Tuesday, 14 January 2020

docker create - or ... one learns something every day ....

I was looking for a simple way to "peer" inside a newly-built Docker image, without actually starting a container from that image ...

Specifically, I wanted to look at the content of a configuration file - /etc/ssh/sshd_config - to check some security settings.

Thankfully, the internet had the answer - as per usual

Extract file from docker image?

and this worked for me: -

Use the docker create command to create a container without actually creating (instantiating) a container


docker create debian:jessie

This returns the ID of the created container: -

7233e5c0df37bd460cc4d13b98f1f0b4d2d04677ea3356ad178af3a4af6484e5

Use the container ID to copy the required file to, say, /tmp

docker cp 7233e5c0df37bd460cc4d13b98f1f0b4d2d04677ea3356ad178af3a4af6484e5:/etc/ssh/sshd_config /tmp

Check out the copied file

cat /tmp/sshd_config

Delete the container

docker rm 7233e5c0df37bd460cc4d13b98f1f0b4d2d04677ea3356ad178af3a4af6484e5

Job done!

Obviously, I could've been even more elegant: -

export CONTAINER=`docker create debian:jessie`
docker cp $CONTAINER:/etc/ssh/sshd_config /tmp
cat /tmp/sshd_config
docker rm $CONTAINER

Nice !
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...