Page MenuHomePhabricator

Running docker container inside Tool Labs fails
Closed, ResolvedPublic


Inside the Tool Lab for soweego, we need to run a docker container.

We log in the tool:

  1. ssh
  2. become soweego

Then it seems like we cannot connect to the docker deamon. Running docker ps returns:

FATA[0000] Get http:///var/run/docker.sock/v1.18/containers/json: dial unix /var/run/docker.sock: permission denied. Are you trying to connect to a TLS-enabled daemon without TLS?

We did some research in the ToolForge documentation, even in the FAQs, but we didn't find any solution.
We think it's a permission issue. Can you help us?

soweego is a project funded by Wikimedia Foundation, which aims to automatically link existing Wikidata items about people to trusted identifier catalogs.

Why docker
We want to use only a technology for handling test environment and production one (Tool Lab).
With docker-compose we provide the developers a testing MariaDB instance and a container with the main project.
For production would be straight forward for us to run only the main project container, since the docker command is available.

Thank you in advance,
Massimo from the soweego team

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

@MaxFrax96 Toolforge provides a Platform As A Service (PaaS) solution where you can run your tools using various runtimes, have access to databases, and other facilities, by using the webservice command.

The Cloud VPS project, on the other hand, provides something more similar to a Infrastructure As A Service (IaaS) solution where you create your own Virtual Machines. That gives you more freedom to experiment with tools like docker-compose, but also more responsibility in maintaining your servers. If you haven't done so already, please read this page about how to request a Cloud VPS project.

In summary, although we do use Docker in some places inside the Toolforge platform, it is not available to developers directly. You have to follow the development guides and use the webservice command to start your tool in the Grid Engine or the Kubernetes cluster. For low-level access to infrastructure components like Docker, your best option is to request a Cloud VPS project.

I'm going to close this task but feel free to re-open if you think I'm misunderstood your request. We're also available on #wikimedia-cloud IRC channel if you have any doubts.

GTirloni triaged this task as Medium priority.