Molecule: Docker driver - volume /var/rund/docker.sock:/var/run/docker.sock is not mapped or is removed

Created on 7 Nov 2018  路  5Comments  路  Source: ansible-community/molecule

Impossible to map volume (host to container) /var/run/docker.sock to /var/run/docker.sock using Docker driver.

Possible root cause for molecule:
docker_container module
Possible base root cause in docker.py usage of the module

Is it possible to fix ?
Yes, but Its pretty hacky.
How ?
Map docker.sock to some other location, symbolic link the sock to /var/run/docker.sock

Molecule and Ansible details

ansible 2.6.3
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/ilhicas/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0]

ansible 2.6.3
  config file = /etc/ansible/ansible.cfg
  configured module search path = [u'/home/ilhicas/.ansible/plugins/modules', u'/usr/share/ansible/plugins/modules']
  ansible python module location = /usr/local/lib/python2.7/dist-packages/ansible
  executable location = /usr/local/bin/ansible
  python version = 2.7.15rc1 (default, Apr 15 2018, 21:51:34) [GCC 7.3.0]

Molecule installation method (one of):

  • source

Ansible installation method (one of):

  • os

Driver used:
Docker

Desired Behavior

Volume /var/run/docker.sock is mapped to internal /var/run/docker.sock
using volumes

Actual Behaviour

/var/run/docker.sock is missing inside container

Please give some details of what is actually happening.

molecule.yml

dependency:
  name: galaxy
  enabled: true
  options:
    ignore-certs: True
    ignore-errors: True
    #Relative path search here walks from role root folder (this case ansible) all the way to the scenario (in this case it lives under ansible/requirements.yml, for specific set ansible/molecule/scenario-name/requirements.yml)
    role-file: molecule/scenario_name/requirements.yml
driver:
  name: docker
lint:
  name: yamllint
  enabled: false
platforms:
  - name: container_name
    image: fiercely/centos7:systemd
    privileged: True
    published_ports:
      - "80"
      - "443"
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:rw
      - /var/run/docker.sock:/var/run/docker.sock
    command: "/usr/sbin/init"
    groups:
      - some_group
provisioner:
  name: ansible
  roles_path: roles
  lint:
    name: ansible-lint
    enabled: false
  inventory:
    links:
      group_vars: ../../group_vars/
scenario:
  name: scenario_name
  test_sequence:
    - destroy
    - dependency
    - create
    - prepare
    - converge
    - side_effect
    - verify
    - destroy
verifier:
  name: testinfra
  lint:
    name: flake8

playbook.yml

- name: Converge
  hosts: some_group

How to reproduce:

molecule test -s scenario_name

docker exec -it container_name bash
#Inside container
ls -laF /var/run | grep docker.sock
#Mapped docker sock is not found
bug
Source
picture Ilhicas
👍7

All 5 comments

I suspect the cause is that a tmpfs is mounted on /var/run (or /run if it's symlink) after /var/run/docker.sock is mounted, so the socket file is no longer visible:

$ molecule login
# mount | grep run
tmpfs on /run/docker.sock type tmpfs (rw,nosuid,nodev,noexec,relatime,size=204704k,mode=755)
tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
bartcortooms picture bartcortooms on 14 Jun 2019

As a work around for this issue you can

  1. in your molecule.yml platforms/instance mount your volume like this: /var/run/docker.sock:/tmp/docker.sock
  2. create prepare.yml with following steps

    • name: create docker.sock

      raw: touch /var/run/docker.sock

      become: true

      changed_when: false

    • name: move docker.sock from tmp

      raw: mount --move /tmp/docker.sock /var/run/docker.sock

      become: true

      changed_when: false

this will move the /tmp/docker.sock to /var/run/docker.sock where it should be :D

wildone picture wildone on 10 Sep 2019
👍1

is there any plan to solve this issue? Currently it's a massive pain to test a playbook which uses docker_container functionality if you are developing in local.

alekc picture alekc on 18 Jan 2020

DoD is a known issue and you should don even try to use containers to test docker related playbooks. I will close this because that is not something molecule can do anything about.

ssbarnea picture ssbarnea on 15 Feb 2020
👎4

I was able to start a container insdie the molecule instance. I installed docker with Dockerfile.j2. Then I followed @wildone instructions to move the docker sockets mount inside the prepare.yml, but ran into an error. I was able to start a container with a symbolic link from inside the molecule host.

- name: Prepare
  hosts: all
  tasks:
    - name: "link docker.sock to /var/run"
      raw: ln -s /tmp/docker.sock /var/run/docker.sock
itno85 picture itno85 on 5 Feb 2021
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ssbarnea picture ssbarnea  路  4Comments
Lirt picture Lirt  路  3Comments
srizzling picture srizzling  路  3Comments
adborden picture adborden  路  4Comments
ssbarnea picture ssbarnea  路  4Comments