vsupalov
BUILDING DOCKER IMAGES

Find Out What Files A Command Changes With Docker

TAGS: DOCKER BUILD, DOCKER TRICKS

So, what did this command just do?

Have you always wondered what files change on disk when you update your OS package information? Would you like to know what files were added after you installed a particular package or ran a script?

Docker can help you to be nosy about what files changed due to a particular command you ran.

Two Approaches

You can go about it in two ways. One is less permanent, the other involves building an image layer for the command you’re curious about.

Let’s start with the simple method.

Container File System Changes

This one will work if the changes don’t happen in a mounted volume.

An example will make the approach clear. First, we run a container. I’ll go with a plain Ubuntu image, not even tagged to a particular version. The --rm is to make sure the container is cleaned up once we’re done.

$ docker run --rm -it ubuntu

Inside the container bash session, we’ll excecute the commands we’re curious about. Today, I’d like to see what an apt-get update does.

# inside the container
$ apt-get update

Now, after the command finished, we’ll open another terminal outside the running container, and ask Docker what changed in the container file system using:

# to find the id of the running container
$ docker ps
# with the id from above
$ docker diff $THE_ID

The result looks as follows for me:

C /var
C /var/lib
C /var/lib/apt
C /var/lib/apt/lists
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-backports_InRelease
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-updates_multiverse_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic_restricted_binary-amd64_Packages.lz4
A /var/lib/apt/lists/auxfiles
A /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_multiverse_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-backports_universe_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-updates_InRelease
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-updates_restricted_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic_multiverse_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic_universe_binary-amd64_Packages.lz4
A /var/lib/apt/lists/lock
A /var/lib/apt/lists/partial
A /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_InRelease
A /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_main_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-backports_main_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-updates_main_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic-updates_universe_binary-amd64_Packages.lz4
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic_InRelease
A /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_bionic_main_binary-amd64_Packages.lz4
A /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_restricted_binary-amd64_Packages.lz4
A /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_bionic-security_universe_binary-amd64_Packages.lz4
C /var/cache
C /var/cache/apt
D /var/cache/apt/pkgcache.bin
D /var/cache/apt/srcpkgcache.bin

The letters in the beginning of each line indicate what happened to the particular file. C is for changed, D for deleted, A is for added. You can read more about the command in the docs.

Inspecting Docker Image Layer Changes

Another method to find out what a particular command did, is to make it part of a layer in a Docker image build.

Apart from writing a Dockerfile (or using an existing one), there’s a neat tool you can use - dive. It can help you to explore each layer of your Dockerfile (given, it’s still present in the final image), and find out even more than the above approach.

I think this approach, and dive in particular, deserve an own little article - stay tuned for it in the future!

In Conclusion

I hope you’ll find this approach useful, to quickly investigate file changes made by a command of your choice. It’s simple, the results are useful and it’s a neat way to use Docker for a slightly unusual purpose.

Get updates
You will get emails when I publish something new or have something useful to share about making profitable digital businesses less brittle, less founder-dependent and easier to run.

Expect practical notes on backups, safer deploys, infrastructure as code, observability, documentation and automation. Usually no more than one email per week. You can unsubscribe at any time.

Für den Versand unserer Newsletter nutzen wir rapidmail. Mit Ihrer Anmeldung stimmen Sie zu, dass die eingegebenen Daten an rapidmail übermittelt werden. Beachten Sie bitte auch die AGB und Datenschutzbestimmungen .

vsupalov.com

© 2024 vsupalov.com. All rights reserved.