如何在主机中查看容器内的真实进程?
[英]How can I see the real process inside the container in my host machine?
问题描述
I start a container in my Mac eg docker run -it ubuntu:latest /bin/bash
我在 Mac 中启动了一个容器,例如docker run -it ubuntu:latest /bin/bash
I can find the pid of /bin/bash from docker inspect but I can not find the real PID of the /bin/bash in my mac.我可以从 docker inspect 中找到/bin/bash的 pid 但我在我的 mac 中找不到/bin/bash的真实 PID。
To give another example:再举一个例子:
docker run -it ubuntu:latest /bin/bash
sleep 2000&
If I then do in the host machine ps -ef | grep sleep如果我再在主机上做ps -ef | grep sleep ps -ef | grep sleep I can not find the sleep process. ps -ef | grep sleep我找不到sleep进程。
I think that in Linux the processes are visible.我认为在 Linux 中进程是可见的。 How does it work on Macs?它如何在 Mac 上运行?
2 个解决方案
解决方案1
2 2018-11-10 23:03:37
I would say you don't.我会说你没有。 At least not with ps -ef | grep sleep至少不是ps -ef | grep sleep ps -ef | grep sleep from the host machine.从主机ps -ef | grep sleep 。
This might work:这可能有效:
docker run -it --rm --name coolname ubuntu:latest /bin/bash
sleep 2000&
host machine:主机:
docker exec -it coolname ps -ef | grep sleep
on a Mac you can go a step deeper as docker "native" is actually a minimal linux distro.在 Mac 上,您可以更深入,因为 docker“本机”实际上是一个最小的 linux 发行版。 That image is the actual "shared resource".该图像是实际的“共享资源”。 You can get into that image with a command like screen您可以使用screen类的命令进入该图像
screen ~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/tty
now if you do the following in a terminal:现在,如果您在终端中执行以下操作:
docker run -it alpine /bin/sh
sleep 424242&
log in to the native image as described above.如上所述登录到本机映像。 You will see the sleep command something like this will be the result:你会看到 sleep 命令的结果是这样的:
linuxkit-025000000001:~# ps -ef|grep sleep
3190 root 0:00 sleep 424242
3193 root 0:00 grep sleep
so it is actually possible to see the shared resource.所以实际上可以看到共享资源。 So it should also work on Linux but then it might be fully native.所以它也应该在 Linux 上工作,但它可能是完全原生的。
How it works on windows I can't tell :-)我不知道它在 Windows 上是如何工作的 :-)
解决方案2
0 2020-09-05 10:14:47
You can see the child process within a docker container from Host Linux system if and only if you are running Linux container on Linux Host.当且仅当您在 Linux 主机上运行 Linux 容器时,您才能从 Host Linux 系统看到 docker 容器中的子进程。 No other host will support the child process of container to be visible.没有其他主机将支持容器的子进程可见。
Therefore, considering that you are running a Linux container on Linux then underlying Docker technology directly use linux kernel without creating any virtualized layer.因此,考虑到您是在 Linux 上运行 Linux 容器,那么底层 Docker 技术直接使用 linux 内核,无需创建任何虚拟化层。 Hence, you will be able to see the child process along with Parent Docker process if you run **top ** command from host.因此,如果您从主机运行 **top ** 命令,您将能够看到子进程以及父 Docker 进程。
But, this is not true for Mac or Windows system.Docker technology on these two OS as host operating system is different than Linux.但是,这对于 Mac 或 Windows 系统来说并非如此。这两个 OS 作为主机操作系统上的 Docker 技术与 Linux 不同。 On these platforms, Docker engine/machine creates a separate virtualize layer as Guest Operating system which prevents to listing child process under Docker container.在这些平台上,Docker 引擎/机器创建了一个单独的虚拟化层作为来宾操作系统,以防止在 Docker 容器下列出子进程。
Nevertheless, we always get into the docker by using docker exec command like @Ivonet tried to answer.尽管如此,我们总是通过使用 docker exec 命令进入 docker,就像@Ivonet 试图回答的那样。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.