search

docker-library / haproxy

Docker Official Image packaging for HAProxy
http://www.haproxy.org/
GNU General Public License v2.0
347 stars 158 forks source link

Use /var/run/docker.sock as backend server #202

Closed Tardo closed 1 year ago

Tardo commented 1 year ago

In 2.2 version, because the Dockerfile uses "root" user, you can mount "/var/run/docker.sock" and read it... but in older versions the user used is "haproxy"...

How i can still read to /var/run/docker.sock ? I need change the user to root in my Dockerfile?

Thanks.

tianon commented 1 year ago

I don't recommend running haproxy as root (nor exposing your Docker socket externally without some strict authentication, in case that's what you're doing here, since access to it is root-equivilant :grimacing:), but you should be able to do so with --user on docker run or user: in docker-compose.yml.

Another option would be to create a docker group inside the container/image with a GID that matches the GID of the docker group on your host and then adding the haproxy user to it (or running explicitly with --user haproxy:GID, as in, --user haproxy:998 with my example below):

$ stat --format '%g' /var/run/docker.sock
998
tianon commented 1 year ago

(In the future, these sorts of questions/requests would be more appropriately posted to a dedicated support forum, such as the Docker Community Slack, Server Fault, Unix & Linux, or Stack Overflow.)