Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to access the metadata of a docker container from a script running inside the container?

I am trying to understand whether it is possible to read the metadata (Labels, in particular) properties of a container using a bash script.

For instance, if there is a Dockerfile like:

FROM busybox
LABEL abc = abc_value1

And, if I build and run an image based on the file above, like so:

docker build . -t image1
docker run -ti image1 /bin/bash

Is there any way to access the value of the "abc" label inside the bash shell? If so, how?

like image 569
egordoe Avatar asked May 25 '16 14:05

egordoe


People also ask

Does docker container have metadata?

Docker Labels allow you to specify metadata for Docker objects such as Images, Containers, Volumes etc, that will be packaged in to their specific formats.

How can I access data from a container?

How can I access the data on my host inside docker container? You can start the container with the volume from host mounted in the container by using -v flag. This maps one directory from host to container. You can make more mappings by using multiple -v flags.

Where is docker metadata stored?

/var/lib/docker/devicemapper/devicemapper/metadata the metadata.


1 Answers

To get the labels (and anything from the remote API), you could pass the socket into the container and use curl >= 7.40 (it's the minimum version that supports --unix-socket flag) from within the container to access the remote API via the socket:

Dockerfile:

FROM ubuntu:16.04 
RUN apt-get update \
    && apt-get install curl -y
LABEL abc = abc_value1

Build and run

docker build -t image1 .
docker run -v /var/run/docker.sock:/var/run/docker.sock -it image1 /bin/bash

From inside the container

curl --unix-socket /var/run/docker.sock http:/containers/$(hostname)/json

From here you'll have a huge chunk of JSON (similar to docker inspect). You can then use a CLI tool like jq to pluck out the labels.

See more information on docker's website: https://docs.docker.com/engine/reference/api/docker_remote_api/#/docker-remote-api

All that said-- this isn't very secure, and environment variables are probably a better bet.

like image 152
Josh Avatar answered Sep 27 '22 19:09

Josh