search

genuinetools / riddler

A tool to convert docker inspect to the opencontainers runc spec.
MIT License
253 stars 21 forks source link

No config.json in docker anymore #22

Open vladfaust opened 5 years ago

vladfaust commented 5 years ago

Hello, @jessfraz,

I've read your friendly blogpost, and now I desperately need a tool to convert basic Docker images into OCI run specs, to stay on low level.

As per README, the tool is deprected. But I cannot find any config.json files under /var/run/docker/:

faust@mi:~$ docker -v
Docker version 18.09.6, build 481bc77
faust@mi:~$ docker ps
CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS                    NAMES
1b1a4e43c5a8        test-sinatra        "bundle exec ruby ap…"   23 seconds ago      Up 20 seconds                                vibrant_bell
6b1d1acd6e7b        gvisor-bazel        "sh -c 'while :; do …"   12 days ago         Up 12 days                                   gvisor-bazel
aa9e69bb7c35        postgres:9.5        "docker-entrypoint.s…"   2 months ago        Up 2 weeks          0.0.0.0:5432->5432/tcp   postgres
1ac72752175d        redis               "docker-entrypoint.s…"   6 months ago        Up 2 weeks          0.0.0.0:6379->6379/tcp   redis
faust@mi:~$ sudo tree /var/run/docker/
/var/run/docker/
├── containerd
│   ├── 1ac72752175db977139c65e99b496195b0d75415a36b6f221ee17909729c8081
│   │   ├── init-stderr
│   │   └── init-stdout
│   ├── 1b1a4e43c5a8aa19b9b01fa86b8d595f203cdb30420a9f6d4fb9a24521e20117
│   │   ├── init-stderr
│   │   └── init-stdout
│   ├── 6b1d1acd6e7ba9dbe7dfc36f598856ca796270d62f16925b66f20d5c6c697276
│   │   ├── init-stderr
│   │   └── init-stdout
│   ├── aa9e69bb7c357b26c2e2a73b0bd73d6931f397fbaf29d6f61d2bf5fbb5f92e8f
│   │   ├── init-stderr
│   │   └── init-stdout
│   ├── containerd.toml
│   ├── daemon
│   │   └── io.containerd.runtime.v1.linux
│   │       └── moby
│   └── docker-containerd-debug.sock
├── libnetwork
│   └── f2e9882982a30432d0f4cd8f2bf3b610d3f6777643cee61a75c3f02154a86eba.sock
├── metrics.sock
├── netns
│   ├── 056a85a6cc38
│   ├── 0e669258a748
│   ├── 30c94a7d64bd
│   └── c3c1d6a88a76
├── plugins
├── runtime-runc
│   └── moby
│       ├── 1ac72752175db977139c65e99b496195b0d75415a36b6f221ee17909729c8081
│       │   └── state.json
│       ├── 1b1a4e43c5a8aa19b9b01fa86b8d595f203cdb30420a9f6d4fb9a24521e20117
│       │   └── state.json
│       ├── 6b1d1acd6e7ba9dbe7dfc36f598856ca796270d62f16925b66f20d5c6c697276
│       │   └── state.json
│       └── aa9e69bb7c357b26c2e2a73b0bd73d6931f397fbaf29d6f61d2bf5fbb5f92e8f
│           └── state.json
└── swarm

18 directories, 20 files
faust@mi:~$

Could you please help me on that?

Also, is it possible to use the tool without docker? For example, buldah can inspect images. Maybe use STDIN instead of calling docker, i.e:

$ buildah inspect my-image | riddler

P.S: Your blog is masterpiece. I've enjoyed reading is so much! Also got some ideas from it. Awesome :pray:

issue-label-bot[bot] commented 5 years ago

Issue Label Bot is not confident enough to auto-label this issue. See dashboard for more details.

vladfaust commented 5 years ago

TIL, buildah inspect returns both OCIv1 and Docker image configurations. However, it still not ideal (i.e. capabilities, namespaces are not in runc config format):

```json { "Type": "buildah 0.0.1", "FromImage": "docker.io/library/alpine:latest", "FromImageID": "055936d3920576da37aa9bc460d70c5f212028bda1c08c0879aedf03d7a66ea1", "Config": "{\"architecture\":\"amd64\",\"config\":{\"Hostname\":\"\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/bin/sh\"],\"ArgsEscaped\":true,\"Image\":\"sha256:09f2bbe58e774849d74dc1391c2e01731896c745c4aba1ecf69a283bdb4b537a\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"OnBuild\":null,\"Labels\":null},\"container\":\"c10d36fa368a7ea673683682666758adf35efe98e10989505f4f566b5b18538f\",\"container_config\":{\"Hostname\":\"c10d36fa368a\",\"Domainname\":\"\",\"User\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) \",\"CMD [\\\"/bin/sh\\\"]\"],\"ArgsEscaped\":true,\"Image\":\"sha256:09f2bbe58e774849d74dc1391c2e01731896c745c4aba1ecf69a283bdb4b537a\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"OnBuild\":null,\"Labels\":{}},\"created\":\"2019-05-11T00:07:03.510395965Z\",\"docker_version\":\"18.06.1-ce\",\"history\":[{\"created\":\"2019-05-11T00:07:03.358250803Z\",\"created_by\":\"/bin/sh -c #(nop) ADD file:a86aea1f3a7d68f6ae03397b99ea77f2e9ee901c5c59e59f76f93adbb4035913 in / \"},{\"created\":\"2019-05-11T00:07:03.510395965Z\",\"created_by\":\"/bin/sh -c #(nop) CMD [\\\"/bin/sh\\\"]\",\"empty_layer\":true}],\"os\":\"linux\",\"rootfs\":{\"type\":\"layers\",\"diff_ids\":[\"sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81\"]}}", "Manifest": "{\n \"schemaVersion\": 2,\n \"mediaType\": \"application/vnd.docker.distribution.manifest.v2+json\",\n \"config\": {\n \"mediaType\": \"application/vnd.docker.container.image.v1+json\",\n \"size\": 1512,\n \"digest\": \"sha256:055936d3920576da37aa9bc460d70c5f212028bda1c08c0879aedf03d7a66ea1\"\n },\n \"layers\": [\n {\n \"mediaType\": \"application/vnd.docker.image.rootfs.diff.tar.gzip\",\n \"size\": 2757034,\n \"digest\": \"sha256:e7c96db7181be991f19a9fb6975cdbbd73c65f4a2681348e63a141a2192a5f10\"\n }\n ]\n}", "Container": "", "ContainerID": "", "MountPoint": "", "ProcessLabel": "", "MountLabel": "", "ImageAnnotations": {}, "ImageCreatedBy": "", "OCIv1": { "created": "2019-05-11T00:07:03.510395965Z", "architecture": "amd64", "os": "linux", "config": { "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "Cmd": [ "/bin/sh" ] }, "rootfs": { "type": "layers", "diff_ids": [ "sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81" ] }, "history": [ { "created": "2019-05-11T00:07:03.358250803Z", "created_by": "/bin/sh -c #(nop) ADD file:a86aea1f3a7d68f6ae03397b99ea77f2e9ee901c5c59e59f76f93adbb4035913 in / " }, { "created": "2019-05-11T00:07:03.510395965Z", "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]", "empty_layer": true } ] }, "Docker": { "created": "2019-05-11T00:07:03.510395965Z", "container": "c10d36fa368a7ea673683682666758adf35efe98e10989505f4f566b5b18538f", "container_config": { "Hostname": "", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "Cmd": [ "/bin/sh" ], "ArgsEscaped": true, "Image": "sha256:09f2bbe58e774849d74dc1391c2e01731896c745c4aba1ecf69a283bdb4b537a", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": null }, "config": { "Hostname": "", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" ], "Cmd": [ "/bin/sh" ], "ArgsEscaped": true, "Image": "sha256:09f2bbe58e774849d74dc1391c2e01731896c745c4aba1ecf69a283bdb4b537a", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": null }, "architecture": "amd64", "os": "linux", "rootfs": { "type": "layers", "diff_ids": [ "sha256:f1b5933fe4b5f49bbe8258745cf396afe07e625bdab3168e364daf7c956b6b81" ] }, "history": [ { "created": "2019-05-11T00:07:03.358250803Z", "created_by": "/bin/sh -c #(nop) ADD file:a86aea1f3a7d68f6ae03397b99ea77f2e9ee901c5c59e59f76f93adbb4035913 in / " }, { "created": "2019-05-11T00:07:03.510395965Z", "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]", "empty_layer": true } ] }, "DefaultMountsFilePath": "", "Isolation": "IsolationDefault", "NamespaceOptions": [ { "Name": "cgroup", "Host": true, "Path": "" }, { "Name": "ipc", "Host": false, "Path": "" }, { "Name": "mount", "Host": false, "Path": "" }, { "Name": "network", "Host": false, "Path": "" }, { "Name": "pid", "Host": false, "Path": "" }, { "Name": "user", "Host": true, "Path": "" }, { "Name": "uts", "Host": false, "Path": "" } ], "ConfigureNetwork": "NetworkDefault", "CNIPluginPath": "", "CNIConfigDir": "", "IDMappingOptions": { "HostUIDMapping": true, "HostGIDMapping": true, "UIDMap": [], "GIDMap": [] }, "DefaultCapabilities": [ "CAP_AUDIT_WRITE", "CAP_CHOWN", "CAP_DAC_OVERRIDE", "CAP_FOWNER", "CAP_FSETID", "CAP_KILL", "CAP_MKNOD", "CAP_NET_BIND_SERVICE", "CAP_SETFCAP", "CAP_SETGID", "CAP_SETPCAP", "CAP_SETUID", "CAP_SYS_CHROOT" ], "AddCapabilities": [], "DropCapabilities": [], "History": [ { "created": "2019-05-11T00:07:03.358250803Z", "created_by": "/bin/sh -c #(nop) ADD file:a86aea1f3a7d68f6ae03397b99ea77f2e9ee901c5c59e59f76f93adbb4035913 in / " }, { "created": "2019-05-11T00:07:03.510395965Z", "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\"]", "empty_layer": true }, { "created": "2019-06-08T21:36:10.43627022Z" } ] } ```