When it comes to exploring a Docker container’s file system, it can be in two ways - interactive and non-interactive. In short, interactive exploration of a Docker container’s file system can be done by accessing the file system through the bash of the container. While on the other hand, non-interactive exploration relates to studying the filesystem without entering the container environment either through tar files or copying the filesystem of the container.
Let’s try to discuss both these ways in this article.
Interactive Exploration of a Container File System
A container can be in two states where we can explore its file system - non-running and running. By non-running containers, we mean that the container is either not yet created or created but stopped. To explore the file systems of such containers, we need to run the container first.
Suppose you want to explore an Ubuntu container’s file system and the container does not exist yet. You can use the Docker run command along with the interactive option to access the bash of the container.
$ docker run -it --name=myubuntu ubuntu:latest bash
The above command uses the i (interactive) and t (pseudo-TTY) options to attach a terminal to the container’s streams allowing us to interact with the bash of the container through our host machine. We have also used the name option to provide a name to the container. After executing this command, you will have access to the bash of the container and you will be able to interact with the container’s file system in the same way you would interact with an Ubuntu machine.
If the container is stopped and not running, you will have to start the container first using the docker start command mentioned below.
$ docker start myubuntu
This will start the myubuntu container which was earlier in the exited state.
Next, you can use the Docker exec command to attach a terminal to the already running container.
$ docker exec -it myubuntu bash
The Docker exec command is used to run a command inside a running container. With the above command, you have run the bash command inside the myubuntu container which will open a bash in interactive mode. You can now easily interact with the file system of the container through this bash.
You can also use the Docker start command with the -ai option to attach a terminal.
$ docker start -ai myubuntu
Non-Interactive Exploration of a Container File System
Suppose you have a container in your local machine and you want to explore its file system in non-interactive mode. You can create a copy of its filesystem using the Docker commit command. This will create a new image after committing all the changes and you can run a container associated with this new copy image and inspect the file system.
To check the containers in your system, you can use the following command.
$ docker ps -a
Now, suppose you have a container called myubuntu in the exited state. Let’s try to commit this container to a new image called copy-image.
$ docker commit myubuntu copy-image
You can now check that the new image has been created by listing all the images.
$ docker images
Now, you can run a test-container associated with this copy-image to explore the file system of the container.
$ docker run -it --name=test-container copy-image bash
Another way to explore a container’s file system is to install SSH in your Docker container and run the ssh daemon. In this way, you can explore the container’s file system continuously by doing SSH into the docker container.
$ docker run -d -p 22 copy-image /usr/sbin/sshd -D
You can run the docker ps to check which port to connect to.
To sum up, in this article we have discussed four different ways to explore a Docker container’s file system.
Top comments (0)