docker machine.
Using this command:
$ docker-machine ssh
Go to the folder that you have shared/mounted.
In my case, I use this command
$ cd /c/dev
Check the user owner of the folder. You could use "ls -all" and verify that the owner will be "docker"
You will see something like this:
docker#default:/c/dev$ ls -all
total 92
drwxrwxrwx 1 docker staff 4096 Feb 23 14:16 ./
drwxr-xr-x 4 root root 80 Feb 24 09:01 ../
drwxrwxrwx 1 docker staff 4096 Jan 16 09:28 my_folder/
In that case, you will be able to create a volume for that folder.
You can use these commands:
docker create -v /c/dev/:/app/dev --name dev image
docker run -d -it --volumes-from dev image
or
docker run -d -it -v /c/dev/:/app/dev image
Both commands work for me. I hope this will be useful.
This is actually an issue of the project and there are 2 working workarounds:
Creating a data volume:
docker create -v //c/Users/myuser:/myuser --name data hello-world
winpty docker run -it --rm --volumes-from data ubuntu
SSHing directly in the docker host:
docker-machine ssh default
And from there doing a classic:
docker run -it --rm --volume /c/Users/myuser:/myuser ubuntu
If you are looking for the solution that will resolve all the Windows issues and make it work on the Windows OS in the same way as on Linux, then see below. I tested this and it works in all cases. I’m showing also how I get it (the steps and thinking process). I've also wrote an article about using Docker and dealing with with docker issues here.
Solution 1: Use VirtualBox (if you think it's not good idea see Solution 2 below)
Open VirtualBox (you have it already installed along with the docker tools)
Create virtual machine
(This is optional, you can skip it and forward ports from the VM) Create second ethernet card - bridged, this way it will receive IP address from your network (it will have IP like docker machine)
Install Ubuntu LTS which is older than 1 year
Install docker
Add shared directories to the virtual machine and automount your project directories (this way you have access to the project directory from Ubuntu) but still can work in Windows
Done
Bonus:
Everything is working the same way as on Linux
Pause/Unpause the dockerized environment whenever you want
Solution 2: Use VirtualBox (this is very similar to the solution 1 but it shows also the thinking process, which might be usefull when solving similar issues)
Read that somebody move the folders to /C/Users/Public and that works https://forums.docker.com/t/sharing-a-volume-on-windows-with-docker-toolbox/4953/2
Try it, realize that it doesn’t have much sense in your case.
Read entire page here https://github.com/docker/toolbox/issues/607 and try all solutions listed on page
Find this page (the one you are reading now) and try all the solutions from other comments
Find somewhere information that setting COMPOSE_CONVERT_WINDOWS_PATHS=1 environment variable might solve the issue.
Stop looking for the solution for few months
Go back and check the same links again
Cry deeply
Feel the enlightenment moment
Open VirtualBox (you have it already installed along with the docker tools)
Create virtual machine with second ethernet card - bridged, this way it will receive IP address from your network (it will have IP like docker machine)
Install Ubuntu LTS which is very recent (not older than few months)
Notice that the automounting is not really working and the integration is broken (like clipboard sharing etc.)
Delete virtual machine
Go out and have a drink
Rent expensive car and go with high speed on highway
Destroy the car and die
Respawn in front of your PC
Install Ubuntu LTS which is older than 1 year
Try to run docker
Notice it’s not installed
Install docker by apt-get install docker
Install suggested docker.io
Try to run docker-compose
Notice it’s not installed
apt get install docker-compose
Try to run your project with docker-compose
Notice that it’s old version
Check your power level (it should be over 9000)
Search how to install latest version of docker and find the official guide https://docs.docker.com/install/linux/docker-ce/ubuntu/
Uninstall the current docker-compose and docker.io
Install docker using the official guide https://docs.docker.com/install/linux/docker-ce/ubuntu/
Add shared directories to the virtual machine and automount your project directories (this way you have access to the project directory from Ubuntu, so you can run any docker command)
Done
As of August 2016 Docker for windows now uses hyper-v directly instead of virtualbox, so I think it is a little different. First share the drive in settings then use the C: drive letter format, but use forward slashes. For instance I created an H:\t\REDIS directory and was able to see it mounted on /data in the container with this command:
docker run -it --rm -v h:/t/REDIS:/data redis sh
The same format, using drive letter and a colon then forward slashes for the path separator worked both from windows command prompt and from git bash.
I found this question googling to find an answer, but I couldn't find anything that worked. Things would seem to work with no errors being thrown, but I just couldn't see the data on the host (or vice-versa). Finally I checked out the settings closely and tried the format they show:
So first, you have to share the whole drive to the docker vm in settings here, I think that gives the 'docker-machine' vm running in hyper-v access to that drive. Then you have to use the format shown there, which seems to only exist in this one image and in no documentation or questions I could find on the web:
docker run --rm -v c:/Users:/data alpine ls /data
Simply using double leading slashes worked for me on Windows 7:
docker run --rm -v //c/Users:/data alpine ls /data/
Taken from here: https://github.com/moby/moby/issues/12590
Try this:
Open Docker Quickstart Terminal. If it is already open, run $ cd ~ to make sure you are in Windows user directory.
$ docker run -it -v /$(pwd)/ubuntu:/windows ubuntu
It will work if the error is due to typo. You will get an empty folder named ubuntu in your user directory. You will see this folder with the name windows in your ubuntu container.
For those using Virtual Box who prefer command-line approach
1) Make sure the docker-machine is not running
Docker Quickstart Terminal:
docker-machine stop
2) Create the sharing Windows <-> docker-machine
Windows command prompt:
(Modify following to fit your scenario. I feed my Apache httpd container from directory synced via Dropbox.)
set VBOX=D:\Program Files\Oracle\VirtualBox\VBoxManage.exe
set VM_NAME=default
set NAME=c/htdocs
set HOSTPATH=%DROPBOX%\htdocs
"%VBOX%" sharedfolder add "%VM_NAME%" --name "%NAME%" --hostpath "%HOSTPATH%" --automount
3) Start the docker-machine and mount the volume in a new container
Docker Quickstart Terminal:
(Again, I am starting an Apache httpd container, hence that port exposing.)
docker-machine start
docker run -d --name my-apache-container-0 -p 80:80 -v /c/htdocs:/usr/local/apache2/htdocs my-apache-image:1.0
share folders virtualBox toolbox and windows 7 and nodejs image container
using...
Docker Quickstart Terminal [QST]
Windows Explorer [WE]
lets start...
[QST] open Docker Quickstart Terminal
[QST] stop virtual-machine
$ docker-machine stop
[WE] open a windows explorer
[WE] go to the virtualBox installation dir
[WE] open a cmd and execute...
C:\Program Files\Oracle\VirtualBox>VBoxManage sharedfolder add "default" --name
"/d/SVN_FOLDERS/X2R2_WP6/nodejs" --hostpath "\?\d:\SVN_FOLDERS\X2R2_WP6\nodejs" --automount
check in the oracle virtual machine, that the new shared folder has appeared
[QST] start virtual-machine
$ docker-machine start
[QST] run container nodejs
docker stop nodejs
docker rm nodejs
docker run -d -it --rm --name nodejs -v /d/SVN_FOLDERS/X2R2_WP6/nodejs:/usr/src/app -w /usr/src/app node2
[QST] open bash to the container
docker exec -i -t nodejs /bin/bash
[QST] execute dir and you will see the shared files
I solved it!
Add a volume:
docker run -d -v my-named-volume:C:\MyNamedVolume testimage:latest
Mount a host directory:
docker run -d -v C:\Temp\123:C:\My\Shared\Dir testimage:latest