The beauty of docker is that everybody can use it, specially developers. But in my all those senior developers said "We are familiar with docker". Even a PM mentioned he was familiar with Kubernetes! :| So I asked myself what is the difference between me (as an SRE) with developers using docker. This is a tiny sample of the answer.
NOTICE
This tutorial is for
having fun
learning purposes
do not use it on production.
What is wrong with installing X in my container?
When we need a text editor inside our container, the first idea (or a question) comes in to mind is why this container does not have vim? And then ohhh I have to install it.
So if we add vim to a container, we added a file which we do not need it so often. and we increased the size of that container just because of an edit per a week or month! And I do not go further with security issues.
So not just vim, we should not treat a container like a VM and exec to it and install some apps. if you are a developer that is OK but if you are an SRE THAT IS NOT OK!
The developers way
Just running docker container exec -it [name|ID] shell-to-login and then depending on the OS type using apt install or yum install or etc. Doing whatever we needed, exiting the container; while it is running we have it, after removing it, it is gone (vim is gone)
The next time? again ... exec ... in that container ... install ... it and after a while it is gone!
The SREs way
Finding the vim executable path
which vim
/usr/bin/vim
Check it it is executable or no a symbolic link, we should fine the main executable file
file `which vim`
/usr/bin/vim: symbolic link to /etc/alternatives/vim
# one more time
file /etc/alternatives/vim
/etc/alternatives/vim: symbolic link to /usr/bin/vim.basic
# one more time
file /usr/bin/vim.basic
/usr/bin/vim.basic: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0, BuildID[sha1]=212ed02d8d1e7d300881fea8b903e0dc9abdd353, stripped
Okay, we found executable file at /usr/bin/
Finding dynamic libraries for vim using ldd command
# vim shared files
/usr/share/vim
# vim config directory
/home/$USER/.vim
So we have 5 paths to be mounted in to our container to have access to vim inside the container without installing it. YES we use our host's vim and its dependencies.
Running nginx:alpine which does not have vim by default
If you do not have nginx:alpine you can use docker/getting-started container instead.
