I'm trying to share the docker unix socket with a user inside a docker (docker in docker), it work well for most commands but for some I got a "broken pipe" on the daemon side.
docker run -v "/var/run/docker-userns.sock:/var/run/docker.sock" -u 1000 docker:latest \
docker run python:latest \
pip list
dockerd journal:
févr. 21 14:14:41 LPFR0358 dockerd[2049]: time="2024-02-21T14:14:41.808141696+01:00" level=error msg="attach failed with error: error attaching stdout stream: write unix /run/docker.sock->@: write: broken pipe"
To simply that we can just say that I'm running the following to create a unix socket with the correct user
sudo socat -v \
UNIX-LISTEN:/var/run/docker-userns.sock,user=1000,group=1000,mode=0660,reuseaddr,fork \
UNIX:/var/run/docker.sock
And run docker like this
# Works (I got ok)
DOCKER_HOST=unix:///var/run/docker-userns.sock docker run -u 1000 python:latest echo ok
# Doesn't works (no output and broken pipe)
DOCKER_HOST=unix:///var/run/docker-userns.sock docker run -u 1000 python:latest pip help
I try to create a unix and tcp socket with socat but the result are always the same.
The only way I got this to work is by correctly running dockerd with -H tcp://0.0.0.0:2375 and then sharing this socket. Unfortunately I cannot do that in my project.
I have 2 questions here.
- Do you know why this is happening only with some command (like pip) ?
- Do you know if there is a better way to share the access to docker.sock inside a docker ?
Thanks