Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Connection fails when DOCKER_HOST set to local socket #21173

Closed
dsyer opened this issue Apr 27, 2020 · 6 comments
Closed

Connection fails when DOCKER_HOST set to local socket #21173

dsyer opened this issue Apr 27, 2020 · 6 comments
Assignees
@scottfrederick
Labels
type: bug A general bug
Milestone
2.3.0

Comments

@dsyer
Copy link
Member

dsyer commented Apr 27, 2020

Running mvn spring-boot:build-image and getting this error:

...
[ERROR] Failed to execute goal org.springframework.boot:spring-boot-maven-plugin:2.3.0.M4:build-image (default-cli) on project 
demo: Execution default-cli of goal org.springframework.boot:spring-boot-maven-plugin:2.3.0.M4:build-image failed: Docker API c
all to '/var/run/docker/docker.sock/v1.24/images/create?fromImage=docker.io%2Fcloudfoundry%2Fcnb%3Abionic-platform-api-0.2' fai
led with status code 500 "/var/run/docker/docker.sock: Name or service not known" -> [Help 1]                                  
[ERROR]                                                                                                                        
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.                                            
[ERROR] Re-run Maven using the -X switch to enable full debug logging.                                                         
[ERROR]                                                                                                                        
[ERROR] For more information about the errors and possible solutions, please read the following articles:                      
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/PluginExecutionException

The Docker CLI works fine via a DOCKER_HOST env var (probably a plausible analog of a "standard" low-trust enterprise environment). I assume that this is messing with the Maven plugin.
@dsyer
Copy link
Member Author

dsyer commented Apr 27, 2020

This was in eduk8s BTW, and the workshop died before I had a chance to get more details. It's a restrictive environment but probably not unrealistic in the wild.

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Apr 27, 2020
@philwebb
Copy link
Member

#20538 was fixed in M4 so there must be something we missed.

@philwebb philwebb added type: bug A general bug and removed status: waiting-for-triage An issue we've not yet triaged labels Apr 27, 2020
@philwebb philwebb added this to the 2.3.x milestone Apr 27, 2020
@dsyer
Copy link
Member Author

dsyer commented Apr 27, 2020

That does look like a similar issue. In this case DOCKER_HOST was set to a socket (ie a file) so maybe that’s the corner case we didn’t cover yet?

@jorgemoralespou
Copy link

We can confirm this is still happening and as @dsyer mentions we think that it's a problem when Docker socket is not treated like a linux socket but rather as an http endpoint. We can see a stacktrace like this:

rg.springframework.boot:spring-boot-maven-plugin:2.3.0.BUILD-SNAPSHOT:build-image (default-cli) on project demo:
 Execution default-cli of goal org.springframework.boot:spring-boot-maven-plugin:2.3.0.BUILD-SNAPSHOT:build-image failed: Docker API cal
l to '/var/run/docker/docker.sock/v1.24/images/create?fromImage=gcr.io%2Fpaketo-buildpacks%2Fbuilder%3Abase-platform-api-0.3' failed wit
h status code 500 "/var/run/docker/docker.sock: Name or service not known"

This trace makes us think that connection to a socket is not being made properly.

@dsyer
Copy link
Member Author

dsyer commented May 11, 2020
edited

Here's the detail from the stack trace:

Caused by: org.springframework.boot.buildpack.platform.docker.transport.DockerEngineException: Docker API call to '/var/run/doc
ker/docker.sock/v1.24/images/create?fromImage=gcr.io%2Fpaketo-buildpacks%2Fbuilder%3Abase-platform-api-0.3' failed with status 
code 500 "/var/run/docker/docker.sock: Name or service not known"                                                              
    at org.springframework.boot.buildpack.platform.docker.transport.HttpClientTransport.execute (HttpClientTransport.java:140) 
    at org.springframework.boot.buildpack.platform.docker.transport.HttpClientTransport.post (HttpClientTransport.java:82)     
    at org.springframework.boot.buildpack.platform.docker.DockerApi$ImageApi.pull (DockerApi.java:155)                         
    at org.springframework.boot.buildpack.platform.build.Builder.pullBuilder (Builder.java:84)                                 
    at org.springframework.boot.buildpack.platform.build.Builder.build (Builder.java:62)                                       
    at org.springframework.boot.maven.BuildImageMojo.buildImage (BuildImageMojo.java:136)                                      
    at org.springframework.boot.maven.BuildImageMojo.execute (BuildImageMojo.java:128)                                         
...

I can confirm that the socket works with curl:

$ curl --unix-socket /var/run/docker/docker.sock http://localhost/images/json | jq                                         
[                                                                                                                              
  {                                                                                                                            
    "Containers": -1,                                                                                                          
    "Created": 1588752403,                                                                                                     
    "Id": "sha256:0f3310167bdc7dd1f27409b870b82c61f200ddac4c44aea5f456b024cc295b5d",                                           
    "Labels": null,                                                                                                            
    "ParentId": "",                                                                                                            
    "RepoDigests": [                                                                                                           
      "dsyer/demo@sha256:6477cd3f8bf2f17faafb0babef5e24b565ab6fa6cdd35e52011beec55dafd6ca",                                    
      "lab-spring-boot-w01-s001-registry.training.failk8s.dev/springguides/demo@sha256:6477cd3f8bf2f17faafb0babef5e24b565ab6fa6
cdd35e52011beec55dafd6ca"                                                                                                      
    ],                                                                                                                         
    "RepoTags": [                                                                                                              
      "dsyer/demo:latest",                                                                                                     
      "lab-spring-boot-w01-s001-registry.training.failk8s.dev/springguides/demo:latest"                                        
    ],                                                                                                                         
    "SharedSize": -1,                                                                                                          
    "Size": 123002083,                                                                                                         
    "VirtualSize": 123002083                                                                                                   
  }                                                                                                                            
]

@scottfrederick
Copy link
Contributor

Docker socket is not treated like a linux socket but rather as an http endpoint.

Currently, when the DOCKER_HOST environment variable is set Spring Boot assumes that it is an HTTP endpoint. If DOCKER_HOST is not set then Boot uses a domain socket on Linux. We'll need to update this logic to handle this case where DOCKER_HOST is a domain socket.

@scottfrederick scottfrederick self-assigned this May 11, 2020
@scottfrederick scottfrederick changed the title DOCKER_HOST not working with image builder tooling? Connection fails when DOCKER_HOST set to local socket May 11, 2020
scottfrederick added a commit to scottfrederick/spring-boot that referenced this issue May 12, 2020
@scottfrederick
Support local socket path in DOCKER_HOST
46dfa45 
Prior to this commit, if a DOCKER_HOST environment variable was present
when attempting to communicate with a Docker daemon, it was assumed
that the value of that variable was an address that could be used to
create an HTTP connection to a remote daemon. In some cases, the value
of the variable is the path to a local socket file, which would cause
the HTTP connection to fail.

This commit adds additional validation of the value of the DOCKER_HOST
environment variable to determine whether it is a remote address or
a local socket file and create the appropriate connection type.

Fixes spring-projectsgh-21173
@scottfrederick scottfrederick modified the milestones: 2.3.x, 2.3.0 May 12, 2020
@snicoll snicoll mentioned this issue Jun 5, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@scottfrederick scottfrederick

Labels
type: bug A general bug
Projects
None yet
Milestone
2.3.0
Development

No branches or pull requests
5 participants
@scottfrederick @jorgemoralespou @dsyer @philwebb @spring-projects-issues