In First Steps with Docker, we have already seen the -v switch in docker run that allows mounting files or directories from the host into the container. This is can be used for exchanging data between host and container, but it can also allow for more insight into the host. Mounting of the following paths is often used:
- /var/lib/docker. A lot of information is stored in that directory, allowing management software to create its notion of the container landscape on the host
- /sys contains a lot of cgroup information which controls resource limits
- /var/run/docker.sock is a Unix domain socket providing a REST API to docker. In our case, the socket can be passed on into the container, providing all information available through the Docker remote API. Using this interface avoids to have a lot of internal knowledge how the information in /var/lib/docker is structured. Note this API could also be made available through TCP/IP.
docker run -t -i -v /var/run/docker.sock:/var/run/docker.sock
echo -e "GET /images/json HTTP/1.1\n" | netcat -U /var/run/docker.sock