I’m building an image for an app that requires a lot of dependencies for the build process, but the ultimate build-artifact is about half the size. I’d like to keep my production image as small as possible by building the app inside a container, then calling out to the host’s docker engine to run the build, using the files in the container for the context.
Right now I’m using the --privileged flag, and passing in volumes for the docker client and the docker socket, but the build is failing with a permissions issue.
Expected behavior
docker build uses my buildfile and the host’s docker engine to build my image
Actual behavior
docker build fails during initial context checking with:
Error checking context: ‘no permission to read from ‘/proc/sys/net/ipv4/route/flush’’.
Information
- the output of:
Moby Menu > Diagnose & Feedbackon OSX
- a reproducible case if this is a bug, Dockerfiles FTW
- page URL if this is a docs issue or the name of a man page
- host distribution and version ( OSX 10.10.x, OSX 10.11.x, Windows, etc )
Steps to reproduce the behavior
- Run a container with --privileged and volume host mounts for docker client and host docker socket, and your working directory mounted
- Run a docker build with a dockerfile in your app working directory