Is it possible to bind mount the docker socket in a buildkit docker build? My build context does not include /var/run. I tried something like this, but docker daemon returns an error back.
RUN --mount=type=bind,target=/var/run/docker.sock,source=/var/run/docker.sock docker ps
I have a docker ce-cli inside the image, so mounting the docker socket would allow me to run the docker cli connecting to the docker daemon on the host machine.
Here is the error message
=> ERROR [docker_test 1/4] RUN --mount=type=bind,target=/var/run/docker.sock,source=/var/run/docker.sock docker ps 0.0s
------
> [docker_test 1/4] RUN --mount=type=bind,target=/var/run/docker.sock,source=/var/run/docker.sock docker ps:
------
Dockerfile:83
--------------------
81 | FROM my_image AS docker_test
82 |
83 | >>> RUN --mount=type=bind,target=/var/run/docker.sock,source=/var/run/docker.sock docker ps
--------------------
ERROR: failed to solve: failed to compute cache key: failed to calculate checksum of ref 0b02d253-5d2d-4081-95e7-8ece3c6163b9::zzyadke92f23ttyq52rleo2ej: "/var/run/docker.sock": not found
With docker run you can mount a file, so want to the the same for docker build. Not sure if issue is that the file resides outside the docker context of if issue is that only paths can be bind mounted. Bind mounting a folder inside the context during the build stage does work. I tried passing multiple build contexts (docker buildx build --build-context), but same issue.
Mounting the docker socket allows accessing the docker daemon on the host machine. Now you can build a new docker image inside a docker without having docker daemon inside the first docker image. I think some people refer to this as Docker-out-of-Docker (dood). In a CI build environment we typically run like this
docker run -v /var/run/docker.sock:/var/run/docker.sock ...
But now I need to the the same on a docker build instead of a docker run.
The first docker has the gcc compiler and builds. Next you want to take those artifacts from the install and construct a docker image without having the docker daemon on the toolchain docker. Something like this;
RUN ninja install/strip
RUN --mount=type=bind,target=/var/run/docker.sock,source=/var/run/docker.sock docker build...
This is probably solvable by a multi-stage build as well, but I really like to have ability to mount the docker socket during builds in the same way as docker run.
I figured it’d be something that a multi-stage build may solve, and so, if possible, you probably should use that
As for accessing the socket for whatever other purposes, see the workaround I posted, worked for me on a Mac using Docker Desktop, seems to work for the original creator on a Windows machine, I do not know how well this will operate with a pure Docker Engine on Linux, but I’ll test it soon
So you want to run docker build while another docker build is already running. This is really not how yo should use Docker.
We are talking about two different things. docker build is to build an image which process should not depend on your host machine (OK, it will as you are using the cpu and memory of the host). Running a container can depend on the host machine. You could run a container that manages something on the host, but I would never allow my docker build acces to my docker socket as it means it has full root access to my host and if anything goes wrong, it could affect not just the build you are working on, but everything else.