Mounting a volume not working with running docker in docker

I’m running docker within a container using the command below:
docker run --rm -ti --privileged -v /var/run/docker.sock:/var/run/docker.sock docker:1.12 sh

Within that container’s shell I see a directory with a bunch of files. Let’s say /project with a filebuild.gradle. I’d like to start a new container and mount this directory using the command below

docker run -ti --rm -v /project:/project openjdk:8-jdk bash -c "ls /project".

However it looks like the project directory is empty, the ls /project does not show any files…

Now trying to mount a file:

docker run -ti --rm -v /project/build.gradle:/project/build.gradle openjdk:8-jdk bash -c "ls /project/"

This time the folder shows the file.

Anyone who has an idea why the volume mount does not work as expected. Is this a permission issue?

This prints out a listing of the contents of the /project directory on the host. Similarly,

docker run --rm -v /:/host ubuntu:16.04 cat /host/etc/passwd

will list all of the user IDs defined on the host system.

There’s no portable way to try to share container-local directories with a different container like this. If you have some scheme to publish paths that this container was launched with, maybe via a magic environment variable, you could get from a container path to a host path. You might be able to docker inspect yourself, but I suspect trying to use a directory under /var/lib/docker on the left side of docker run -v is dangerous.

The one use case I have for doing something like this, I’ve concluded that docker cp is easier to use and much less fragile.

This is an old question, but I got here when searching for a solution to a similar problem, so I’m posting this to help anyone who might come across this.

If you’re running the docker cli from inside a container, with /var/run/docker.sock mounted, then you must specify paths for bind mounts relative to the docker host, not the container you’re running in, because the Docker cli is talking to the host Docker daemon through the socket.

I have implemented something similar to @dmaze’s suggestion in python using the Docker API here.
The gist includes a python function (translate_path) to translate paths located in a bound directory to their absolute paths on the host.
Paths that exist only in the container cannot be translated this way.

1 Like