3 min read
While building a container using alpine as a base image we can get a not found error while trying to execute a file that doesn't make much sense:
$ docker run -it test /usr/local/bin/example-app
exec /usr/local/bin/example-app: no such file or directory
14/11/2022
Read more...2 min read
Everytime you create a container using docker, if not already set using --name, docker chooses a name for you: you can expect two words with a underscore:
$ docker run --rm -d alpine sleep 24h
38c4cc4e87762fc113ef174e9a4989e13d21037678abd3fe73840b825f14c7bf
$ docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
38c4cc4e8776 alpine "sleep 24h" 5 seconds ago Up 3 seconds romantic_shtern
For this example it was chosen romantic_shtern, but it can use a great variety of words:
$ docker ps --all | grep -v "Up" | awk '{ print $NF }'
NAMES
mystifying_poitras
suspicious_shtern
focused_chatelet
keen_mendel
happy_jackson
xenodochial_margulis
kind_blackburn
gallant_pascal
trusting_thompson
(...)
So, how does Docker generate names for it's containers?
01/08/2022
Read more...2 min read
If we use the --net=host option with docker to create a new container, it will share it's network namespace with the host machine. It's main advantage is that it will provide higher performance (it will be close to bare metal speed); however, we might get port conflicts.
24/02/2022
Read more...3 min read
One of the great things about using nerdctl is that it does not try to include everything you might need. This means that if you try to build a container using nerdctl you'll realize you still need to install the buildkit (unless you have installed the "nerdctl-full" version)
Moreover it's something you don't actually need to have installed locally:
$ nerdctl build --help | grep buildkit
Build an image from a Dockerfile. Needs buildkitd to be running.
--buildkit-host string BuildKit address [$BUILDKIT_HOST] (default "unix:///run/user/1000/buildkit/buildkitd.sock")
09/02/2022
Read more...6 min read
It's no secret that docker comes stuffed with many options that many of us don't need. This is why on servers we can find containerd instead of a fully featured docker. Despite that, the real deal breaker is that whatever we are running, we are going to do it with root privileges. We can check this by running the following container:
$ docker run -v /etc:/itc -it --rm alpine sleep 24
And then looking for the process on the host
$ ps auxf
root 1307 0.0 0.1 2084820 46676 ? Ssl 11:36 0:04 /usr/bin/containerd
root 66978 0.0 0.0 709860 6120 ? Sl 05:12 0:00 \_ containerd-shim -namespace moby -workdir /var/lib/containerd/io.containerd.runtime.v1.linux/moby/50cf9789d0e68949d1cf79462956bde98b46a4616e8
b81977d8c89d2af9c34e7 -address /run/containerd/containerd.sock -containerd-binary /usr/bin/containerd -runtime-root /var/run/docker/runtime-runc
root 66996 2.0 0.0 1588 4 pts/0 Ss+ 05:12 0:00 \_ sleep 24
Is it possible to run rootless containers? Is there an alternative to docker?
08/02/2022
Read more...