howto check commandlines from docker run commands? - docker

How can i get the full docker run commandline within the container?
I need this for protocols.
eg
docker run -d -e foo=bar -v $PWD:/app image
docker exec -it container bash
# get commandline ??
many thanks

docker itself does not offer a straight-forward way to get the actual command which started a container. But you can docker inspect the container and reconstruct the command which started it from that.
There are some tools trying to automate this such as runlike, rekcod or this template for docker inspect, see How to show the run command of a docker container for more in this.
If you want to get this information inside a running container you'll have to mount the docker socket into it to be able to use these tools inside the container, see Access Docker socket within container.

Related

Docker image will not launch

Trying to launch a Docker image but it will not launch the process
The command is as follows:
sudo docker run --security-opt seccomp=unconfined blackarchlinux/blackarch
no error message is returned.
I would do the following things
see if my container is running or it is created
$ docker ps or docker ps -a
see if my image is pulled ?
$ docker images
if container is created but not running then I could also check the logs
$ docker logs my-container-name
if you can add in more details, probably would be able to investigate more
You want to start a shell up inside the container and use the tools in there, I assume.
In that case you need to add the -it options and tell docker which program/shell you want to run. Something like
sudo docker run -it --security-opt seccomp=unconfined blackarchlinux/blackarch /bin/bash

How to develop within docker image

I started to experiment with the docker but have some questions regarding how to develop on it and regarding its use cases. If anyone could guide me through these questions, it will be much appreciated.
First,
As far as I understood, docker is used mainly for developing applications on custom environments, thus avoiding the tidious installation processes. This is initially my intention, why I'd like to use docker for.
I've created a docker file which builds successfuly, and which has basic C++ development tools based upon library/gcc. I want to be able to develop in this docker container as you would do on your terminal.
What I did is I created a docker image from a Dockerfile. (I can observe that it is successfully created)
docker build -t mydockerimage .
Then run the docker in detached mode.
docker run -d mydockerimage
At this point, I am notified with the ID of the docker container. However docker container does not seem to be running when I check the output of:
docker container ls
Here comes the first question, why is my docker container not running?
To my understanding, simplest way to interact with the docker container is as follows:
docker exec -it <container_id_or_name> echo "Hello from container!"
Is this true? Is this a use case of docker in which I simply can start the container and exec some Linux command on it?
Moreover, I get a permission denied on /var/lib/docker.sock when I try to execute docker commands without sudo. What am I missing here?
Thank you in advance.
Do you provide an entrypoint or CMD in your dockerfile? This will be executed inside your container and keeps the container running. You can find some details here.
In short. Docker has a default entrypoint: /bin/sh -c, but no default CMD.
Check the dockerfile of ubuntu. This has bash as CMD so it's executing /bin/sh -c bash.
$ docker run -it ubuntu bash
root#9855e779cab2:/#
This will result in an interactive shell in which you can execute commands like on an ubuntu. If you exit the container the container will stop running.
To keep a container running you can use the -d option. It will run the container in the background as a daemon:
$ docker run -d -it ubuntu bash
2606ad8e095baa0237cc30e599a26a4d727d99d47392d779fb83cd50f1a39614
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
2606ad8e095b ubuntu "bash" 18 seconds ago Up 17 seconds cranky_johnson
Now you can exec inside the container to "go inside" the container and execute ubuntu commands.
$ docker exec -it 2606ad8e095b bash
root#2606ad8e095b:/#
When you exit the container it remains running in the background.
Now we can execute your command too:
$ docker exec -it 2606ad8e095b echo "Hello from container!"
Hello from container!
This will open a bash session in your container and echo the string.
I think it's important in your case you define some entrypoint (which can also be a script) or a CMD. Probably you need something very similar to Ubuntu when you just want to use bash inside your container.
Moreover, I get a permission denied on /var/lib/docker.sock when I try to execute docker commands without sudo. What am I missing here?
This is normal. The Docker daemon currently requires root privileges. So you have to use docker with your root user or users which have root priviledges and you have to add sudo every time. You can add your user to a docker group. Every time the daemon starts, it makes the ownership of the Unix socket read/writable by the docker group. This means you can use docker without using sudo everytime when that user is inside your docker group.
To add your user to the docker group:
$ sudo groupadd docker
$ sudo usermod -aG docker $USER
$ exit
ssh back or open new shell

How to run postgres commands in a docker container?

I don't want to install postgres locally but as I have it in my docker container, I'd like to be able to run its commands and utils, like pg_dump myschema > schema.sql.
How can I run commands related to running containers inside of them?
docker exec -it <container> <cmd>
e.g.
docker exec -it your-container /bin/bash
There are different options
You can actually copy files to docker using docker cp command. Copy required files to docker and then you can go inside the docker and run the command.
Make some modification in docker file for docker image creation. Its actually really simple to create docker file. Then using EXPOSE option you can expose a port. After that you can use docker run --publish ie.. -p option to publish a container’s port(s) to the host. Then you can access postgres from outside and run scripts from outside by creating connection.
In the first option you need go inside the containers. For that first list running dockers using docker ps command. After that you can use docker exec -it container_name /bin/bash command

How to get Container Id of Docker in Jenkins

I am using Docker Custom Build Environment Plugin to build my project inside "jpetazzo/dind" docker image. After building, in console output it shows:
Docker container 212ad049dfdf8b7180b8c9b185ddfc586b301174414c40969994f7b3e64f68bc started to host the build
$ docker exec --tty 212ad049dfdf8b7180b8c9b185ddfc586b301174414c40969994f7b3e64f68bc env
[workspace] $ docker exec --tty --user 122:docker 4aea29fff86ba4e50dbcc7387f4f23c55ff3661322fb430a099435e905d6eeef env BUILD_DISPLAY_NAME=#73
Here Docker Container which got started has container id 212ad049dfdf8b7180b8c9b185ddfc586b301174414c40969994f7b3e64f68bc .
Now further I want to execute some command on "Execute shell" part in "Build" option in Jenkins, there I want to use this Container Id. I tried using ${BUILD_CONTAINER_ID} as mentioned in the plugin page. But that does't work.
The documentation tells you to use docker run, but you're trying to do docker exec. The exec subcommand only works on a currently running container.
I suppose you could do a docker run -d to start the container in the background, and then make sure to docker stop when you're done. I suspect this will leave you with some orphaned running containers when things go wrong, though.

Get docker run command for container

I have a container that I created, but I can't remember the exact docker run command I used to kick it off. Is there any way that can be retrieved?
This is not the same as See full command of running/stopped container in Docker What I want to know is the full docker command that spawned the container, not the command within the container.
You can infer most of that information by looking at the output of docker inspect.
For example, you can discover the command started inside the container by looking at the Config.Cmd key. If I run:
$ docker run -v /tmp/data:/data --name sleep -it --rm alpine sleep 600
I can later run:
$ docker inspect --format '{{.Config.Cmd}}' sleep
And get:
{[sleep 600]}
Similarly, the output of docker inspect will also include information about Docker volumes used in the container:
$ docker inspect --format '{{.Volumes}}' sleep
map[/data:/tmp/data]
You can of course just run docker inspect without --format, which will give you a big (100+ lines) chunk of JSON output containing all the available keys, which includes information about port mappings, network configuration, and more.

Resources