Docker Tip #48: List All Changes Performed in a Container
So, you've been making changes inside of a container and now you want to see how it differs from the original. Here's how.
As you probably know, containers are idempotent, meaning if you make a change to a running container, those changes will be lost the next time you start the container.
If you’re just fooling around inside of a container and planning out what you would eventually add to a Dockerfile, you may want to get a list of what you changed.
For that, you can run the docker container diff <container> command. Here’s let’s go over a real example so you can see how it works.
Starting up and making changes to an Alpine container:
# Start up a new container and run 3 commands inside of the container:
docker container run --rm -it --name difftest alpine:3.7
> mkdir exampledir
> cd /tmp
> touch hello.txt
# [Open a second terminal window]
# Take a look at what changed in the container:
docker container diff difftest
> A /exampledir
> C /root
> A /root/.ash_history
> C /tmp
> A /tmp/hello.txt
Docker has 3 symbols for identifying changes in its diff output:
- A: A file or directory was created
- C: A file or directory was changed
- D: A file or directory was deleted
In our example we didn’t delete anything, but you can see a few cases of A and C being used. As for the .ash_histroy, that’s just a standard shell history file.
How does this differ from looking at the shell’s history?
The diff command only includes the results of what was created, updated or deleted.
For example, you could run docker exec difftest cat /root/.ash_history to get the history of the container, and you would get a full list of the exact commands we ran in the container, including cd /tmp.
Consider both commands to be tools at your disposal for different use cases.
I find the diff command easier to skim for changes and for creating a timeline of changes. The shell history is good for looking up exactly what you ran to produce those results.