寻找 Docker 容器进程? (从主机的角度)

docker ps will list docker containers that are running.

docker exec <id|name> ps will tell you the processes it's running.

the process run in a docker container is a child of a process named containerd-shim (in Docker v18.09.4)

• First figure out the process IDs of the containerd-shim processes.
• For each of them, find their child process.

pgrep containerd-shim

7105
7141
7248

To find the child process of parent process 7105:

pgrep -P 7105

7127

In the end you could get the list with:

for i in $(pgrep containerd-shim); do pgrep -P $i; done

7127
7166
7275

You can use docker top command. This command lists all processes running within your container.

For instance this command on a single process container on my box displays:

UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
root                14097               13930               0                   23:17               pts/6               00:00:00            /bin/bash

All methods mentioned by others are also possible to use but this one should be easiest.

Update:

To simply get the main process id within the container use this command:

 docker inspect -f '\{\{.State.Pid}}' <container id>

Docker stats "container id" Shows the resource consumption along with pid or simply Docker ps .

Probably this cheat sheet can be of use. http://theearlybirdtechnology.com/2017/08/12/docker-cheatsheet/

Another way to get an overview of all Docker processes running on a host is using generic cgroup based systemd tools.

systemd-cgls will show all our cgroups and the processes running in them in a tree-view, like this:

├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 21
├─docker
│ ├─070a034d27ed7a0ac0d336d72cc14671584cc05a4b6802b4c06d4051ce3213bd
│ │ └─14043 bash
│ ├─dd952fc28077af16a2a0a6a3231560f76f363359f061c797b5299ad8e2614245
│ │ └─3050 go-cron -s 0 0 * * * * -- automysqlbackup

As every Docker container has its own cgroup, you can also see Docker Containers and their corresponding host processes this way.

Two interesting properties of this method:

1. It works even if the Docker Daemon(s) are defunct.
2. It's a pretty quick overview.

You can also use systemd-cgtop to get an overview of the resource usage of Docker Containers, similar to top.

By the way: Since systemd services also correspond to cgroups these methods are also applicable to non-Dockerized systemd services.

When running this on the host, it will give you a list of processes running in a container with <Container ID>, showing host PIDs instead of container PIDs.

DID=$(docker inspect -f '\{\{.State.Pid}}' <Container ID>);ps --ppid $DID -o pid,ppid,cmd

I found a similar solution using a bash script in one line:

for i in $(docker container ls --format "\{\{.ID}}"); do docker inspect -f '\{\{.State.Pid}} \{\{.Name}}' $i; done

Since the following command shows only the container's itself process ID (not all child processes):

docker inspect -f '\{\{.State.Pid}}'  <container-name_or_ID>

To find a process that is the child of a container, this process ID must be find in directory /proc. So find "processID" inside it and then find the container hash from file:

/proc/parent_process/task/processID

and then cut container ID from hash (first 12-digits of the container hash) and then find the container itself:

#!/bin/bash
processPath=$(find /proc/ -name $1 2>/dev/null)
containerID=$(cat ${processPath}/cgroup | fgrep 'pids:/docker/' | sed -e 's#.*/docker/##g' | cut -c 1-12)
docker ps | fgrep $containerID

Save above script in a file such as: p2c and run it by:

p2c <PID>

For example:

p2c 85888

Another solution with docker container and docker top

docker ps --format "\{\{.ID}}" | xargs -I'{}' docker top {} -o pid | awk '!/PID/'

Note: awk '!/PID/' just remove the PID header from the output of docker top

If you want to know the whole process tree of docker container, you can try it

docker ps --format "\{\{.ID}}" | xargs -I'{}' docker top {} -o pid | awk '!/PID/' | xargs -I'{}' pstree -psa {}