Finding PID Everywhere

the proc virtual filesystem

Usually at least one of those is present on any system top htop / another top variant ps But sometimes the usual suspects are not available, especially in minimal containers. But there is another, more low level, way that works: /proc This is a virtual filesystem provided by the kernel about running processes. So to mirror something like this: $ ps aux |grep sleep 5 root 0:00 sleep 1000 21 root 0:00 sleep 10000000 36 root 0:00 grep sleep We could do: [Read More]

Vault CLI in Containers

In many CI/CD workflows interfacing with Hashicorp Vault is required.

However, their CLI (or better called unified binary1) is stupidly big with more than 400MB and they seem to have no interest in making it any smaller2.

This is often a undesired size increase, especially when optimizing for pull and run time in CI/CD.

This note outlines a solution that brings us down from 400MB+ on disk for vault to about 300KB using curl and jq.

[Read More]

Interactive Containers Cheatsheet

Most of these should work the same with any OCI compliant client. Tested with podman and docker, unless otherwise indicated.

# Run container interactively
podman run -it IMAGE:TAG SHELL

# With auto removing the container on exit
podman run -it --rm IMAGE:TAG SHELL

# With current working dir mounted to container
podman run -it -v ${PWD}:/tmp/host-dir/ IMAGE:TAG SHELL

# Detaching from the interactive session
# Keybinding: Ctrl+P, then Ctrl+Q

# Attaching to a container
podman attach "ID OR NAME"

DNS Resolution Everywhere

Usually at least one of those is present on any system dig nslookup host But sometimes the usual suspects don’t work, especially in container-land. After trying them you may try some more involved/unknown things: getent Part of glibc, this will probably work on nearly every system. getent hosts example.org Or, if you specifically want to query A or AAAA records. getent ahostsv4 example.org getent ahostsv6 example.org Using Python2 Or Python3 Given this depends on glibc it is more of a alternative then another real solution. [Read More]