Everything is exposed via a REST API to publish new edge modules but a nice to have is on publishing we verify the given Docker container URL actually exists. This is to prevent having to publish, test a deployment, check Edge can pull the image, rinse and repeat until working (thinking is to make this idiot proof!). We have achieved this for our own registry and the mcr.micosoft.com (where edgeAgent/Hub live) with: “HEAD: https://mcr.microsoft.com/v2/ azureiotedge-agent/manifests/1.0.8.5”.
However, when trying this on marketplace.azurecr.io (where SQL DB Edge lives) we get an 'unauthorised' response. I have also tried: “https://marketplace.azurecr.io/v2/azure-sql-database-edge/tags/list” but also unauthorised. I am able to pull the container image down with Docker Desktop which seeing as that requires to download the manifest first I am not sure what I can do to simply check the image exists. Do you know a way we could verify the image exists on this container registry?
Related
how could I know which domain are used for the download of my docker image ?
I need it cause the server I'm using only a allow a specific list of domain name for outside traffic.
If you pull an image by simply using its name (e.g.docker pull postgres), the image probably comes from Docker Hub. Otherwise the registry you're pulling the image from will be listed (e.g. docker pull quay.io/keycloak/keycloak:20.0.1)
Docker Documentation
Ended up using wireshark to capture every dns package, and look up the domain name present.
I am new to docker. So what I want to have is a pgadmin container which I can pull and have always my configs and connections up to date. I was not really sure how to do that, but can I have a Volume which is alsways shared for example on my Windows PC at home and on work? I couldt find an good tutorial for that and dont know if that makes sense. Lets say my computer would be stolen I just want to install docker and my images and fun.
What about a shared directory using DropBox ? as far as i know that the local dropbox directories always synced with the actual dropbox account which means you can have the config up to date for all of your devices.
Alternatively you can save the configuration - as long as it does not contain sensitive data - on a git repository which you can clone it then start using it. Both cases can be used as volumes in docker.
That's not something you can do with Docker itself. You can only push images to DockerHub, which do not contain information that you added to a container during an execution.
What you could do is using a backup routine to S3 for example, and sync your 'config and connections' between your docker container running on your home PC and work one.
I started to use Docker a few days ago so I'm still a newbie in this domain, so I deeply apologize if my questions seem obvious, because so far, most of them aren't for me.
My goal is to create a custom image from a Rails application, to send it up to the Docker Hub, then pull it from a server and simply make it run.
I used this doc to create my image excepted that I chose to use MariaDB (works fine). So far, my project only contains a CRUD / scaffold that works nicely.
I then pushed it to a private repository on Docker Hub using this link. Again, no problem, hub is telling me the push went okay, same for my console.
Then, I connected to a private server running Debian, pulled the project from the hub, made sure it existed using docker images.
My main question is the following: what should I do next?
If I refer to the first link, I create the rails project from close to empty Gemfile, then synchronise the local files with the image. However, on my server, all I have is an empty directory. If I'm not stupid, redoing the Docker's tutorial will "reset" my image.
This is where I'm currently lost: what should I do now? I don't believe that running docker run repo/my-image rails server is the good solution here
Thank you in advance
You are going good till now. Now think what is the use of you pushing the image to private repository - You and others who have access to repo should be able to get the image and should be able to create containers from it.
The point where you lost is exactly what you should do now i.e. execute docker run
redoing the Docker's tutorial will "reset" my image.
Docker is smart enough to download image once and use again. Resetting will remove your locally downloaded images but it won't remove from private repo.
If I want to know where and when a Docker image in my container registry has been run (e.g., for audit purposes, to see what images are being used the most, or to see if an image is truly stale before deleting it), what are the best tools for getting that information?
(For example, for a VM analogy on AWS: I could check the log of API calls via AWS CloudTrail for when EC2 instances have started and stopped, get the instance IDs, and then join that against the VM image that was running on those images.)
Docker images are downloaded from registry onto hosts, so you would not know if someone starts an image pulled from the registry: it is already downloaded.
There is in fact no way for you to know that an image has started on a host, except if you implement a proper reporting on bootstrap/entrypoint.
Cluster orchestrators can of course provide you adequate reporting on when are started pods/containers, but you should refer to the respective documentation for this.
You could attach to each docker daemon to listen to its Events:
https://docs.docker.com/engine/reference/commandline/events/
Also you can filter them by any criteria.
Docker images report the following events:
delete
import
load
pull
push
save
tag
untag
We have been using locked version of the Minio image (RELEASE.2016-10-07T01-16-39Z), but now it seems to have been removed.
I'm getting this from Docker:
Pulling minio (minio/minio:RELEASE.2016-10-07T01-16-39Z)...
Pulling repository docker.io/minio/minio
ERROR: Tag RELEASE.2016-10-07T01-16-39Z not found in repository docker.io/minio/minio
I'm finding Docker hub hard to navigate. Where can I find a list of available versioned images, or a mirror to my exact image?
You can find the available tags for minio/minio on that repository's tag page.
If you have the image you want already downloaded on any of your systems, you can push it to Docker Hub yourself, then pull it onto your other systems. This has the benefit that you can control whether you delete that image (it's your account, not someone else's).
You can also use a private registry, if you want, which would prevent Docker from deleting the image from Docker Hub against your will for some reason. But that is extra work you may not wish to do (you would have to host the registry yourself, set it up, maintain it...)
We removed the docker version due to incompatibilities, from the recent releases it won't happen.