Docker Debug
Learn about the Docker Debug tool for debugging slim images and containers.
Debugging slim images and containers with Docker Debug
At the time of this writing this course, Docker Debug is a new tool and requires a Pro, Team, or Business subscription. It’s a widely accepted good practice to deploy small images containing only app code and dependencies. This means no shell or debugging tools and is a big part of making images and containers small and secure. However, it also makes it difficult to debug them when things go wrong.
This is where Docker Debug comes to the rescue. It allows us to get shell access to images and containers that don’t include a shell and seamlessly injects powerful debugging tools into them.
At a high level, Docker Debug works by attaching a shell to a container and mounting a toolbox loaded with debugging tools. This toolbox is mounted as a directory called /nix and is available during debugging sessions but is never visible to the container. As soon as we exit the Docker Debug session, the /nix directory is removed. If we’re debugging a running container, any changes we make are immediately visible to the container and persist across container restarts. For example, updating an index.html during a Docker Debug session will immediately update the running web app, and the changes will persist if the container is stopped and restarted. When debugging an image or a stopped container, Docker Debug creates a sandbox and adds it to the image as an R/W layer, making it function like ...