Docker


Horrible Solution: How to delete all docker logs

Recently, we needed to delete the logs of a running docker setup. To do so, we used the following horrible solution:

First, we executed docker system info | grep "Docker Root Dir";to get the installation path of docker. It resulted to the following:

Docker Root Dir: /var/lib/docker

Then, we truncated all log files using the following command while executing as root:

truncate -s 0 /var/lib/docker/containers/*/*-json.log;

Bonus

To make the command a onliner, use the following:

sudo sh -c 'truncate -s 0 $(docker system info | grep "Docker Root Dir" | cut -d ":" -f2 | cut -d " " -f2-)/containers/*/*-json.log';


Notes on how to connect from an external machine to a docker database in Google Compute Engine

A) Create a firewall rule in your VPC Network that allows you to connect to your database from outside the network: https://console.cloud.google.com/networking/firewalls/list

B) From your remote machine repair your database using mysqlcheck.

On Fedora you can install it by installing the MariaDB package as follows:

sudo dnf install mariadb -y;

The following command will automatically repair all databases and tables in that instance of MySQL, where of course the user has access:

mysqlcheck --host 45.37.15.225 --port 33061 --user admin --all-databases --auto-repair --password;

C) Edit the new firewall rule and either disable it or delete it for security.


How to update all pulled Docker images that are tagged as latest

Recently, we moved a client to Docker and we needed to give them a way to automagically update all “latest” Docker images.
Since Docker does not have a single command to update all pulled images we used this one-liner to update all images at once:

docker images --format "{{.Repository}}:{{.Tag}}" | grep ':latest' | xargs -L1 docker pull;

The above command will:

  1. Print all images in the format RepositoryName:Tag
  2. Then it will filter all lines that end with the suffix :latest (which is the tag we are interested in)
  3. Finally, for each result (which is one per line) it will be fed  via the command xargs -L1 to the command docker pull

Please note that you cannot really update an existing container using docker commands, what you need to do is actually:

  1. Stop the container whose image was updated
  2. Delete it
  3. Recreate it using the parameters of the previous container

As you understand, it is a good practice to save all of your data in volumes outside the container to make the update process easy.

For example, below you will find the commands using which we updated the jwilder/nginx-proxy and the jrcs/letsencrypt-nginx-proxy-companion images along with the two containers that were using them:

docker container stop nginx-proxy nginx-letsencrypt;
docker container rm nginx-proxy nginx-letsencrypt;
docker run -d -p 443:443 \
     --name nginx-proxy \
     --net reverse-proxy \
     -v $HOME/certs:/etc/nginx/certs:ro \
     -v /etc/nginx/vhost.d \
     -v /usr/share/nginx/html \
     -v /var/run/docker.sock:/tmp/docker.sock:ro \
     -v $HOME/my_proxy.conf:/etc/nginx/conf.d/my_proxy.conf:ro \
     --label com.github.jrcs.letsencrypt_nginx_proxy_companion.nginx_proxy=true \
     jwilder/nginx-proxy:latest;

docker run -d \
     --name nginx-letsencrypt \
     --net reverse-proxy \
     --volumes-from nginx-proxy \
     -v $HOME/certs:/etc/nginx/certs:rw \
     -v /var/run/docker.sock:/var/run/docker.sock:ro \
     jrcs/letsencrypt-nginx-proxy-companion:latest;