Attaching to Running Containers
LEVEL 0
The Problem
Your container is running. Something’s wrong. You need to look inside.
Maybe you need to:
- Check if a file exists
- See what processes are running
- Test network connectivity
- Debug why the application isn’t behaving
How do you get “inside” a running container?
LEVEL 1
The Concept — The Security Camera vs Walking In
The Concept
Imagine your container is a room.
docker logs is like watching security camera footage. You can see what happened, but you can’t interact.
docker attach is like picking up a phone that’s connected to someone already in the room. You can hear what they’re saying (see stdout), but you’re connected to whatever they’re doing. If you hang up (Ctrl+C), they might hang up too (container might stop).
docker exec is like walking into the room yourself. You’re a new person in the room, separate from whoever else is there. You can look around, touch things, run commands. When you leave, the original person stays.
For debugging and exploration, docker exec is almost always what you want.
LEVEL 2
The Mechanics — Getting Inside
The Mechanics
docker exec — Running Commands Inside
# Run a single command
docker exec mycontainer ls /app
# Start an interactive shell
docker exec -it mycontainer /bin/bash
# or for Alpine (no bash)
docker exec -it mycontainer /bin/sh
The flags:
-i(interactive): Keep STDIN open-t(tty): Allocate a pseudo-terminal
Together, -it gives you an interactive shell experience.
docker attach — Connecting to the Main Process
docker attach mycontainer
This connects your terminal to the container’s main process (PID 1). You see what it outputs.
Warning: If you press Ctrl+C while attached, you might kill the main process, stopping the container! Use Ctrl+P, Ctrl+Q to detach without stopping.
When to Use Each
| Goal | Command |
|---|---|
| Run a quick command | docker exec mycontainer <cmd> |
| Interactive debugging shell | docker exec -it mycontainer /bin/bash |
| See live output of main process | docker attach mycontainer |
| Follow logs (safer) | docker logs -f mycontainer |
LEVEL 3
Common Debugging Tasks
Check what’s running inside
docker exec mycontainer ps aux
Check network connectivity
docker exec mycontainer ping -c 3 google.com
docker exec mycontainer curl localhost:8080
Check files
docker exec mycontainer cat /app/config.yaml
docker exec mycontainer ls -la /var/log/
Check environment variables
docker exec mycontainer env
Get a shell and explore
docker exec -it mycontainer /bin/bash
# Now you're "inside" — explore as needed
# Type 'exit' to leave
LEVEL 4
exec Creates a New Process
When you docker exec, Docker:
- Uses the container’s namespaces (same view of filesystem, network, etc.)
- Creates a new process in those namespaces
- This process is separate from PID 1
This is why exec is safe — killing your exec process doesn’t kill the container.
Container (myapp)
├── PID 1: nginx (main process)
├── PID 20: nginx worker
├── PID 21: nginx worker
└── PID 42: /bin/bash (your exec session) ← separate process