#docker

/

      • _mak joined the channel
      • justicefries has quit
      • justicefries joined the channel
      • wkf joined the channel
      • owen1
        gchristensen: yup. thanks
      • mrpanigale joined the channel
      • how do i run docker rmi $(sudo docker images -f "dangling=true" -q) inside a bash script?
      • endersonmaia has quit
      • gchristensen
        just put it in there
      • hltbra joined the channel
      • boombatower
        any simple way to tell when running within a container that was started with --volumes-from what paths are being provided. ie if the data container specified in --volumes-from provides /foo/bar and /barz is there a way to tell while inside the attached container?
      • i know the inspect api and such allows volumes to be listed
      • df seems to show them at the bottom, but not sure if that is reliable enough
      • owen1
        gchristensen: oh. your prone script is not doing anything since i have no dangling images ):
      • davur joined the channel
      • gchristensen: maybe i should change your script to be docker rmi $(docker images -aq) ?
      • basicaly remove ALL images
      • gchristensen
        owen1: thaht would be pretty crappy
      • br0tat0chip joined the channel
      • owen1: becaus ethen next time you build you'd have to download all the images you depend on
      • owen1
        gchristensen: that's what i meant when i said it's amazing that people are still using docker
      • exactly!
      • it's insane
      • and defeats the whole purpose of using docker
      • and i am tired of doing that every week
      • gchristensen
        it isn't that insane
      • owen1
        i just want to rm everything that docker created and i don't actualy need.
      • gchristensen
        and doesn't defeat the purpose of using docker ...
      • jakehow_ has quit
      • it is a byproduct of why people use docker
      • owen1
        you just said: thaht would be pretty crappy
      • because you'd have to download all the images you depend on
      • gchristensen
        right, it would be a crappy experience
      • owen1
        it takes time to download images
      • rhysyngsun joined the channel
      • gchristensen
        right
      • spvensko joined the channel
      • ]RandoM[ has quit
      • papipo joined the channel
      • prksh joined the channel
      • iamjarvo joined the channel
      • ReinH joined the channel
      • owen1
        docker rmi $(docker images -aq) => FATA[0000] Error: failed to remove one or more images
      • Error response from daemon: Conflict, 8dbd9e392a96 wasn't deleted
      • kPb_in has quit
      • (i stopped the docker daemon and started it again but it didn't help)
      • gchristensen
        is that image being used by a container listed in ps -a?
      • ibash joined the channel
      • owen1
        gchristensen: nothing in ps or ps -a
      • gchristensen
        that is odd
      • artemm has quit
      • juanpablo___ joined the channel
      • papipo has quit
      • intransit joined the channel
      • Nuck joined the channel
      • owen1
        docker images -a | wc -l => 46
      • docker images | wc -l => 3
      • dfinninger joined the channel
      • gchristensen
        IIRC, docker images lists the lowest level image, like your "foo" image depends on a, depends on b, depends on c
      • Aova has quit
      • docker images lists "foo", -a lists foo, a, b, and c
      • owen1
        du -h /var/lib/docker/vfs/dir => 26G
      • so even after deleting about 100 images that were showing on docker images -a i still have 26G there
      • WTF docker
      • owen1 rm the folder
      • gchristensen
        go for it
      • mocl4 joined the channel
      • owen1
        still got 46 images
      • juanpablo___ has quit
      • uninstall docker?
      • intransit joined the channel
      • intinig joined the channel
      • maybe there is a newer version. mine is Docker version 1.4.1-dev, build 0f5eba6
      • gchristensen shrugs
      • gchristensen
        I've never seen what you're seeing before
      • jakehow joined the channel
      • edannenbe has quit
      • Nuck has quit
      • owen1
        gchristensen: solved it. i had to rmi -f the 2 images i saw on 'docker images'. as soon as i did that 'docker images -a' was empty.
      • Aova joined the channel
      • they were my cordova images
      • gchristensen
        there you have it
      • ByT3b0N3 has quit
      • owen1
        i am going to run "du -h /var/lib/docker/vfs/dir && docker images | wc -l && docker images -a |wc -l" after every docker build
      • to see what is going on
      • mdxp has quit
      • davur has quit
      • gchristensen
        ok
      • there is probably a file you're ADDing by mistake
      • owen1
        oh
      • gchristensen
        like ADD . /data
      • like some pepole have an enormous .git dir they accidentally add
      • owen1
        let me look at my 5 dockerfiles
      • gchristensen
        just build each one
      • and do exactly what you said, the du -h
      • intinig has quit
      • mrpanigale has quit
      • ChaosEngine
        yup, using curl/wget vs AD gives huuuuges difference in build time ;-P
      • s/guuuges/huuuge/
      • gchristensen
        hehe
      • whitebook joined the channel
      • Erkan_Yilmaz joined the channel
      • efkin_ joined the channel
      • efkin_
        hi ppl! i'm new to docker, and i'm trying to setup a public ip for each different container
      • any hints?
      • djallits has quit
      • jamesd
        --net=host ... but relly a firewall/router may be a better choice...
      • efkin_
        i have
      • owen1
        gchristensen: i build this dockerfile http://paste.ubuntu.com/9985808 and i have 2 (images) and 18 (images -a). is that normal?
      • efkin_
        jamesd: i have a router giving me the public ips... one is for the host and my question is how to setup the other ones for the containers
      • ?
      • gchristensen
        owen1: one moment
      • jordan87 joined the channel
      • rupenp joined the channel
      • roamingdog has quit
      • jamesd
        efkin_: why can't it port forward to each port for each container to use, since its allready doing firewalling/packet level changes.
      • keith_chambers joined the channel
      • efkin_
        jamesd: i thought was cleaner to assign one public ip per container...
      • iamjarvo joined the channel
      • chx joined the channel
      • jamesd: so my friend bob can access his service on containerA directly
      • gchristensen
        owen1: that is normal, I can explain why in about 10 minutes
      • owen1
        gchristensen: awesome. i'll continue with more dockerfiles
      • and monitor
      • daze joined the channel
      • jamesd
        efkin_: for one or two containers the hostnetworking thigs is fine, i wouldn't try giving everycontainer its own ip addres, it exposes many security holes and issues.... if your freind isn't careful he could potentially open a door that gives an attacker access to your full internal network.
      • if you port forward its only a couple ports exported.
      • roamingdog joined the channel
      • efkin_
        jamesd: so maybe i didn't read so carefully the details of docker :) i was looking for bob to be able to ssh a container without having to ssh to the host...is that possible with docker?
      • jamesd
        not sure if you can do your own firewall inside a container, probably not designed for that.. i personally would give your friend his own VM. rather than a container.
      • guiambros joined the channel
      • korya joined the channel
      • efkin_: yes.. sshd running on port 22 on the container, portworked to port 2200 on the host, then port worked 2200 on your firewall to port 2200 on your host directly into the container.
      • er s/portworked/port forwarded/
      • efkin_
        jamesd: but basically using the same public ip of the host? in that case i think i'll dedcate a vm to bob
      • jamesd
        port 2200 on your firewall goes into his container... you would also have to setup something like that for any service he wants to run... web.
      • em-dash joined the channel
      • efkin_: if you know how to configure networking properly on your router to do it... i haven't worked with routers/firewalls with multiple IPs i'm sure its possible i just haven't done it.
      • echtish joined the channel
      • efkin_
        jamesd: ok thx however for the fast answer! i'll try to think about it more
      • jamesd
        if the public IP stays on the firewall router, then the container doesn't have to do any firewalling.. and only ports you forward are exposed, and not some service he accidently exsposes, like nfs, telnet, ntp, etc.
      • efkin_
        ^.^
      • jamesd
        still prefer a heavy solution really.. a 128-512MB vitural inside kvm, xen or vmware would be less of a learning curve.
      • ben_vulpes has quit
      • efkin_
        ok thx! i thought about lxc cause my server doesnt support kvm!
      • ben_vulpes joined the channel
      • liku_ joined the channel
      • mxbtty joined the channel
      • jamesd: c u!
      • efkin_ has left the channel