Cannot use /var/lib/docker as volume mount

Nomad
1

Hi,

I try to config my filebeat job in nomad. There are some difficulties with this. I can’t mount volume (/var/lib/docker), this directory is needed to read logs from other containers.

My filebeat job

job "filebeat" {
  datacenters = ["dc"]
  type        = "system"

  group "filebeat" {

    network {
      mode = "bridge"

      port "sidecar" {
        host_network = "private"
      }
    }

    volume "docker_logs_storage" {
      type      = "host"
      read_only = true
      source    = "docker_logs_storage"
    }

    service {
      name = "elasticsearch-connect"

      connect {
        sidecar_service {
          port = "sidecar"
          proxy {
            upstreams {
              destination_name = "elasticsearch"
              local_bind_port  = 9200
            }
          }
        }
      }
    }

    task "filebeat" {
      driver = "docker"

      volume_mount {
        volume      = "docker_logs_storage"
        destination = "/var/lib/docker"
        read_only   = true
      }

      config {
        image = "docker.elastic.co/beats/filebeat:8.5.0"
        cap_add = ["all"]
        args = [
          "-c", "/local/filebeat.yml",
          "--path.data", "/alloc/data/filebeat",
          "--path.logs", "/alloc/logs/filebeat",
        ]
        mount = {
          type     = "bind"
          source   = "local/filebeat.yml"
          target   = "/usr/share/filebeat/filebeat.yml"
          readonly = true
        }
      }
      

      template {
        data = <<template
    filebeat.inputs:
    - 
      paths: 
        - /var/lib/docker/containers/*/*.log
      type: container
      scan_frequency: 1s
      fields_under_root: true

    output.elasticsearch:
      hosts: ["http://{{ env "NOMAD_UPSTREAM_IP_elasticsearch" }}:9200"]
      username: "username"
      password: "{{ key "secrets/elk/elasticsearch_password" }}"

      tls: disable 


    
      template
      destination = "local/filebeat.yml"
      }
    }
  }
}

Filebeat logs
failed to create container: API error (400): invalid mount config: must use either propagation mode "rslave" or "rshared" when mount source is within the daemon root, daemon root: "/var/lib/docker", bind mount source: "/var/lib/docker", propagation: "rprivate"

Could you please help me with advice, how can I mount this directory for filebeat needs?

1 Like