fbpixel

Inspect a volume

tutorial volumes

In this tutorial we’re going to explore how to view and edit the contents of a Volume mounted in a running container.

Ingredients

This tutorial is based on the container created in the Introduction:

  • a running container some-nginx
  • a volume http_data

Verify that the container is running

beekube ps

And verify that the contaienr has a volume attached

beekube ps --json

Background information

A Volume is a persistent disk mounted in a running container. A volume can be mounted over multiple containers; we’re going to exploit this feature to mount service container on an already mounted volumes to have access to the files.

Create the test containers

We need an nginx web server with avolume

beekube volume create http_data --size 5
beekube run --name some-nginx -p 80:80 -v http_data:/usr/share/nginx/html nginx

Edit files using SSH

NGINX container does not expose SSH for security reasons. To inspect the files we can run a container that expose SSH and attach it to the http_data volume. We can use bubuntu, a customized Ubuntu image provided by us that comes with an sshd daemon and some tools to edit files.

Choose a password for ssh and run the container

beekube run --name ssh -p 46587:22 -v http_data:/usr/share/nginx/html -e SSH_ROOT_PASS=<password> beekube/bubuntu

Command breakdown:

  • --name ssh: this is the name for the container
  • -p 46587:22: expose the port 22 of the container (SSH) on internet using a different port - bogon networks scan the internet for opened ssh port - this is not secure, it just reduce the failed logins
  • -v http_data:/usr/share/nginx/html: we mount the same volume used by nginx
  • -e SSH_ROOT_PASS=<password>: set an environment variable with the root password

To retrieve the container hostname, run beekube ps. Now we can ssh in our new container:

ssh root@<ssh-publish> -p 46587

Now it is possible to edit the files using vim or nano, or by scp!