[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

docker command run from containers got permission denied on /var/run/docker.sock



On an Openshift 3.11 cluster, we tried to run docker commands but all returned following error:
 
```
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/version: dial unix /var/run/docker.sock: connect: permission denied
```
 
Has anyone run into similar situation and come up with a solution? I have searched past posts and googled and tried, but so far without luck to make it work.
 
Detailed info:
 
An example Pod yaml file is
 
```
apiVersion: v1
kind: Pod
metadata:
    name: dood
spec:
    securityContext:
      privileged: true
    containers:
      - name: docker-cmds
        image: argoproj/argoexec:v2.3.0
        command: ['sh', '-c', 'sleep 1d']
        resources:
            requests:
                cpu: 10m
                memory: 256Mi
        volumeMounts:
          - mountPath: /var/run
            name: docker-sock
    volumes:
      - name: docker-sock
        hostPath:
          path: /var/run
```
 
On the host (compute nodes) machine, the socket looks like
 
# ls -l /var/run/docker.sock
srw-rw----. 1 root docker 0 Sep 15 11:55 /var/run/docker.sock
 
Inside the container, the mounted path looks like
 
# ls -l /var/run/docker.sock
srw-rw----. 1 root 1001 0 Sep 15 18:55 /var/run/docker.sock
 
The serviceaccount running the container has been added to the `anyuid` and `hostmount-anyuid` scc.
 
Thanks.
 
Adrian


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]