# Infrastructure
# Docker
Check why Docker service does not start:
systemctl status docker.service
dockerd
Remove untaged/intermediate images generated by builds:
docker rmi $(docker images | grep "<none>" | awk '{print $3}')
Follow-up logs while running a container:
docker logs container_name -f --tail 100
Get detailed healthcheck status for a running container:
docker inspect -f '{{json .State.Health.Status}}' container_name
Find the location of the log file of a container:
docker inspect --format='{{.LogPath}}' container_name
Find the location of a named volume of a container:
docker volume inspect volume_name
Export the logs with errors in a file:
docker logs aktnmap > aktnmap.log 2>&1
Quick container fix:
// Perform configuration changes inside the container then exit
docker exec -it container_name bash
// Or copy configuration files to host then back to container
docker cp container_name:/conf/config_file .
// Edit config file
docker cp config_file container_name:/conf
docker commit container_name repository:tag
docker-compose down ...
docker-compose up ...
Check why a swarm service did not start (empty logs, no replica):
docker service ps --no-trunc {serviceName}
To access host in Docker Desktop Edition on Windows (opens new window) or Mac (opens new window) use the special DNS name host.docker.internal
.
# Traefik
Extract access logs for a given date time: cat access.log | grep "10/Mar/2020:02" > access-10-03-2020-03.log
Check access logs for a given HTTP error code: cat access.log | grep "1.0\" 404"
or cat access.log | grep "2.0\" 404"
Gzip access logs: gzip -c access.log > access.log.gz
# Scaleway
A step-by-step configuration (opens new window) of a new server with Docker and a single logical volume.
# Networking
List all running ssh sessions: netstat -tnpa | grep 'ESTABLISHED.*sshd'
List all ssh session attempts: cat /var/log/auth.log
# Development domains
Some development tasks like OAuth2 authentication have strict security concerns so that you cannot use localhost
, non-standard ports or need to enforce HTTPS in all URLs. Here is how to setup a "fake" domain on your host.
Let's say we have our app running on localhost:8080
in HTTP or localhost:8083
in HTTPS. First, edit the hosts
file (/etc/hosts under Linux or C:\Windows\System32\drivers\etc\hosts under Windows) and add this line to redirect the domain to local host:
127.0.0.1 test.airbusoidc.com
Then, since the hosts
file does not allow to manage port redirections we need to do so using the operating system network tools.
# Windows
To see what is currently running:
netstat -a -n -p TCP | grep "LISTENING"
To add port redirection for HTTP:
netsh interface portproxy add v4tov4 listenport=80 listenaddress=127.0.0.1 connectport=8080 connectaddress=127.0.0.1
To add port redirection for HTTPS:
netsh interface portproxy add v4tov4 listenport=443 listenaddress=127.0.0.1 connectport=8083 connectaddress=127.0.0.1
To see running proxied port:
netsh interface portproxy show v4tov4
To see remove proxied port:
netsh interface portproxy delete v4tov4 listenport=80 listenaddress=127.0.0.1
# Linux
First enable port redirection:
echo "1" > /proc/sys/net/ipv4/ip_forward
Then add port redirect:
iptables -t nat -A PREROUTING -s 127.0.0.1 -p tcp --dport 80 -j REDIRECT --to 8080`
iptables -t nat -A OUTPUT -s 127.0.0.1 -p tcp --dport 80 -j REDIRECT --to 8080`
To remove simply replace in the previous command the -D
switch instead of the -A
switch.