How to mount an Arvados FUSE to a Docker container as volume - docker

I would like to add a file system view of Arvados Keep to a Docker container. I created this file system view with arv-mount and it is based on File System in Userspace (FUSE).
Approach 1
$ docker run --rm -it -v /home/test/arv:/opt ubuntu:hirsute bash
docker: Error response from daemon: error while creating mount source path '/home/test/arv': mkdir /home/test/arv: file exists.
Approach 2
I also tried bind mounts
$ docker run --rm -it --mount type=bind,source=/home/test/arv,target=/opt,bind-propagation=rshared ubuntu:hirsute bash
docker: Error response from daemon: invalid mount config for type "bind": stat /home/test/arv: permission denied.
Both approaches I tried as non-root user (I configured Docker for non-root users) and root user.

I made it working by
Adding user_allow_other to /etc/fuse.conf
Creating FUSE mount with arv-mount --allow-other /home/test/arv

Related

Docker: mount path must be absolute when using volume

I am on a windows host and using git bash.
My goal is to create an alias for Jekyll on my git bash: run the docker image instead of installing all the dependencies. I also want to store the "gems" in a local docker volume.
I would like to use the image jekyll/jekyll:stable and the image has a readme here.
This is the alias that I have in my aliases.sh:
alias jekyll='winpty docker run --rm --volume=$PWD:/srv/jekyll --mount type=volume,src=gems,dst=/usr/gem,volume-driver=local -it jekyll/jekyll:stable'
Issuing jekyll results in:
docker: Error response from daemon: invalid mount config for type "volume": invalid mount path: 'C:/Program Files/Git/usr/gem' mount path must be absolute. See 'docker run --help'.
I don't understand: I am trying to mount a volume, not a bind mount. I have also tried to use the more simplistic "-v" syntax, same result. Is my docker trying to mount gems as a (directory) bind mount?
I also tried to debug this with bash set -x, the actual command issued was winpty docker run --rm --volume=/h/:/srv/jekyll --mount type=volume,src=gems,dst=/usr/gem,volume-driver=local -it jekyll/jekyll:stable which looks OK.
UPDATE: It seems that perhaps the /usr destination (in container) is being translated as C:/Program Files/Git/usr/gem which is wrong... I'd need to somehow insert a literal /usr/ in my command.

Docker Run Image Error no such file or directory

i try to run a docker image with this command:
docker run 7ce2964461cc
but get this error:
docker: Error response from daemon: error creating overlay mount to /var/lib/docker/overlay2/2900f69b23f22f96e520a3c8ec8681cb092c2e52bdfbb5e261ad130de1502df4-init/merged: no such file or directory.
try docker inspect 7ce2964461cc
1 to see the port to need to map -p port_inside=port_outside
2 the env varaible ou need to set -e KEY=VALUE
3 perhars mount a file inside docker -v XX:YY

Docker error while creating mount source path

I’m trying to create nginx container with mounted volume in /var/www:
docker run --name nginx-app1 -v /var/www:/usr/share/nginx/html:ro -d -p 11080:80 nginx
And I get the error:
docker: Error response from daemon: error while creating mount source
path '/var /www': mkdir /var/www: read-only file system.
I also tried to run it with sudo, but is the same error. When I try to mount the volume in /home/username/ everything is fine.
The /var/www dir have drwxr-xr-x permissions. I working with Ubuntu 20.04 and Docker 20.10.11
Any suggestions on what might be causing the problem?

Trying to run "comitted" Docker image, get "cannot mount volume over existing file, file exists"

I am developing a Docker image. I started with a base image and was working inside it interactively, using bash. I installed a bunch of stuff, and the install (which included compiling a lot of code) took over 20 minutes, so to save my work, I used:
$ docker commit 0f08ac958391 myproject:wip
Now when I try to run the image:
$ docker run --rm -it myproject:wip
docker: Error response from daemon: cannot mount volume over existing file, file exists /var/lib/docker/overlay2/95aa9a9ea7cc0b1ba302adbd287e4d7059ee4fbe64183404df3bc65df332ee63/merged/run/host-services/ssh-auth.sock.
What is going on? How do I fix this?
Note about related/duplicate questions: while there are other questions about this error message, none of the answers directly explain why the error happens in this situation or what to do about it. In fact, most of the questions have no answers at all.
When I ran the base image, I included a mount for the SSH agent socket:
$ docker run --rm -it -v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock myproject:dev /bin/bash
This bind mounts a file from the host (actually the Docker daemon VM) to a file in the Docker container. When I committed the running image, the image contained the file /run/host-services/ssh-auth.sock. The image also contained an empty volume reference to /run/host-services/ssh-auth.sock. This means that when I ran
$ docker run --rm -it myproject:wip
It was equivalent to running
$ docker run -v /run/host-services/ssh-auth.sock --rm -it myproject:wip
Unfortunately, what that command does is create an anonymous volume and mount it into the directory /run/host-services/ssh-auth.sock in the container. This works if the container has such a directory or even if it does not. What causes it to fail is if the target name is taken up by a file. Docker will not mount a volume over a file.
The solution is to explicitly provide a mapping from a host file to the target volume. Any host file will do, but in my case it is best to use the original. So this works:
docker run --rm -it -v /run/host-services/ssh-auth.sock:/run/host-services/ssh-auth.sock myproject:wip

Mount read-write volume inside of read-only volume

I have two volumes: repo and cache. I want to mount repo read-only at /repo and I want to mount cache as read-write at /repo/cache. When the app writes to /repo/cache, I expect the writes to go to the cache volume, while the /repo volume is not changed; however, when I run docker run -it -v repo:/repo:ro -v cache:/repo/cache alpine, I get docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "process_linux.go:430: container init caused \"rootfs_linux.go:58: mounting \\\"/var/lib/docker/volumes/cache/_data\\\" to rootfs \\\"/var/lib/docker/overlay2/9f1dfff7f943921fd2da278d357bec88007d7fcb41eb9bc34fc0e728c459ad73/merged\\\" at \\\"/var/lib/docker/overlay2/9f1dfff7f943921fd2da278d357bec88007d7fcb41eb9bc34fc0e728c459ad73/merged/repo/cache\\\" caused \\\"mkdir /var/lib/docker/overlay2/9f1dfff7f943921fd2da278d357bec88007d7fcb41eb9bc34fc0e728c459ad73/merged/repo/cache: read-only file system\\\"\"": unknown.
Is there a better way to achieve this result? I need the repo volume to be ro so the app doesn't write to it, and I need cache to be writable and mounted "inside" of /repo because that's where the app expects it (and I can't modify the app to look elsewhere).
To mount your cache volume on /repo/cache, Docker would need to be able to create a directory /repo/cache inside the container. Since you have mounted the repo volume read-only, this isn't possible.
If you first create the mountpoint yourself:
docker run --rm -v repo:/repo alpine mkdir /repo/cache
Then you will be able to successfully mount /repo/cache despite repo being read-only:
bash-5.0$ docker run --rm -it -v repo:/repo:ro -v cache:/repo/cache alpine
/ # ls /repo
cache

Resources