Page MenuHomeDevCentral

Update Docker socket ownership
ClosedPublic

Authored by DorianWinty on Apr 15 2022, 16:08.
Tags
  • Restricted Project
Referenced Files
F3778451: D2670.diff
Mon, Nov 25, 05:06
Unknown Object (File)
Fri, Nov 22, 11:28
Unknown Object (File)
Fri, Nov 22, 11:10
Unknown Object (File)
Fri, Nov 22, 10:11
Unknown Object (File)
Fri, Nov 22, 10:01
Unknown Object (File)
Fri, Nov 22, 09:57
Unknown Object (File)
Fri, Nov 22, 09:52
Unknown Object (File)
Thu, Nov 21, 07:26
Subscribers
None

Details

Summary

In D2668, the group name allowed to connect to Docker socket is customized.
Yet, on Dwellers, the docker client still can't connect on it.

There is a similar known issue reported upstream, which suggests the socket
systemd unit used for socket-activated services also needs to be aware
of the group.

References:

Ref T1724

Test Plan

docker ps on Dwellers

Diff Detail

Repository
rOPS Nasqueron Operations
Lint
Lint Passed
Unit
No Test Coverage
Branch
docker_add_config
Build Status
Buildable 4192
Build 4444: arc lint + arc unit

Event Timeline

DorianWinty created this revision.
dereckson edited the test plan for this revision. (Show Details)
dereckson requested changes to this revision.Apr 15 2022, 17:58
dereckson added inline comments.
roles/paas-docker/devel/config.sls
1

Header is missing

roles/paas-docker/devel/files/socket.conf
2

A lot is missing. Read 4 or 5 other roles/*/files/* files to have an idea of the medata we put there.

This revision now requires changes to proceed.Apr 15 2022, 17:58

It currently fails:

Complector
$ salt dwellers state.sls roles/paas-docker/devel/config   (git)-[dwellers-dev] 
dwellers:
----------
          ID: /etc/systemd/system/docker.socket.d/socket.conf
    Function: file.managed
      Result: False
     Comment: Source file salt://role/pass-docker/devel/files/socket.conf not found in saltenv 'base'
     Started: 17:59:49.455264
    Duration: 52.343 ms
     Changes:   

Summary for dwellers
------------
Succeeded: 0
Failed:    1
------------
Total states run:     1
Total run time:  52.343 ms
roles/paas-docker/devel/config.sls
3

See the test run in comment, path is wrong.

Pro tip: git status or git whatchanged, copy/paste from there
(or in IDE like Atom right click, copy project path).

dereckson retitled this revision from Fix issue about connexion on docker dev to Fix issue about connection on docker dev.Apr 15 2022, 18:23
roles/paas-docker/devel/config.sls
4

Also I tested with updated path that gives that:

dwellers:

      ID: /etc/systemd/system/docker.socket.d/socket.conf
Function: file.managed
  Result: False
 Comment: Parent directory not present
 Started: 18:25:30.559029
Duration: 76.699 ms
 Changes:
roles/paas-docker/devel/files/socket.conf
9

That doesn't work either: systemd options are sorted by categories:

[category]
key=value

Look on the upstream issue or on the systemd documentation the category for that one.

dereckson retitled this revision from Fix issue about connection on docker dev to Update Docker socket ownership.Apr 15 2022, 19:00
DorianWinty marked 5 inline comments as done.

correct problem

roles/paas-docker/devel/files/socket.conf
10

Oh that one is only to use when a file is specific to a specific Docker image, so we can drop it here.

Dwellers is a server, not a Docker image.

DorianWinty marked an inline comment as done.

rm 1 line

roles/paas-docker/devel/files/socket.conf
3

That's the title of the configuration file, this is not the arc wrapper ^^

8

Infinitive too

DorianWinty marked 2 inline comments as done.

corrected

This revision is now accepted and ready to land.Apr 19 2022, 19:01
This revision was automatically updated to reflect the committed changes.