docker container inspect on a "task" container should show configs/secrets #36441
Labels
area/swarm
kind/enhancement
Enhancements are not bugs or new features but can improve usability or performance.
platform/arm
Comments
thaJeztah
added
kind/enhancement
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
When inspecting a container, no information can be found about secrets or configs that are used by the container.
Steps to reproduce the issue:
Create a service using a secret and a config:
Inspect the service:
[ { "ID": "ib7yble4rm5qbz3ijmk83cxeh", "Version": { "Index": 776 }, "CreatedAt": "2018-02-28T09:42:57.612406537Z", "UpdatedAt": "2018-02-28T09:42:57.612406537Z", "Spec": { "Name": "myservice", "Labels": {}, "TaskTemplate": { "ContainerSpec": { "Image": "nginx:alpine@sha256:48947591194ac5a9dce1e110f9198a547debb21630f121081640b87d99ca8b11", "StopGracePeriod": 10000000000, "DNSConfig": {}, "Secrets": [ { "File": { "Name": "/secret.conf", "UID": "234", "GID": "567", "Mode": 292 }, "SecretID": "yv9vtn86nugxsbshu1ccumlod", "SecretName": "secret.conf" } ], "Configs": [ { "File": { "Name": "/foo.conf", "UID": "123", "GID": "456", "Mode": 292 }, "ConfigID": "j915gbt419wv9022nr2w8pqdh", "ConfigName": "foo.conf" } ], "Isolation": "default" }, "Resources": { "Limits": {}, "Reservations": {} }, "RestartPolicy": { "Condition": "any", "Delay": 5000000000, "MaxAttempts": 0 }, "Placement": { "Platforms": [ { "Architecture": "amd64", "OS": "linux" }, { "Architecture": "arm64", "OS": "linux" }, { "Architecture": "386", "OS": "linux" }, { "Architecture": "ppc64le", "OS": "linux" }, { "Architecture": "s390x", "OS": "linux" } ] }, "ForceUpdate": 0, "Runtime": "container" }, "Mode": { "Replicated": { "Replicas": 1 } }, "UpdateConfig": { "Parallelism": 1, "FailureAction": "pause", "Monitor": 5000000000, "MaxFailureRatio": 0, "Order": "stop-first" }, "RollbackConfig": { "Parallelism": 1, "FailureAction": "pause", "Monitor": 5000000000, "MaxFailureRatio": 0, "Order": "stop-first" }, "EndpointSpec": { "Mode": "vip" } }, "Endpoint": { "Spec": {} } } ]Inspect a task for the service:
[ { "ID": "n94nynzgc3m5w7vowovraow1w", "Version": { "Index": 782 }, "CreatedAt": "2018-02-28T09:42:57.614135729Z", "UpdatedAt": "2018-02-28T09:42:58.266882287Z", "Labels": {}, "Spec": { "ContainerSpec": { "Image": "nginx:alpine@sha256:48947591194ac5a9dce1e110f9198a547debb21630f121081640b87d99ca8b11", "DNSConfig": {}, "Secrets": [ { "File": { "Name": "/secret.conf", "UID": "234", "GID": "567", "Mode": 292 }, "SecretID": "yv9vtn86nugxsbshu1ccumlod", "SecretName": "secret.conf" } ], "Configs": [ { "File": { "Name": "/foo.conf", "UID": "123", "GID": "456", "Mode": 292 }, "ConfigID": "j915gbt419wv9022nr2w8pqdh", "ConfigName": "foo.conf" } ], "Isolation": "default" }, "Resources": { "Limits": {}, "Reservations": {} }, "Placement": { "Platforms": [ { "Architecture": "amd64", "OS": "linux" }, { "Architecture": "arm64", "OS": "linux" }, { "Architecture": "386", "OS": "linux" }, { "Architecture": "ppc64le", "OS": "linux" }, { "Architecture": "s390x", "OS": "linux" } ] }, "ForceUpdate": 0 }, "ServiceID": "ib7yble4rm5qbz3ijmk83cxeh", "Slot": 1, "NodeID": "oifk2p0hd4tvlb62uf76womx0", "Status": { "Timestamp": "2018-02-28T09:42:58.210561074Z", "State": "running", "Message": "started", "ContainerStatus": { "ContainerID": "f01771ae88eff92a8fbb8caaa2b29f2cbb81d6e415a42644789a9970f60ec290", "PID": 20669 }, "PortStatus": {} }, "DesiredState": "running" } ]Notice that information about secrets and configs is present in both
Inspect a container for the service:
[ { "Id": "f01771ae88eff92a8fbb8caaa2b29f2cbb81d6e415a42644789a9970f60ec290", "Created": "2018-02-28T09:42:57.777199629Z", "Path": "nginx", "Args": [ "-g", "daemon off;" ], "State": { "Status": "running", "Running": true, "Paused": false, "Restarting": false, "OOMKilled": false, "Dead": false, "Pid": 20669, "ExitCode": 0, "Error": "", "StartedAt": "2018-02-28T09:42:58.198336062Z", "FinishedAt": "0001-01-01T00:00:00Z" }, "Image": "sha256:537527661905acfd8c6954bbfcfc9b5fe3120e8af34949f68c972f6589635f3c", "ResolvConfPath": "/var/lib/docker/containers/f01771ae88eff92a8fbb8caaa2b29f2cbb81d6e415a42644789a9970f60ec290/resolv.conf", "HostnamePath": "/var/lib/docker/containers/f01771ae88eff92a8fbb8caaa2b29f2cbb81d6e415a42644789a9970f60ec290/hostname", "HostsPath": "/var/lib/docker/containers/f01771ae88eff92a8fbb8caaa2b29f2cbb81d6e415a42644789a9970f60ec290/hosts", "LogPath": "/var/lib/docker/containers/f01771ae88eff92a8fbb8caaa2b29f2cbb81d6e415a42644789a9970f60ec290/f01771ae88eff92a8fbb8caaa2b29f2cbb81d6e415a42644789a9970f60ec290-json.log", "Name": "/myservice.1.n94nynzgc3m5w7vowovraow1w", "RestartCount": 0, "Driver": "overlay2", "Platform": "linux", "MountLabel": "", "ProcessLabel": "", "AppArmorProfile": "", "ExecIDs": null, "HostConfig": { "Binds": null, "ContainerIDFile": "", "LogConfig": { "Type": "json-file", "Config": {} }, "NetworkMode": "default", "PortBindings": {}, "RestartPolicy": { "Name": "", "MaximumRetryCount": 0 }, "AutoRemove": false, "VolumeDriver": "", "VolumesFrom": null, "CapAdd": null, "CapDrop": null, "Dns": null, "DnsOptions": null, "DnsSearch": null, "ExtraHosts": null, "GroupAdd": null, "IpcMode": "shareable", "Cgroup": "", "Links": null, "OomScoreAdj": 0, "PidMode": "", "Privileged": false, "PublishAllPorts": false, "ReadonlyRootfs": false, "SecurityOpt": null, "UTSMode": "", "UsernsMode": "", "ShmSize": 67108864, "Runtime": "runc", "ConsoleSize": [ 0, 0 ], "Isolation": "default", "CpuShares": 0, "Memory": 0, "NanoCpus": 0, "CgroupParent": "", "BlkioWeight": 0, "BlkioWeightDevice": null, "BlkioDeviceReadBps": null, "BlkioDeviceWriteBps": null, "BlkioDeviceReadIOps": null, "BlkioDeviceWriteIOps": null, "CpuPeriod": 0, "CpuQuota": 0, "CpuRealtimePeriod": 0, "CpuRealtimeRuntime": 0, "CpusetCpus": "", "CpusetMems": "", "Devices": null, "DeviceCgroupRules": null, "DiskQuota": 0, "KernelMemory": 0, "MemoryReservation": 0, "MemorySwap": 0, "MemorySwappiness": null, "OomKillDisable": false, "PidsLimit": 0, "Ulimits": null, "CpuCount": 0, "CpuPercent": 0, "IOMaximumIOps": 0, "IOMaximumBandwidth": 0 }, "GraphDriver": { "Data": { "LowerDir": "/var/lib/docker/overlay2/1adb6374d069331d8caa841d7fdf39a9e9f409633f7f3638e1bd8d1e9834bc0a-init/diff:/var/lib/docker/overlay2/426e6d9f256ab4cfcd4848c23df7b052b186926e1b45e69fe51fb54afe0529a4/diff:/var/lib/docker/overlay2/1a5442cb9ee0585a91f59d516d5d0d35a00c8b6bc020e2deb58abdc3c80666b0/diff:/var/lib/docker/overlay2/300bcce9d665ada94b27c8c0c673a5030a3a8415b423efb84d6a10aefe45098b/diff:/var/lib/docker/overlay2/094e25b69031f5b7a9d727823d7e2d55207a5a466023f101f70cc8622173c9e4/diff", "MergedDir": "/var/lib/docker/overlay2/1adb6374d069331d8caa841d7fdf39a9e9f409633f7f3638e1bd8d1e9834bc0a/merged", "UpperDir": "/var/lib/docker/overlay2/1adb6374d069331d8caa841d7fdf39a9e9f409633f7f3638e1bd8d1e9834bc0a/diff", "WorkDir": "/var/lib/docker/overlay2/1adb6374d069331d8caa841d7fdf39a9e9f409633f7f3638e1bd8d1e9834bc0a/work" }, "Name": "overlay2" }, "Mounts": [], "Config": { "Hostname": "f01771ae88ef", "Domainname": "", "User": "", "AttachStdin": false, "AttachStdout": false, "AttachStderr": false, "ExposedPorts": { "80/tcp": {} }, "Tty": false, "OpenStdin": false, "StdinOnce": false, "Env": [ "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", "NGINX_VERSION=1.13.9" ], "Cmd": [ "nginx", "-g", "daemon off;" ], "ArgsEscaped": true, "Image": "nginx:alpine@sha256:48947591194ac5a9dce1e110f9198a547debb21630f121081640b87d99ca8b11", "Volumes": null, "WorkingDir": "", "Entrypoint": null, "OnBuild": null, "Labels": { "com.docker.swarm.node.id": "oifk2p0hd4tvlb62uf76womx0", "com.docker.swarm.service.id": "ib7yble4rm5qbz3ijmk83cxeh", "com.docker.swarm.service.name": "myservice", "com.docker.swarm.task": "", "com.docker.swarm.task.id": "n94nynzgc3m5w7vowovraow1w", "com.docker.swarm.task.name": "myservice.1.n94nynzgc3m5w7vowovraow1w", "maintainer": "NGINX Docker Maintainers <docker-maint@nginx.com>" }, "StopSignal": "SIGTERM" }, "NetworkSettings": { "Bridge": "", "SandboxID": "11b90ebf9e0718a5719d9a7edac605f3391c91f4f8a1bb9a37aa1af4efd6db98", "HairpinMode": false, "LinkLocalIPv6Address": "", "LinkLocalIPv6PrefixLen": 0, "Ports": { "80/tcp": null }, "SandboxKey": "/var/run/docker/netns/11b90ebf9e07", "SecondaryIPAddresses": null, "SecondaryIPv6Addresses": null, "EndpointID": "7e5b51ec1d41fe402b96b0902fee875c8dbbec68ff5d0b4b7e606d516185e9a5", "Gateway": "172.17.0.1", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "IPAddress": "172.17.0.9", "IPPrefixLen": 16, "IPv6Gateway": "", "MacAddress": "02:42:ac:11:00:09", "Networks": { "bridge": { "IPAMConfig": null, "Links": null, "Aliases": null, "NetworkID": "51b49f47f62e1fe796a2eb616085efe41c84551d036f4983c23e4f578a4af234", "EndpointID": "7e5b51ec1d41fe402b96b0902fee875c8dbbec68ff5d0b4b7e606d516185e9a5", "Gateway": "172.17.0.1", "IPAddress": "172.17.0.9", "IPPrefixLen": 16, "IPv6Gateway": "", "GlobalIPv6Address": "", "GlobalIPv6PrefixLen": 0, "MacAddress": "02:42:ac:11:00:09", "DriverOpts": null } } } } ]Notice that no information about either secrets or configs can be found in the output
Describe the results you received:
No information about secrets or configs in the output
Describe the results you expected:
Secrets and Configs being shown in (e.g.) the
MountspropertyOutput of
docker version:Output of
docker info:not relevant for this issue
The text was updated successfully, but these errors were encountered: