container

Usually at least one of those is present on any system

• top
• htop / another top variant
• ps

But sometimes the usual suspects are not available, especially in minimal containers.

But there is another, more low level, way that works: /proc

This is a virtual filesystem provided by the kernel about running processes.

So to mirror something like this:

$ ps aux |grep sleep
    5 root      0:00 sleep 1000
   21 root      0:00 sleep 10000000
   36 root      0:00 grep sleep

We could do:

Read more…

In many CI/CD workflows interfacing with Hashicorp Vault is required.

However, their CLI (or better called unified binary¹) is stupidly big with more than 400MB and they seem to have no interest in making it any smaller².

This is often a undesired size increase, especially when optimizing for pull and run time in CI/CD.

This note outlines a solution that brings us down from 400MB+ on disk for vault to about 300KB using curl and jq.

Read more…

Most of these should work the same with any OCI compliant client. Tested with podman and docker, unless otherwise indicated.

# Run container interactively
podman run -it IMAGE:TAG SHELL

# With auto removing the container on exit
podman run -it --rm IMAGE:TAG SHELL

# With current working dir mounted to container
podman run -it -v ${PWD}:/tmp/host-dir/ IMAGE:TAG SHELL

# Detaching from the interactive session
# Keybinding: Ctrl+P, then Ctrl+Q

# Attaching to a container
podman attach "ID OR NAME"

Usually at least one of those is present on any system

• dig
• nslookup
• host

But sometimes the usual suspects don’t work, especially in container-land. After trying them you may try some more involved/unknown things:

getent

Part of glibc, this will probably work on nearly every system.

getent hosts example.org

Or, if you specifically want to query A or AAAA records.

getent ahostsv4 example.org
getent ahostsv6 example.org

Using Python2 Or Python3

Given this depends on glibc it is more of a alternative then another real solution.

Read more…