8

Motivation: To run a basic health-check on a docker container by counting that a certain number of messages flow across stdout over a certain time horizon

Immediate goal: From within a shell started by docker exec, read data that is being piped to stdout from the main process (PID 1)

I am not even sure if what I want is possible. If that is the case, an explanation as to why not would be much appreciated -- and would help advance my knowledge.

Steps to reproduce:

  1. Start the container -- container1 docker run -it --name container1 ubuntu bash -c -i "COUNT=0; while true; do echo Keep the dance floor beat going; ((COUNT++)); sleep 1; echo \"Count is: \${COUNT}\"; done;"

  2. In another terminal window, docker exec to start another process in the same container docker exec -it container1 bash

Can I somehow tail/print/read the messages being passed over stdout by PID 1?

I understand that there are work arounds -- for example piping through tee or otherwise writing to disk -- but was hoping for a magic bullet.

JacobWuzHere
  • 863
  • 7
  • 11
  • Maybe this? http://stackoverflow.com/a/17790708/2079781 – Rickkwa Dec 24 '16 at 02:30
  • Thanks for the suggestion, but I was not able to get that solution to work with the replication I provided above. – JacobWuzHere Dec 28 '16 at 15:52
  • I did not find a quick solution, but you may have a look at https://github.com/gliderlabs/logspout which grabs the log output of a container "somehow" and usually pipes it to a remote collector. (edit: hmm, I think this also works via the Docker-host, so it might not be what you're looking for) – schmunk Dec 28 '16 at 23:51
  • Why isn't `tee` a valid magic bullet? Is an unmodified entrypoint a requirement of a valid solution for you? Does it need to work inside the container without any additional capabilities added? If so, you may be looking for unobtanium. – BMitch Dec 29 '16 at 01:26

1 Answers1

4

If you are OK with strace then try this:

docker exec -it container1 bash -c -i "\
    apt-get update && apt-get install strace && \
    strace -ff -e trace=write -e write=1 -p 1"
  • -p 1 is the PID
  • -e write=1 is there to narrow the output to STDOUT (-e write=1,2 would show both STDOUT and STDERR)

Depending on Docker version you might need to loosen up Docker's syscall security policy, e.g. by disabling it completely by adding --security-opt seccomp:unconfined to docker run when starting the container:

docker run --security-opt seccomp:unconfined -it --name container1 ubuntu bash -c -i "COUNT=0; while true; do echo Keep the dance floor beat going; ((COUNT++)); sleep 5; ech o \"Count is: \${COUNT}\"; done;"

Read more about the Docker's seccomp profiles here (>1.10).

Tested with:

  • Windows 8.1
  • Docker version 1.10.2, build c3959b1
  • Docker-machine version 0.6.0, build e27fb87
jannis
  • 4,843
  • 1
  • 23
  • 53