Skip to content

A tool to convert docker inspect to the opencontainers runc spec.

License

Notifications You must be signed in to change notification settings

genuinetools/riddler

Repository files navigation

riddler

make-all make-image GoDoc Github All Releases

A tool to convert docker inspect to the opencontainers/specs and opencontainers/runc.

Table of Contents

NOTE

This project is no longer maintained. If you are using a version of docker greater than 1.11 then you can just copy the config from /var/run/docker/libcontainerd like so:

$ docker ps -a
CONTAINER ID    CREATED             STATUS              PORTS               NAMES
d4da95779a3c    3 minutes ago       Up 3 minutes        80/tcp              modest_meitner

$ sudo tree /var/run/docker/libcontainerd -L 1
/var/run/docker/libcontainerd
├── containerd
├── d4da95779a3c287b28b421194f04374b6330e6ff10f5ca1a99d03828d84f1635
├── docker-containerd.pid
├── docker-containerd.sock
└── event.ts

$ sudo tree /var/run/docker/libcontainerd/d4da95779a3c.../
/var/run/docker/libcontainerd/d4da95779a3c.../
├── config.json
├── init-stderr
├── init-stdin
└── init-stdout

$ sudo file /var/run/docker/libcontainerd/d4da95779a3c.../config.json
/var/run/docker/libcontainerd/d4da95779a3c.../config.json: ASCII text, with very long lines

Installation

Binaries

For installation instructions from binaries please visit the Releases Page.

Via Go

$ go get github.com/genuinetools/riddler

Usage

$ riddler -h
riddler -  A tool to convert docker inspect to the opencontainers runc spec.

Usage: riddler <command>

Flags:

  --host       Docker Daemon socket(s) to connect to (default: unix:///var/run/docker.sock)
  --idlen      Length of UID/GID ID space ranges for user namespaces (default: 0)
  --idroot     Root UID/GID for user namespaces (default: 0)
  --bundle     Path to the root of the bundle directory (default: <none>)
  -d           enable debug logging (default: false)
  -f, --force  force overwrite existing files (default: false)
  --hook       Hooks to prefill into spec file. (ex. --hook prestart:netns) (default: [])

Commands:

  version  Show the version information.

Installation

For seccomp and apparmor support you will need:

  • sys/apparmor.h
  • seccomp.h

OR to compile without those run:

$ make build BUILDTAGS=""

example

# just pass the container name or id on run

$ riddler chrome
config.json has been saved.

TODO

  • fixup various todos (mostly runtime config parsing)
  • add more unit tests for each field