Docker, YouTube and lots of badgers
At Microscaling we love Linux containers, metadata and badgers. We’re always looking for new ways to combine these three elements. Part of our love of badgers comes from a certain YouTube video from the early 2000s.
We think metadata will play a key role in managing containers at scale. However metadata can sometimes be a dry topic. Cataloging your Docker images isn’t as sexy as security or auto scaling. So we created this badgerbadgerbadger image to show how containers can use their own metadata.
Run the command below to start the container and then visit http://localhost:8080 in your browser.
$ docker run -v /var/run/docker.sock:/var/run/docker.sock:ro -p 8080:8080 rossf7/badgerbadgerbadger
What’s going on here?
The container is using introspection to get its own metadata. The metadata includes a label called com.microbadger.youtube-video that holds the YouTube video ID. It also gets the image name which is used to generate the MicroBadger badges.
The container code is a simple web server written in Go. For each request the container gets its hostname, which is the short version of its container ID. The Docker socket from the host is mounted in the container. The container uses go-dockerclient to make an inspect call to the API to get the metadata. The web server then renders a template using the metadata and serves the page.
Can I see some more badgers?
Yes! The command below shows how you can overwrite an image label with a runtime label, meaning you get to watch another badger video.
$ docker run --label com.microbadger.youtube-video=EllYgcWmcAY -p 8080:8080 -v /var/run/docker.sock:/var/run/docker.sock:ro rossf7/badgerbadgerbadger
Is there a better way to do introspection?
Hopefully there will be soon. There is a cool enhancement to Docker currently being developed. It mounts a volume with the labels for a container. The benefit of this is you can access the metadata as regular files. So you won’t need to call the Docker API or mount the Docker socket as a volume.
Is there a simpler way to see the metadata for an image?
If it’s a public image, you could look it up on MicroBadger, like this.
Update: Security and the docker socket
Please be careful if mounting the docker socket in your containers. As there are some serious security risks. Even when mounting the socket as a read only volume its still possible to read sensitive data and start containers.
Thanks to John Kinsella for flagging this up. This is another reason why the introspection volume in Docker is a better solution for doing this.
I don’t have Docker installed. Can I still watch the video?
Oh go on then!