As people are starting to look at Kubernetes and Docker, there have been a number of questions regarding how to diagnose problems with containers. Here are a few useful hints:
## Docker logs Docker captures stdout/stderr from the main process and makes this available via the `docker log` command. That is, if your Dockerfile looks like this: FROM fedora RUN yum -y install mariadb; yum clean all CMD mysql --this-is-a-terrible-idea And you were to have Kubernetes launch an image built from that file and wanted to diagnose why it wasn't working, you could run `docker logs <container_name_or_id>` and see: mysql: unknown option '--this-is-a-terrible-idea' ## Using 'nsenter' The `nsenter` command is available in recent coreutils packages. It allows you to run commands inside existing namespaces. A useful shortcut is to place the following inside a script and call it "docker-enter": #!/bin/sh nsenter -t $(docker inspect \ --format '{{ .State.Pid }}' $CONTAINER) \ -m -u -i -n -p -w "$@" Now you can run `docker-enter <container_name_or_id>` to start a shell inside the specified container. Once inside the container, you may want to see the environment variables passed to PID 1 to ensure that service discovery is operating correctly. You can do that via: tr '\000' '\012' < /proc/1/environ You can of course inspect anything on the filesystem, although ideally your application is logging to stdout/stderr and not to local files. If you know your container's ENTRYPOINT and CMD entries, you can run those by hand to see exactly what is happening. -- Lars Kellogg-Stedman <l...@redhat.com> | larsks @ {freenode,twitter,github} Cloud Engineering / OpenStack | http://blog.oddbit.com/
pgpqxMqP1HjV1.pgp
Description: PGP signature
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev