Where is /var/lib/docker on Mac/OS X - macos

I´m looking for the folder /var/lib/docker on my Mac after installing docker for Mac.
With docker info I get
Containers: 5
...
Server Version: 1.12.0-rc4
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 339
Dirperm1 Supported: true
...
Name: moby
ID: LUOU:5UHI:JFNI:OQFT:BLKR:YJIC:HHE5:W4LP:YHVP:TT3V:4CB2:6TUS
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
....
But I don´t have a directory /var/lib/docker on my host.
I have checked /Users/myuser/Library/Containers/com.docker.docker/ but couldn´t find anything there. Any idea where it is located?

As mentioned in the above answers, you will find it in:
screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
Once you get the tty running you can navigate to /var/lib/docker

As of 2021 is the dance going, Mac Users get easily to the VM with the documented methods, and hence to the volumes.
There's a way Rocky Chen found to get inside the VM in Mac. With this you can actually inspect the famous /var/lib/docker/volumes.
docker run -it --privileged --pid=host debian nsenter -t 1 -m -u -n -i sh
Let examine the method:
-it goes for Keep STDIN open even if not attached + Allocate pseudo-TTY
--privileged "gives all capabilities to the container. Allows special cases like running docker" .
--pid defines to use the host VM namespace.
debian the actual image to use.
nsenter a debian's tool to run programs in different namespaces
-t is the target PID
-m mount the provided PID namespace.
-u enter the Unix Time Sharing (UTS) namespace.
-n enter the provided PID network namespace.
-i enter the provided PID IPC namespace.
Once run, go to /var/lib/docker/volumes/and you'll find your volumes.
The next question to address for me is:
How to take those volumes and back them up in the host?
I appreciate ideas in the comments!
UPDATE FOR VSCODE USERS
If you downloaded the Official Docker extension, sun will shine for you.
Just inspect the volumes in Visual Studio Code. Right-click the files you want to have in your local, and download them. That easy!
2nd UPDATE
As of July 2021, Docker Desktop for Mac is announcing we will be able to access volumes directly from the GUI, but only for Pro and Team accounts.

The other answers here are outdated if you're using Docker for Mac.
Here's how I was able to get into the VM. Run the command:
screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
This is the default path, but you may need to first do:
cd ~/Library/Containers/com.docker.docker/Data/vms
and then ls to see which directory your VM is in and replace the "0" accordingly.
When you're in, you might just see a blank screen. Hit your "Enter" key.
This page explains that to exit from the VM you need to "Ctrl-a" then "d"

See this answer
When using Docker for Mac Application, it appears that the containers are stored within the VM located at:
~/Library/Containers/com.docker.docker/Data/com.docker.driver.amd64-linux/Docker.qcow2

Just as #Dmitriy said:
screen ~/Library/Containers/com.docker.docker/Data/vms/0/tty
and can use ctrl a + d to detach the screen
and use screen -dr to re-attach the screen again(since if you simply attach screen again, the terminal text will be garbled.)
Reference
or if you want to exit, use ctrl + a + k,then choose y to kill the screen.

some what of a zombie thread but as I just found it here is another solution that doesn't need screen nor messes up shell etc.
The path listed from a docker volume inspect <vol_name>
returns the path for the container, something like:
"Mountpoint": "/var/lib/docker/volumes/coap_service_db_data/_data"
the _data component being the last component of the path you setup in the volumes: section of the service using a given volume eg:
volumes:
- db_data:/var/lib/postgresql/data , obvs your mileage will vary.
To get there on the mac the easiest method I have found is to actually start a small container running and mount the root of the host to the /docker directory in the image, this gives you access to the volumes used on the host.
docker run --rm -it -v /:/docker alpine:edge
from this point you can cd to the volume
cd /var/lib/docker/volumes/coap_service_db_data/_data

I think the new version of docker (my version is 20.10.5) uses socket instead of TTY to communicate with the virtual machine so you can use the nc command instead of the screen command.
nc -U ~/Library/Containers/com.docker.docker/Data/debug-shell.sock

Looks like the new version of docker for Mac has moved this to a UI element which you can see here. Clicking on that button which says CLI will launch a terminal which you can use to browse the docker file system.

Run:
docker run -it --privileged --pid=host debian nsenter -t 1 -a bash
ls /var/lib/docker

For MacOS I use the following steps:
login into docker virtual-machine (on MacOS docker can be run only inside virtual machine, in my case I have VirtualBox tool with docker VM): docker-machine ssh
as soon as I logged-in I need to switch to super user from docker user: sudo -i
now I'm able to check /var/lib/docker directory

I would say that the file:
/var/run/docker.sock
Is actually at:
/Volumes/{DISKNAME}/var/run/docker.sock
If you run this, it should prove it, as long as your running VirtualBox 5.2.8 or later and the share for /Volumes is setup to be auto-mounted and permanent AND you generated the default docker-machine while on that version of Virtualbox:
#!/bin/bash
docker run -d --restart unless-stopped -p 9000:9000 \
-v /var/run/docker.sock:/var/run/docker.sock portainer/portainer \
--no-auth
Then, access Portainer at: 192.168.99.100:9000 or localhost:9000

This path comes from Docker Host (not from MacOS)
before "Docker for Mac Application" times, where there was a VirtualBox VM "default" and inside this VM, the mentioned path exists (for sure), now in "Docker for Mac Application" times there is a Docker.qcow2 image, which is qemu base vm.
To jump inside this VM #mik-jagger way is ok (but there are few more)

Docker logs are not in /var/lib/docker on MacOS.
MacOs users can find the docker logs on this path;
/Users/Barrack.Kenya/Library/Containers/com.docker.docker/Data/log/host
job_name: docker
static_configs:
targets:
docker
labels:
job: dockerlogs
path: (Please put the path)
pipeline_stages:
docker: {}

Related

Docker: "Cannot access '/var/lib/docker/containers': No such file or directory" error [duplicate]

I'm using Windows 10 with native docker installation.
I'm looking for the location where docker save the containers logs.
In Linux, the Docker containers log files are in this location:
/var/lib/docker/containers/container-id/container-id-json.log
But where can I find it in windows 10 ?
For Windows 10 + WSL 2 (Ubuntu 20.04), Docker version 20.10.2, build 2291f61
Lets DOCKER_ARTIFACTS == \\wsl$\docker-desktop-data\version-pack-data\community\docker
Container logs can be found in the following location
DOCKER_ARTIFACTS\containers\[Your_container_ID]\[Your_container_ID]-json.log
Here is an example :
Check first if those logs are in (as suggested here):
C:\ProgramData\docker\containers\[container_ID]\[container_ID]-json.log
The Docker C:\ProgramData\docker is the Root Dir reported by docker info.
Regarding Docker Linux through Hyper-v, check if "How to Delete Docker Container Log Files (Windows or Linux) " can help (from Jon Gallant):
Run docker inspect to find your Docker log file location
Find the “Docker Root Dir” Value, mine is /var/lib/docker
Your docker log file path should be /var/lib/docker, but if it isn’t, then change it in the command below.
find /var/lib/docker/containers/ -type f -name "*.log"
The command you see in this image is based on "How to SSH into the Docker VM (MobyLinuxVM) on Windows"
We aren’t technically going to SSH into the VM, we’ll create a container that has full root access and then access the file system from there.
Get container with access to Docker Daemon
Run container with full root access
Switch to host file system
Open a Command prompt and execute the following:
docker run --privileged -it -v /var/run/docker.sock:/var/run/docker.sock jongallant/ubuntu-docker-client
docker run --net=host --ipc=host --uts=host --pid=host -it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
chroot /host
Execute the find command there, and you should find the logs.
For Windows 10 + Docker Desktop version 3.6.0, the virtual path for logs and data (artifacts) is \\wsl$\docker-desktop-data\version-pack-data\community\docker (you can copy/paste it in Explorer navigation bar).
The logs are at \\wsl$\docker-desktop-data\version-pack-data\community\docker\containers\[containerID]\[containerID]-json.logs
and the data is under \\wsl$\docker-desktop-data\version-pack-data\community\docker\volumes\[volumeID]\_data
How to get containerID:
You can find container ID (truncated) by running docker ps in a command prompt. You can also find it by clicking the CLI button on DockerDesktop next to the container name, the id will be in the title of the cmd window that will pop up.
Once you have the id, you can navigate to containers\[containerID] under the artifacts directory (\\wsl$\docker-... above). The log file will have the .log extension and its name will have the containerID in it. Keep in mind that it will be an enriched json format though, so not easily readable.
How to get volumeID:
To find a container's data (for example kafka broker topics), you need to find the id of the volumes where the data is stored. For that you will need to click on the container in DockerDesktop, then click INSPECT (top right). You can then scroll down to find Mounts configuration entries. Each mount will have a volumeID (different from containerID), and that volumeID will be part of a path similar to this one /var/lib/docker/volumes/71f7a5992c58fdcf229c3848acb014712f34fab380bc7c712cf5a0a632fe9110/_data. volumeID here being 71f7a5992c58fdcf229c3848acb014712f34fab380bc7c712cf5a0a632fe9110.
You can then take volumeID and navigate to volumes\[volumeID] under the artifacts directory (\\wsl$\docker-... above) where the data will be located.
For me, using Docker Desktop for Windows on version 4.9.1 (81317), Windows 10 21H2, WSL 2 mode, the containers' folders were at
\\wsl$\docker-desktop-data\data\docker\containers
Slightly different from the others.
For Windows Users who wants to delete all Docker log files on WSL 2.
The path to the docker container is correct thx to #craftsmannadeem
\\wsl$\docker-desktop-data\version-pack-data\community\docker\containers
Here a command to execute on Windows to delete all log files:
del /s \\wsl$\docker-desktop-data\version-pack-data\community\docker\containers\*-json.log
Bye bye Docker logs:
File was deleted - \\wsl$\docker-desktop-data\version-pack-data\community\docker\containers\2012efd0ccfb8aed6291dd9a3b7b5aef507b6af4fce5b85e9306f45980db9531\2012efd0ccfb8aed6291dd9a3b7b5aef507b6af4fce5b85e9306f45980db9531-json.log
File was deleted - \\wsl$\docker-desktop-data\version-pack-data\community\docker\containers\9e627f1fe8f3c3ab85c64f85f93942d1f077e9a6e2896b51df782b0c0c3777d1\9e627f1fe8f3c3ab85c64f85f93942d1f077e9a6e2896b51df782b0c0c3777d1-json.log
File was deleted - \\wsl$\docker-desktop-data\version-pack-data\community\docker\containers\6ea8f3cb354c199bc719701f8f1e75c333f81cd2f03dca0c7a626cbcbf9ed5a0\6ea8f3cb354c199bc719701f8f1e75c333f81cd2f03dca0c7a626cbcbf9ed5a0-json.log
...
For window system logs are located at C:\ProgramData\Docker\containers or %APPDATA%\Docker
For Linux system logs are located at /var/lib/docker/containers
I couldn't find where the logs were stored locally. (Good chance they aren't plain text any more. However, if you just need the output of the logs, you can run a command like this:
docker logs --details [container-name] > container-name.log
This will grab the logs for the container and write them to a log file in the current directory.
Note: The --details adds additional info to the logs like environment variables and the like, but is not required for the command to work.
If you use docker-compose with windows+wsl, In my case the log monitoring agent (also running as a container in docker) was not able to find the log files eventhough the path for logs was mounted as volume.
volumes:
- /var/run/docker.sock:/var/run/docker.sock
-/var/lib/docker:/var/lib/docker
The log monitoring agent could not find logs in
/var/lib/docker/containers/**/*.log
The problem in my case was, I was running docker-compose up command for the log monitoring agent from within wsl shell. When I ran it from windows powershell or cmd, the agent was able to find the logs in mounted path.

Is there a way to see container disk usage on Docker for Windows?

I'm curious if there's a way to see how much disk space a running Windows container is using in addition to the layers that are part of the container's image. Basically, how much the container "grew" since it was created.
In Linux (Or Linux containers running in a HyperV), this would be docker ps -s, however that command isn't implemented on Windows containers. I also tried docker system df -v but also, not implemented. Perhaps there's a hacky way by looking at a certain directly on disk or something?
I checked on Windows 10 1809 running non-HyperV (process isolation) containers, I'm pretty sure its the same for Windows Server containers.
The data seems to be kept in:
C:\ProgramData\Docker\windowsfilter\{ContainerId}
There's a direct reference to the folder in docker inspect {Id} under GraphDriver\Data\dir.
The folder contains file sandbox.vhdx which appears to be the "writable layer" of each container.
I wasn't able to open it and view the filesystem, but if I write some data inside the container I can force the file to grow:
docker exec <Id> powershell get-childitem c:\ -recurse `> c:\windows\temp\test.txt
The layer persists when the container is stopped/restarted, and the folder is removed when the container is rmed.
While researching I saw an open PR in moby to improve cleanup of this folder.
I'm using docker for windows (docker desktop 2.0.0.3) and docker ps -s is actually implemented.
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES SIZE
81acb264aa0f httpd "httpd-foreground" 6 minutes ago Up 6 minutes 80/tcp httpd 2B (virtual 132MB)
Docker for windows runs on a MobyLinuxVM. You can access the VM and the docker directories:
docker run --privileged -it -v /var/run/docker.sock:/var/run/docker.sock jongallant/ubuntu-docker-client
root#8b58d2fbe186:/# docker run --net=host --ipc=host --uts=host --pid=host –it --security-opt=seccomp=unconfined --privileged --rm -v /:/host alpine /bin/sh
root#8b58d2fbe186:/# chroot /host
Now you can access the docker folders in /var/lib/docker as on linux and check the sizes.

Docker Postgres with windows share

I migrated from Linux to Windows and tried to setup a postgres container with a mounted directory (copied from my Linux install) containing the database.
This does not work.
Windows mounts are always owned by root
Postgres does not run under root
How to get this unholy combination to work?
You don't provide much details so it is difficult to tell what actually went wrong. However there is a known issue with Postgres setup on Windows Docker using a windows mount for database data files. In that case, running docker logs will show something along the following lines
waiting for server to start....FATAL: data directory "/var/lib/postgresql/data" has wrong ownership
HINT: The server must be started by the user that owns the data directory.
stopped waiting
pg_ctl: could not start server
Unfortunately there is no way to overcome this issue so you cannot use Windows mount, see Postgres Data has wrong ownership. You may use docker volumes in order to make database data indipendent from docker postgres container, using the following commands
docker create -v /var/lib/postgresql/data --name PostgresData alpine
docker run -p 5432:5432 --name yourPostgres -e POSTGRES_PASSWORD=yourPassword -d --volumes-from PostgresData postgres
You may find a more thoroughful explanation at Setup Postgresql on Windows with Docker

docker deamon is not work in windows

I try to run docker in bash ubuntu on windows. But every time I get this message
"Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?". If i run it in powershell - it work. Can somebody help?
Connecting to the docker deamon requires some privilidges that you don't have when starting the bash terminal.
You can however use the docker command terminal which will allow you to interact with the docker deamon.
Found the solution on this post: https://blog.jayway.com/2017/04/19/running-docker-on-bash-on-windows/
Connect Docker on WSL to Docker on Windows
Running docker against an engine on a different machine is actually quite easy, as Docker can expose a TCP endpoint which the CLI can attach to.
This TCP endpoint is turned off by default; to activate it, right-click the Docker icon in your taskbar and choose Settings, and tick the box next to “Expose daemon on tcp://localhost:2375 without TLS”.
With that done, all we need to do is instruct the CLI under Bash to connect to the engine running under Windows instead of to the non-existing engine running under Bash, like this:
$ docker -H tcp://0.0.0.0:2375 images
REPOSITORY TAG IMAGE ID CREATED SIZE
There are two ways to make this permanent – either add an alias for the above command, or better yet, export an environment variable which instructs Docker where to find the host engine:
$ echo "export DOCKER_HOST='tcp://0.0.0.0:2375'" >> ~/.bashrc
$ source ~/.bashrc
Now, running docker commands from Bash works just like they’re supposed to.
$ docker run hello-world
Hello from Docker!This message shows that your installation appears to be working correctly.

Run postgres container with data volumes through docker-machine

I have an issue with running postgres container with set up volumes for data folder on my Mac OS machine.
I tried to run it such like this:
docker run \
--name my-postgres \
-e POSTGRES_USER=admin \
-e POSTGRES_PASSWORD=password \
-e POSTGRES_DB=some_db_dev \
-v $PG_LOCAL_DATA:/var/lib/postgresql/data \
-d postgres:9.5.1
Every time I got the following result in logs:
* Starting PostgreSQL
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.
The database cluster will be initialized with locale "en_US.utf8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".
Data page checksums are enabled.
fixing permissions on existing directory /var/lib/postgresql/data ... ok
initdb: could not create directory "/var/lib/postgresql/data/pg_xlog": Permission denied
initdb: removing contents of data directory "/var/lib/postgresql/data"
Versions of docker, docker-machine, virtualbox and boot2docker are:
docker-machine version 0.6.0, build e27fb87
Docker version 1.10.2, build c3959b1
VirtualBox Version 5.0.16 r105871
boot2docker 1.10.3
I saw many publications about this topic but the most of them are outdated. I had tried do the similar solution as for mysql but it did not help.
Maybe somebody can updated me: does some solution exist to run postgres container with data volumes through docker-machine?
Thanks!
If you are running docker-machine on a Mac, at this time, you cannot mount to a directory that is not part of your local user space (/Users/<user>/) without extra configuration.
This is because on the Mac, Docker makes a bind mount automatically with the home ~ directory. Remember that since Docker is being hosted in a VM that isn't your local Mac OS, any volume mounts are relative to the host VM - not your machine. That means by default, Docker cannot see your Mac's directories since it is being hosted on a separate VM from your Mac OS.
Mac OS => Linux Virtual Machine => Docker
^------------------^
Docker Can See VM
^-----------------X----------------^
Docker Can't See Here
If you open VirtualBox, you can create other mounts (i.e. shared folders) to your local machine to the host VM and then access them that way.
See this issue for specifics on the topic: https://github.com/docker/machine/issues/1826
I believe the Docker team is adding these capabilities in upcoming releases (especially since a native Mac version is in short works).
You should use docker named volumes instead of folders on your local file system.
Try creating a volume:
docker volume create my_vol
Then mount the data directory in your above command:
docker run \
--name my-postgres \
-e POSTGRES_USER=admin \
-e POSTGRES_PASSWORD=password \
-e POSTGRES_DB=some_db_dev \
-v my_vol:/var/lib/postgresql/data \
-d postgres:9.5.1
Checkout my blog post for a whole postgres, node ts docker setup for both dev and prod: https://yzia2000.github.io/blog/2021/01/15/docker-postgres-node.html
For more on docker volumes: https://docs.docker.com/storage/volumes/

Resources