Docker containers get their image’s filesystem upon initial build. If changes are made to the container, the file system of the container may be different from the contents of the image after creation. writable layer,
The ability to observe changes to the filesystem can help you debug issues and check for missing data. Files written to the container’s file system will be lost when the container is restarted or destroyed. In some cases you may unintentionally make writings that must be directed continuously amount rather than.
In this article, we will share some techniques to identify the modifications made to the container file system. You can use this information to track container activity and check for discrepancies between different environments.
using docker diff
There is a built-in command in the Docker CLI for this purpose. run
docker diff Will enumerate all changes made to files and directories in a particular container. It accepts the ID or name of the container you want to inspect.
Start a simple container for demonstration purposes:
$ docker run -it --name alpine alpine:latest sh
This will start a new container running the Alpine image. Your terminal window will be attached to the container. Keep this window open.
docker diff In another terminal session:
$ docker diff alpine
No output is produced because the fresh container still matches the alpine image’s filesystem exactly.
Switch back to your first terminal that is still connected to the container. Run a few commands to add, remove, or replace files:
/ # touch demo / # touch example
Return to your first shell window. repeat
docker diff Command to see the changes made:
$ docker diff alpine A /example C /root C /root/.ash_history A /demo
Now two new files are visible in the output of the command. run
touch Entries were also added to the container’s shell history. to amend
/root/.ash_history are also reported, as well as the resulting changes
interpreting docker diff output
each line of production produced by
docker diff either prefixed by
D Depends on the type of change occurring:
AThe file or directory has been added to the container’s file system. It is not present in the original image.
C– The content of the file or directory varies with the version of the image.
D– The path in the image has been removed from the container.
This information enables you to quickly spot anomalies that may explain missing data or unexpected behavior.
Any filesystem changes that are not visible in the output will affect paths that are mapped to a Docker volume. These files are stored outside the container, independently of its filesystem, so they are not exposed by
docker diff ,
View content in original image
It might be helpful to compare the included file version to the original image. You can do this by creating a new container and then copying the file. use
docker create Instead
docker run So the container is created but not started. This will ensure that modifications caused by the script’s entry point to the image do not affect the result.
$ docker create --name temp-container my-image:latest $ docker cp temp-container:/path/to/file copied-file $ docker rm temp-container
An alternative approach is to run the container with a custom entrypoint that emits the contents of the file to the standard output stream. include
--rm Flag so that the container is automatically removed after the command completes:
$ docker run --rm --entrypoint cat alpine:latest /path/to/file > copied-file
Comparing the difference between two containers
Sometimes you may need to compare the difference between two different containers running the same image. first use
docker diff To get personal change lists:
$ docker diff first-container > first $ docker diff second-container > second
Now you can use standard Unix tools such as
diff Command to find difference in two change lists:
diff first second 3c3 < A /a-new-file --- > A /demo
The difference shows that
/a-new-file has been removed in another container
/demo has been added.
Another way to compare containers is to use
docker export and the tar command to access a comprehensive file list:
$ docker export demo-container | tar tv -rwxr-xr-x 0/0 0 2022-06-21 14:21 .dockerenv drwxr-xr-x 0/0 0 2022-05-23 17:51 bin/ lrwxrwxrwx 0/0 0 2022-05-23 17:51 bin/arch -> /bin/busybox lrwxrwxrwx 0/0 0 2022-05-23 17:51 bin/ash -> /bin/busybox lrwxrwxrwx 0/0 0 2022-05-23 17:51 bin/base64 -> /bin/busybox lrwxrwxrwx 0/0 0 2022-05-23 17:51 bin/bbconfig -> /bin/busybox ...
Repeat this command for both your containers. then you can use
diff To compare two lists. The enhanced output of tar can help you keep track of when files have changed when the modification times and permissions are displayed.
The file system of Docker containers must be identical to the image from which they were created. Discrepancies can occur when software within the container writes content directly to the file system. Users can be another source of difference when systems such as
docker exec Used to run commands within a running container.
docker diff The utility provides a convenient way to view these changes. Although you cannot see why a file was added or removed, the ability to retrieve a list of revisions can be invaluable in understanding why particular behavior is being observed.
In this article we focused on checking the changes made to the running containers. You can use various tools such as
docker history and dive To inspect the changes made to the layers within the Docker image. The two approaches can be used in tandem, allowing you to work out the exact point that a file was added or modified within a container’s layer stack.
#observe #Docker #containers #filesystem
Most Reliable Software Company in Kolkata , West Bengal , India