How can I get Docker Linux container information from within the container itself

Question

I would like to make my docker containers aware of their configuration  the same way you can get information about EC2 instances through metadata   I can use  provided docker is listening on port 4243   curl http   172 17 42 1 4243 containers  HOSTNAME json   to get some of its data  but would like to know if there is a better way at least the get the full ID of the container  because HOSTNAME is actually shortened to 12 characters and docker seems to perform a  best match  on it   Also  how can I get the external IP of the docker host  other than accessing the EC2 metadata  which is specific to AWS

User · Answer

Some posted solutions have stopped working due to changes in the format of /proc/self/cgroup. Here is a single GNU grep command that should be a bit more robust to format changes:

grep -o -P -m1 'docker.*\K[0-9a-f]{64,}' /proc/self/cgroup

For reference, here are snippits of /proc/self/cgroup from inside docker containers that have been tested with this command:

Linux 4.4:

11:pids:/system.slice/docker-cde7c2bab394630a42d73dc610b9c57415dced996106665d427f6d0566594411.scope
...
1:name=systemd:/system.slice/docker-cde7c2bab394630a42d73dc610b9c57415dced996106665d427f6d0566594411.scope

Linux 4.8 - 4.13:

11:hugetlb:/docker/afe96d48db6d2c19585572f986fc310c92421a3dac28310e847566fb82166013
...
1:name=systemd:/docker/afe96d48db6d2c19585572f986fc310c92421a3dac28310e847566fb82166013

User · Answer

I ve found out that the container id can be found in  proc self cgroup  So you can get the id with    cat  proc self cgroup   grep -o  -e  docker-   scope    head -n 1   sed  s docker-       scope   1

User · Answer

Use docker inspect     docker ps   get conteiner id   docker inspect 4abbef615af7         ID    4abbef615af780f24991ccdca946cd50d2422e75f53fb15f578e14167c365989        Created    2014-01-08T07 13 32 765612597Z        Path     bin bash        Args              -c             start web              Config              Hostname    4abbef615af7         Can get ip as follows     docker inspect -format      NetworkSettings IPAddress     2a5624c52119 172 17 0 24

User · Answer

awk -F           4     docker    amp  amp   lastId     NF     lastId    NF  print  NF      proc self cgroup

User · Answer

This will get the full container id from within a container   cat  proc self cgroup   grep  cpu      sed  s    0-9    cpu   docker    g

User · Answer

As an aside  if you have the pid of the container and want to get the docker id of that container  a good way is to use nsenter in combination with the sed magic above   nsenter -n -m -t pid -- cat  proc 1 cgroup   grep -o  -e  docker-   scope    head -n 1   sed  s docker-       scope   1

User · Answer

You can use this command line to identify the current container ID  tested with docker 1 9    awk -F -       1    print  3    proc self cgroup   Then  a little request to Docker API  you can share  var run docker sock  to retrieve all informations

User · Answer

WARNING  You should understand the security risks of this method before you consider it  John s summary of the risk      By giving the container access to  var run docker sock  it is  trivially easy  to break out of the containment provided by docker and gain access to the host machine  Obviously this is potentially dangerous       Inside the container  the dockerId is your hostname  So  you could    install the docker-io package in your container with the same version as the host start it with --volume  var run docker sock  var run docker sock --privileged  finally  run  docker inspect   hostname  inside the container   Avoid this  Only do it if you understand the risks and have a clear mitigation for the risks

User · Answer

Unless overridden  the hostname seems to be the short container id in Docker 1 12  root d2258e6dec11  project  cat  etc hostname d2258e6dec11   Externally    docker ps -a CONTAINER ID        IMAGE               COMMAND             CREATED                 STATUS                      PORTS               NAMES d2258e6dec11        300518d26271         bash               5 minutes ago           docker -v Docker version 1 12 0  build 8eab29e  experimental

User · Answer

A comment by madeddie looks most elegant to me   CID   basename   cat  proc 1 cpuset

User · Answer

I ve found that in 17 09 there is a simplest way to do it within docker container     cat  proc self cgroup   head -n 1   cut -d     -f3 4de1c09d3f1979147cd5672571b69abec03d606afcc7bdc54ddb2b69dec3861c   Or like it has already been told  a shorter version with    cat  etc hostname 4de1c09d3f19   Or simply     hostname 4de1c09d3f19

User · Answer

To make it simple    Container ID is your host name inside docker  Container information is available inside  proc self cgroup   To get host name   hostname   or  uname -n   or  cat  etc host   Output can be redirected to any file  amp  read back from application E g     hostname  gt   usr src  hostname txt

User · Answer

Docker sets the hostname to the container ID by default  but users can override this with --hostname  Instead  inspect  proc     more  proc self cgroup 14 name systemd  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 13 pids  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 12 hugetlb  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 11 net prio  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 10 perf event  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 9 net cls  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 8 freezer  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 7 devices  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 6 memory  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 5 blkio  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 4 cpuacct  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 3 cpu  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 2 cpuset  docker 7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605 1 name openrc  docker   Here s a handy one-liner to extract the container ID     grep  memory     lt   proc self cgroup   sed  s        7be92808767a667f35c8505cbf40d14e931ef6db5b0210329cf193b15ba9d605

User · Answer

You can communicate with docker from inside of a container using unix socket via Docker Remote API   https   docs docker com engine reference api docker remote api   In a container  you can find out a shortedned docker id by examining  HOSTNAME env var  According to doc  there is a small chance of collision  I think that for small number of container  you do not have to worry about it  I don t know how to get full id directly   You can inspect container similar way as outlined in banyan answer   GET  containers 4abbef615af7 json HTTP 1 1   Response   HTTP 1 1 200 OK Content-Type  application json              Id    4abbef615af7                     Created    2013                         Alternatively  you can transfer docker id to the container in a file  The file is located on  mounted volume  so it is transfered to container   docker run -t -i -cidfile  mydir host1 txt -v  mydir  mydir ubuntu  bin bash   The docker id  shortened  will be in file  mydir host1 txt in the container

User · Answer

I believe that the  quot problem quot  with all of the above is that it depends upon a certain implementation convention either of docker itself or its implementation and how that interacts with cgroups and  proc  and not via a committed  public  API  protocol or convention as part of the OCI specs  Hence these solutions are  quot brittle quot  and likely to break when least expected when implementations change  or conventions are overridden by user configuration  container and image ids should be injected into the r t environment by the component that initiated the container instance  if for no other reason than to permit code running therein to use that information to uniquely identify themselves for logging tracing etc    just my  0 02  YMMV

[linux] How can I get Docker Linux container information from within the container itself?

Examples related to linux

Examples related to docker