[Docker Labs Debug Tools] Feature requests, discussions, feedback

[joe0BAB]

Tell us about your request The Docker Labs Debug Tools extension is an experimental feature to improve debugging with docker. It currently features:

• shell: Get a shell into any image or container, local or remote. An enhanced replacement of the docker exec with Nix based package manager.
• rdb: Easy remote debug setup for containers running a Go/C/C++/Rust binary (gdb and delve support)
• attach: Like the shell command but specialized for running containers.

We are looking for feedback! Any wishes or requests welcome! Comment below or upvote existing ideas.

Which service(s) is this request for? Docker Labs Debug Tools extension

Tell us about the problem you're trying to solve. What are you trying to do, and why is it hard? This is a placeholder to collect feedback, discussions and feature requests.

Are you currently working around the issue? N/A

Additional context To report bugs/issues go here

[slimslenderslacks]

It would be a nice to have a shell completion function to auto-complete container names when running attach. Has anyone else felt this would be helpful?

[slimslenderslacks]

I would also find a "-c" style argument useful. I find myself often using attach to run the same command several times in a row.

[tminich]

Is there a way to use this without docker desktop (e.g. on a server with only the docker engine installed)?

If not, I think that would be a very welcome feature to have in case you need to peek into a running container on a stage or even production system.

[joe0BAB]

Could you give me a bit more details? Do you have SSH access to the machines? Or is it within a Kubernetes deployment?

[tminich]

SSH, Kubernetes is way overkill for the scale of our applications

[joe0BAB]

@tminich I just pushed a new release 0.0.43 that brings a flag --host which allows you to e.g., run:

dld shell --host ssh://root@example.org my-container

would you mind trying if that works for you?

(you might need to restart Docker Desktop to see version 0.0.43 update)

[joe0BAB]

@slimslenderslacks since version 0.0.41 there now is shell completion and a --command/-c flag (forgot to update this here). There were some issues with the shell completion initially that should be fixed since 0.0.42.

[tminich]

@tminich I just pushed a new release 0.0.43 that brings a flag --host which allows you to e.g., run: ...

Seems to work fine, thanks!

[slimslenderslacks]

@joe0BAB I'm wondering about the install command in the shell. I know it can install any nix package from nixpkgs; however, how much work would it be to support a github based flake ref? There's a nix package that I'd like to use that is current not in nixpkgs but is available from a public github repo

[timo-wilson]

I frequently need to shell into a docker container in AWS Fargate to debug issues. Currently I have to use the aws cli to do this using the following command:

aws ecs execute-command --region <region> --cluster <cluster> --task <task> --container <container> --interactive --command "/bin/bash"

Is there currently a way, or if not, this is a feature request, to be able to use dld to shell into this kind of container?

[michellabbe]

I wish dld would have an easy command (e.g. dld shell lastbuild) to automatically find the ID of the latest usable layer of that last failed docker build and open a shell into it.

This is something we need to do repeatedly when building complex Dockerfiles, and not having to manually lookup these ID everytime would help speedup debugging (and also remove some friction).

[sigadore]

Update -- Resolved

I discovered the VM I was attempting to connect to on my Mac had it's docker installed from the Ubuntu repository for the release rather than the Official Docker Instructions. The Debug Container appears to reject at least the path which apt install docker from the ubuntu snap repo placed the root of the service.

Original Post

@tminich I just pushed a new release 0.0.43 that brings a flag --host which allows you to e.g., run:

dld shell --host ssh://root@example.org my-container

would you mind trying if that works for you?

(you might need to restart Docker Desktop to see version 0.0.43 update)

I tried this on my Mac (running Docker Desktop), Debugging a local container works as advertised. I spun up an Ubuntu VM with docker/lunar 1.5-2 installed via package manager. I first tried my non-root account (which is in the docker group) as the target of the --host ssh://... it did download the image docker/labs-debug-tools-service:0.0.43 but then gave an error. I then did the ssh as root (with authorized keys in place) with same result, then dumped the logs for the container:

siggy@TRSS-da-Kine ~ % dld shell --host ssh://root@sig-ubuntu00 an-app
Error: error during connect: Get "http://labs.debug-tools.localhost/lookup": Error response from daemon: Container 430dc7da4a77bdef27c322876492be0074a919a5dd3d794fcb86c7c108800aa2 is not running
siggy@TRSS-da-Kine ~ % docker --host ssh://root@sig-ubuntu00 logs 430dc7da4a77bdef27c322876492be0074a919a5dd3d794fcb86c7c108800aa2
[info] OS: Ubuntu Core 22
[fatal] invalid docker root dir: /var/snap/docker/common/var-lib-docker

Looking at the ubuntu vm, /var/snap/docker/common/var-lib-docker exists and is owned by root. Other "docker" commands using --host or a DOCKER_CONTEXT are properly processed with either my non-root or root user on the vm.

root@sig-ubuntu00:~/.ssh# ls -ld /var/snap/docker/common/var-lib-docker
drwx--x--- 14 root root 4096 Oct  6 03:51 /var/snap/docker/common/var-lib-docker
root@sig-ubuntu00:~/.ssh# ls -l /var/snap/docker/common/var-lib-docker
total 64
drwx--x--x   4 root root  4096 Oct  3 03:27 buildkit
drwx--x--x   3 root root  4096 Oct  3 03:27 containerd
drwx--x---   4 root root  4096 Oct  6 04:54 containers
drwx------   3 root root  4096 Oct  3 03:27 image
drwxr-x---   3 root root  4096 Oct  3 03:27 network
drwx--x--- 123 root root 20480 Oct  6 04:54 overlay2
drwx------   4 root root  4096 Oct  3 03:27 plugins
drwx------   2 root root  4096 Oct  6 03:51 runtimes
drwx------   2 root root  4096 Oct  3 03:27 swarm
drwx------   2 root root  4096 Oct  6 04:08 tmp
drwx------   2 root root  4096 Oct  3 03:27 trust
drwx-----x   2 root root  4096 Oct  6 03:51 volumes

Not sure if something (later Docker on the Ubuntu, for example) is needed or I have some config step I missing on the "remote" box. Sorry if this is all TMI.

[whalelines]

Feature request: --pull option to pull image if not present locally.

[whalelines]

Feature request: add command to copy files in and out of container created by dld.

While it is possible to do this by creating a container from and image and then using docker cp, I most often need to do this when I am already using dld for poking around images, since it will create a container from the image and add a layer of useful tools on top of it.

[lucidhive]

can you help me figure out why it stopped working since I updated to docker desktop mac v.4.25.0?

gremlin is still working yet it does not save profile and theme changes the same way your dld does.

I have both extensions installed and now I get this = ❯ dld attach --root tailscale_docker-extension-dev-desktop-extension-service ─╯ Cannot connect to service. Do you have the extension 'Docker Labs Debug Tools' installed? If not, open Docker Desktop and install it from the extension marketplace to continue.

&& I see on dld ext features = fpath=(~/.local/share/zsh/functions $fpath) autoload -Uz compinit compinit -u

1. which stopped showing in its orange section when I added to my root mac ~/.zshrc as they are now in there i suppose?
2. i also looked inside the dld extension itself and see another one in /debug-tools/.zshrc ( however this one I cannot modify either with mc or nano as --root?

please help it was running so great

[whalelines]

@lucidhive , are you using containerd for pulling and storing images? If so, that is the reason for the error you are seeing. The location of the containerd socket changes between 4.24 and 4.25. The Labs team is working to release an update. In the mean time, you can either downgrade to Docker Desktop 4.24.2 or not use containerd.

[lucidhive]

@whalelines thanks for pointing me to that, I will try both of those today. had things setup so perfectly in dld ext now its like I arrived on an island with an empty backpack :-) gremlin ext is my backup yet not the same.

Other Query or Question if you or anyone knows regarding R/W Speeds

would you know what could be the causes or bottle necks as to why transfer speeds are varying by a lot?

example : if I have 10 new plugins or libraries that I have locally on my drive, I have bind mounted this path/folder into 4 containers and I would dld attach 1 2 3 4 in different tabs whilst issuing either MC or direct command for the same. I like MC midnight commander due to the visual data transfer speeds etc being very visible if needed.

here i have had basically 1. localhost bind path folder ---> containers ---> which ranges between 50kb - 500 kb/s and i have tried being with en0 - WIFI ON + OFF as i though it was getting confused using cloudflared and tailscale for DNS to run live tests, where in OFF Mode none of this is running and I am still seeing this variable.

is this incompatible protocols or is it the core docker changes they keep making to the file systems, or is it DLD / GREMLIN EXT?

Anyways, I was stuck for 4h yesterday attempting to transfer 812MB local bind files into 4 Separate Containers and something broke or this is not yet possible to pause Docker Desktop with Gremlin/ DLD EXT attached and in transfer, so about to restart this turtle baby transfer now.

Best & Thanks Again!

[mikesir87]

Feature request: ability to use forward to connect an already allocated port (dld forward -p 80:80 without any args, preventing the need to start a new process).

As an example, I might run something like Traefik locally, but not want to expose the dashboard/API. But, it's not something I can start after-the-fact. So, I'd like to basically do the equivalent of a kubectl port-forward, effectively exposing a new port that wasn't previously exposed.

[vrapolinario]

Windows containers support for Docker Debug for Kubernetes.

Windows containers users have debug needs just like any container user/developer. Providing the ability to debug a Windows container on K8s directly from Docker would be an immensely appreciated feature. This is something that comes up many times as we engage customers using Windows containers.

[jbonnier]

It looks like the extension is no longer available. That's a bummer, that extension was the only one I found real value in. Most of my containers are lean, rootless, no-new-privileges, and without capabilities. That tool was very helpful when I needed some debugging. Especially when you need to debug problems with containers that are due to these restrictions (rootless, no-priv...)

[michellabbe]

It looks like the extension is no longer available.

I haven't found any official statement on this, but figured out most (if not all) features are now included in docker debug (require paid subscription though).