I have a local docker registry on my mac and I want to be able to perform this type of command:
docker run quay.io/skopeo/stable inspect
Tried to use
docker run quay.io/skopeo/stable inspect docker-daemon:<image>
(docker-daemon will use the local registry)
Error loading image from docker engine: Cannot connect to the Docker
daemon at unix:///var/run/docker.sock. Is the docker daemon running?"
I guess the error is coming because the docker container I am running doesn't have a local docker registry.
Thanks!
Related
I am working in a task where I am having to use docker compose inside a docker container. When I perform docker compose --file setup.yaml, I get the following error.
no valid drivers found: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
Is there a way to resolve this error?
What I have tried:
I looked at a few documentation on the internet and I am performing a volume mount of the path to socket daemon as follows,
docker run -v /var/run/docker.sock:/var/run/docker.sock -it -d <container_id>
But after this command, the container exits after a while. Not sure if the approach is correct.
I have two local Docker containers container_a and container_b.
When starting container_b, container_b calls docker pull container_a. However, this fails as container_a is a local container and not hosted on a Docker registry such as Docker Hub.
Is it possible to let container_b use the locally available containers when calling docker pull without changing container_b and without uploading container_a to a Docker registry?
Mount local docker.sock to your container_b that pulls the image.
docker run -v /var/run/docker.sock:/var/run/docker.sock ...
I'm running a gitlab/gitlab-ce container on docker. Then , inside it, i want to run a gitlab-runner service, by providing docker as runner. And every single command that i run (e.g docker ps, docker container ..), i get this error:
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is
the docker daemon running
P.s: i've tried service docker restart, reinstal docker and gitlab-runner.
By default it is not possible to run docker-in-docker (as a security measure).
You can run your Gitlab container in privileged mode, mount the socket (-v /var/run/docker.sock://var/run/docker.sock) and try again.
Also, there is a docker-in-docker image that has been modified for docker-in-docker usage. You can read up on it here and create your own custom gitlab/gitlab-ce image.
In both cases, the end result will be the same as docker-in-docker isn't really docker-in-docker but lets your manage the hosts docker-engine from within a docker container. So just running the Gitlab-ci-runner docker image on the same host has the same result and is a lot easier.
By default the docker container running gitlab does not have access to your docker daemon on your host. The docker client uses a socket connection to communicate to the docker daemon. This socket is not available in your container.
You can use a docker volume to make the socket of your host available in the container:
docker run -v /var/run/docker.sock:/var/run/docker.sock gitlab/gitlab-ce
Afterwards you will be able to use the docker client in your container to communicate with the docker daemon on the host.
I am using Minikube to test everything I deploy in IBM Bluemix kubernetes service. I have my Macbook docker environment configured to use Minikube and I don't start standard basic Docker daemon/service in my MacBook. I just:
eval $(minikube docker-env)
It works great and I use same yaml files in Minikube than then I apply to Bluemix, as I use that Docker and Minikube image registry. Problem: when I try to login to BX CR to push an image from Minikube registry I get:
MacBook-Pro:Docker and Kubernetes icordoba$ bx cr login
Logging in to 'registry.ng.bluemix.net'...
FAILED
Failed to 'docker login' to 'registry.ng.bluemix.net' with error: Warning: failed to get default registry endpoint from daemon (Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?). Using system default: https://index.docker.io/v1/
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
.
It seems bx cr login command needs local docker host daemon running so I need to build image into Minkube registry, test in Minikube, shut it down, start Docker, build image again i docker registry, login to bx cr and push the image...
Can I make bx cr login command work with Minikube docker environment and not basic docker environment configured?
As mentioned in the comments the docker CLI is a pre-requirement for pushing to and pulling from the registry.
It should be possible to ssh into minikube using minikube ssh allowing you access to the docker daemon within minikube. You would then need to install the Bluemix cli and cr plugin. It should then be possible to push your images from there.
Alternatively you could install the IBM-Containers plugin found here. Then you can build your container in Bluemix and it will automatically push the image into the Container Registry for you to use with Kubernetes. This would allow you to build and push images without access to a docker daemon.
bx ic build -t registry.ng.bluemix.net/<namespace>/<image>:<tag> DOCKERFILE_PATH
(Adjust the registry region prefix based on which region you want your image to be pushed to)
Cannot pull image from local docker insecured registry repository inside Minikube.
I'm running Docker-toolbox v1.12.2 using Linux VM (Upstart) installed on Oracle VirtualBox 5.1.6 under Windows 7.
I've created a docker image and push (tag and then push) it into a local insecured docker-registry v2 that running on 192.168.99.100:5000/image/name.
docker run -d -p 5000:5000 --restart=always --name registry registry:2
and inside the VM, on /var/lib/boot2docker/profile I've add to the EXTRA_ARGS the flag --insecure-registry 192.168.99.100:5000 .
docker push & docker pull from localhost:5000/image/name are working fine within Docker(VM).
_catalog is reachable from Postman :GET http:192.168.99.100:5000/v2/_catalog and I'm able to get the images inside the registry.
I'm starting my Minikube v0.15.0 VM with the command:
minikube start --insecure-registry=192.168.99.100:5000
I'm under company PROXY so I've added the proxy in the command line (CMD):
set HTTP/HTTPS_PROXY=my.company.proxy:8080 and set NO_PROXY={minikube ip}.
Then Kubernetes dashboard started to work for me.
Now for the real problem, when running the command:
kubectl run image-name --image=192.168.99.100:5000/image/name --port=9999
to pull image from my local docker registry into Kubernetes its saying
deployment "image-name" created
But inside Kubernetes > Deployments I'm getting the following error:
Failed to pull image "192.168.99.109:5000/image/name": image pull failed for 192.168.99.100:5000/image/name:latest, this may be because there are no credentials on this request. details: (Error response from daemon: Get https://192.168.99.100:5000/v1/_ping: Tunnel or SSL Forbidden)
Can anyone help here with that Tunnel or SSL Forbidden error, it's driving me crazy, and I've tried so many solutions to configure --insecrue-registery inside docker, inside Kubernetes or when running the dokcer-registry.
BTW why it's refering to v1/_ping? i'm using the docker registry v2.
Seems like minikube cannot see the same network that your registry is running. Can you try running minikube ssh then run your curl for the catalog?
Also, as an alternative, you could run eval(minikube docker-env) which then will set your local docker client to use the docker server inside minikube.
So for example if you built an image tagged with myimage/foo it would build and put that image on the minikube docker host, so when you deployed the image, it wouldn't need to be pulled.