If the value is still passed as an environment variable in the end, it can be read via /proc/:pid/environ
from another container or from the host if they are both using the same UID (or has --cap-add SYS_PTRACE
)
Thanks, good to know! I had no idea about the tags. Looks like there's a lot more variables available.
I just reread the docs on the log drivers - they mentioned that as of docker 20.x local logs now work with all drivers as it buffers the logs locally as well. I think this is probably why I hadn't explored the other drivers before - couldn't use docker-compose logs.
The biggest footgun I encounter every time I set up a raspberry pi or other linux host for a side project is forgetting that Docker doesn't do log rotation for containers' logs by default, which results in the service going down and seeing a sweat inducing ENOSPC error when you ssh in to check it out.
You can configure this by creating /etc/docker/daemon.json
and either setting up log rotation with log-opts
or using the local
logging driver (it defaults to json
) if you're not shipping container logs anywhere and just read the logs locally. The local
driver compresses the logs and automatically does log rotation:
{
"log-driver": "local",
"log-opts": {
"max-size": "10m",
"max-file": "3"
}
}