Docker Community Forums

Share and learn in the Docker community.

Accessing nginx/uwsgi socket in container


(Larrymartell59) #1

I have an image for running a django app. If I mount the dir containing the django app when I create the container it works fine. But I want to make the image self-contained and not dependent on the local file system. So I changed the Docker file to copy the dir containing the django app from the host machine into the image. But then, when I create the container (without mounting the dir) I get permission denied on the socket. I do remove the socket in the run file so nginx can create a new one, and it’s 666.

I have this in my Dockerfile:

ENV HOME /opt/django/app/
ADD . /tmp/django
RUN cp -rp /tmp/django/* $HOME

And this in my run file:

rm /opt/django/app/app.sock

That is before I start nginx and uwsgi.

And I get this nginx error:

2016/07/05 15:37:48 [crit] 430#0: *1 connect() to unix:/opt/django/app/app.sock failed (13: Permission denied) while connecting to upstream, client: xx.xx.xx.xx, server: , request: “GET / HTTP/1.1”, upstream: “uwsgi://unix:/opt/django/app/app.sock:”, host: “

Is there something I am missing that I have to do to get this to work?

(David Maze) #2

Does a TCP socket work?

I think a Unix socket would work, but it needs to live in a shared volume. (If both containers are trying to access /opt/django/app/app.sock but that file isn’t on a shared volume, then they have two separate filesystem spaces and aren’t actually using the same socket; the “permission denied” error is probably that the app.sock file isn’t actually a socket.)

(Larrymartell59) #3

There is only 1 container - it contains everything - nginx, uwsgi, mysql, and my django app. It is a socket, and I delete it in the run script and nginx creates it anew:

root@ee1ee659a720:/opt/django/app# file app.sock
app.sock: socket
ls -l app.sock
srw-rw-rw-. 1 root root 0 Jul 5 16:20 app.sock

I tried changing the socket to be in /tmp and it works. I wonder why that is.

(Larrymartell59) #4

Well, I spoke to soon. I don’t get the permission denied error on the socket anymore, but the app cannot access any of its files from the django project - it gets permission denied on all of them. So the issue is why it cannot access the copied in dir, but it can access the same dir when it’s mounted.

(Larrymartell59) #5

I ended up fixing it. Turned out one of the dirs in the path was not readable. That is, the django app was in /foo/bar/baz and although /foo and /foo/bar/baz were readable, /foo/bar was not. Once I chmod-ed that all was well.