dockit: Container Hopping

Docker containers are awesome little throwaway environments. Often I like to jump into a container to test something out, like installing a project from scratch, swapping runtimes without needing a version manager, or trying something new without gumming up my base system. It’s also useful for debugging problems in other Linux distributions or as a quick approximation of some remote machine.

Usually when I jump into a Docker image, though, I like to bring my files with me by mounting $(pwd). This works pretty well but has a few annoyances:

  • If I do something that generates files in my working directory, like pytest, I have to manually clean it up once I’m done.
  • File ownership becomes a stew of root and other UIDs.
  • docker run --rm -ti -v $(pwd):/work -w /work $image /bin/sh is a real pain to type, and I can never remember which images have /bin/bash installed, which is generally a more pleasant experience than bare sh.

I started to hack away at these annoyances one at a time in a shell alias, which evolved into a shell function, which further evolved into a full-blown shell project. Meet dockit, the utility that can drop you into a Docker image in a single command:

$ dockit alpine
Using default tag: latest
latest: Pulling from library/alpine
Digest: sha256:72c42ed48c3a2db31b7dafe17d275b634664a708d901ec9fd57b1529280f01fb
Status: Image is up to date for alpine:latest
docker.io/library/alpine:latest
$ /docked #

dockit drops you into a directory called /docked with the best available shell. The /docked directory is owned by the most sensible user dockit can find — the image USER if possible and root if not.

Changes made in the /docked directory don’t propagate back to the host, so you can generate cache files, delete stuff, and generally make a mess of things without having to clean it up. If you want to explicitly export something back to the host, you can use the special undock command. undock will copy a file or folder from the /docked directory back to the host directory, fixing its ownership along the way.

A word of warning, dockit is meant to be used from a smallish directory, like a git repository. Depending on how recent your kernel is, attempting to dockit a large directory may end up taking a lot of time and/or disk space. (That said, because I'm on a kernel version where overlayfs accepts metacopy=on, I can mount my entire 100+ GB home directory in about ten seconds and no appreciable bloat in disk usage, so, your mileage may vary!)

If this sounds like a tool you’d like to have in your toolbox, check out dockit on GitHub.