Unable to access Docker socket, please run like this
g1ra opened this issue · 12 comments
I got this after making an alias and running dockviz images -t
# dockviz images -t
Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.
Unable to access Docker socket, please run like this:
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images <args>
For more help, run 'dockviz help'
Hm, that's odd. Have you tried running the full command:
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images -t
What is your alias? Also, can you provide the output of docker version
and docker info
?
Thanks
Hello, Thanks for the reply
my alias is
alias dockviz="docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz"
[root@ip-host ~]# docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images -t
Usage of loopback devices is strongly discouraged for production use. Either use `--storage-opt dm.thinpooldev` or use `--storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.
Unable to access Docker socket, please run like this:
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images <args>
For more help, run 'dockviz help'
[root@ip-host ~]# docker version
Client version: 1.7.1
Client API version: 1.19
Package Version (client): docker-1.7.1-108.el7.centos.x86_64
Go version (client): go1.4.2
Git commit (client): 3043001/1.7.1
OS/Arch (client): linux/amd64
Server version: 1.7.1
Server API version: 1.19
Package Version (server): docker-1.7.1-108.el7.centos.x86_64
Go version (server): go1.4.2
Git commit (server): 3043001/1.7.1
OS/Arch (server): linux/amd64
[root@ip-host ~]# docker info
Containers: 9
Images: 8
Storage Driver: devicemapper
Pool Name: docker-202:1-8701221-pool
Pool Blocksize: 65.54 kB
Backing Filesystem: xfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 751.6 MB
Data Space Total: 107.4 GB
Data Space Available: 6.515 GB
Metadata Space Used: 1.52 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.146 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.93-RHEL7 (2015-01-28)
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 3.10.0-229.11.1.el7.x86_64
Operating System: CentOS Linux 7 (Core)
CPUs: 1
Total Memory: 992.1 MiB
Name: ip-host.us-west-2.compute.internal
ID: RKLO:OFTL:RALD:WSJN:WQJ7:TGWG:YLO2:EJFM:FYN5:TWDU:2OYP:CJ2A
[root@ip-host ~]#
Update solved the problem.
yum remove docker
curl -sSL https://get.docker.com/ | sh
docker version
systemctl start docker
systemctl status docker
systemctl enable docker
docker version
docker help
docker info
alias dockviz="docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz"
dockviz images -t
Wow, that's great. Glad it worked out.
hello great thanks
I get the same error message. I am not sure why. Other containers seem to work fine.
> docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images -t
Unable to access Docker socket, please run like this:
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images <args>
For more help, run 'dockviz help'
> docker info
Containers: 4
Images: 182
Storage Driver: devicemapper
Pool Name: docker-8:3-796870-pool
Pool Blocksize: 65.54 kB
Backing Filesystem: extfs
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 5.594 GB
Data Space Total: 107.4 GB
Data Space Available: 4.055 GB
Metadata Space Used: 10.17 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.137 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Data loop file: /var/lib/docker/devicemapper/devicemapper/data
Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
Library Version: 1.02.109 (2015-09-22)
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 4.2.8-300.fc23.x86_64
Operating System: Fedora 23 (Twenty Three)
CPUs: 4
Total Memory: 15.58 GiB
Name: cessna
ID: NSSN:J2Y3:NCTJ:22AC:BM6U:BC3A:CYDA:GRTG:CX52:L5PG:ZXCV:LBB2
> docker version
Client:
Version: 1.8.2.fc21
API version: 1.20
Package Version: docker-io-1.8.2-2.gitcb216be.fc21.x86_64
Go version: go1.5.1
Git commit: 3abcea7-dirty
Built: Tue Oct 13 14:39:50 UTC 2015
OS/Arch: linux/amd64
Server:
Version: 1.8.2.fc21
API version: 1.20
Package Version:
Go version: go1.5.1
Git commit: 3abcea7-dirty
Built: Tue Oct 13 14:39:50 UTC 2015
OS/Arch: linux/amd64
Hm... That is odd. How is docker installed? Is it listening on the /var/run/docker.sock
socket or the tcp port? Are any of the DOCKER_ environment variables set (like DOCKER_HOST)?
@rvernica the cause of this problem may be access not permitted. may be. try your action with sudo
There are no DOCKER_*
environment variables:
> printenv | grep DOCKER
>
Docker is installed from the default RPM package coming from Fedora:
> sudo dnf info docker
Last metadata expiration check performed 3 days, 20:31:59 ago on Fri Feb 12 13:09:48 2016.
Available Packages
Name : docker
Arch : x86_64
Epoch : 1
Version : 1.9.1
Release : 6.git6ec29ef.fc23
Size : 9.0 M
Repo : updates
Summary : Automates deployment of containerized applications
URL : https://github.com/projectatomic/docker
License : ASL 2.0
Description : Docker is an open-source engine that automates the deployment of
: any application as a lightweight, portable, self-sufficient
: container that will run virtually anywhere.
:
: Docker containers can encapsulate any payload, and will run
: consistently on and between virtually any server. The same
: container that a developer builds and tests on a laptop will run
: at scale, in production*, on VMs, bare-metal servers, OpenStack
: clusters, public instances, or combinations of the above.
I believe, it is listening on the socket as the file exists:
> ll /var/run/docker.sock
srw-rw----. 1 root root 0 Feb 12 16:01 /var/run/docker.sock
I am using sudo
, I have an alias (alias docker='sudo docker'
), or:
> sudo docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images -t [1]
Unable to access Docker socket, please run like this:
docker run --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images <args>
For more help, run 'dockviz help'
That is interesting. I'll try to spin up a Fedora VM and see if I can reproduce the problem.
Hey, got a chance to try this out. Looks like Fedora and RHEL use SELinux to restrict access to the docker socket in containers. I found two ways of working around it:
-
Use the
--privileged
flag:$ sudo docker run --privileged --rm -v /var/run/docker.sock:/var/run/docker.sock nate/dockviz images -t
-
Add an SELinux policy to allow access from containers to the docker socket with this repo.
I'll work on adding to the error message if the socket exists but permission is denied.
Hope that helps.
--privileged
did the trick. Thanks for looking into it!