How to mount /var/run/docker.sock?

snesbittsea · November 27, 2020, 9:48pm

All:

I am trying to get nomad 12.8 to install a Traefik 2.3 instance. Traefik requires access to the Docker socket. Despite my best efforts I simply can’t get it mounted in the container as indicated by the container logs:

Provider connection error Cannot connect to the Docker daemon at unix:///var/run/docker.sock

Does anyone have an example nomad job which shows how to make the docker.sock available in the container?

Thx,

-steve

Wolfsrudel · November 27, 2020, 11:16pm

At this post there was another problem, so I guess the volume mount of the docker socket did work.

lgfa29 · November 28, 2020, 3:39pm

Hi @snesbittsea,

Would you be able to provide a sample job that caused that error?

I tried to reproduce it, but it all seems to work. Here’s a sample job that I created based on our Traefik guide:

job "traefik-demo" {
  datacenters = ["dc1"]

  group "lb" {
    count = 1

    network {
      port "http" {
        to     = 80
        static = 80
      }

      port "ui" {
        to     = 8080
        static = 8080
      }
    }

    task "traefik" {
      driver = "docker"

      config {
        image = "traefik:v2.3"
        args  = ["--api.insecure=true", "--providers.docker"]
        ports = ["http", "ui"]
        volumes = [
          "/var/run/docker.sock:/var/run/docker.sock"
        ]
      }
    }
  }

  group "demo" {
    count = 3

    network {
      port "http" {}
    }

    task "server" {
      driver = "docker"

      config {
        image = "hashicorp/demo-webapp-lb-guide"
        labels {
          traefik.http.routers.demo.rule                      = "PathPrefix(`/demo`)"
          traefik.http.services.demo.loadbalancer.server.port = "${NOMAD_PORT_http}"
        }
        ports = ["http"]
      }

      env {
        PORT    = "${NOMAD_PORT_http}"
        NODE_IP = "${NOMAD_IP_http}"
      }
    }
  }
}

Accessing http://localhost/demo will reach the different instances of the app:

$ curl http://10.0.2.15/demo
Welcome! You are on node 10.0.2.15:29672
$ curl http://10.0.2.15/demo
Welcome! You are on node 10.0.2.15:30195
$ curl http://10.0.2.15/demo
Welcome! You are on node 10.0.2.15:23164

One important piece is to enable mounting host paths in the Docker plugin configuration for your Nomad clients:

plugin "docker" {
  config {
    volumes {
      enabled = true
    }
  }
}

snesbittsea · November 28, 2020, 9:03pm

Thanks for the reply. I think I may have got it.

First am I right in thinking that the plugin stanza is a peer of the client stanza and not a child?

Also I found a node wich didn’t have this set. I have a sneaking suspicion that my failures are associated with trying to deploy to this node. Doh,

-steve

lgfa29 · November 29, 2020, 5:20pm

That’s right, plugin is a top-level config. What I meant was that this configuration needs to be in the client nodes config file.

I think that in this case the allocation would fail in the node without this config, and Nomad would re-schedule it into another client.

But I am glad you got it working now