Closed wrfly closed 5 years ago
Since docker will not re-bind the files to the containers after it restarts, so if we mount the docker.sock
to the container, we will lose the connection to the restarted docker daemon since the docker daemon recreated its socket file, the docker.sock
inside the container is actually a deleted file(we cannot see it in the outside, but we can get it inside the container).
The obvious solution is to restart the container so that the docker will re-bind the socket file.
Another way to solve this is to mount the whole /var/run
directory to the container since the directory won't be deleted, the container-web-tty
can still connect to the new docker daemon.
docker run --rm -ti --name web-tty \
-p 8080:8080 \
-v /var/run/:/var/run/ \
wrfly/container-web-tty
Maybe it's a bug of docker, and it's quite easy to reproduce. Just mount a file to a container and delete that file, and you can still get the contant inside the container. At mainwhile, any changes before delete the file can be seen inside the container since the file is the same, it has the same inode number. But after delete the file in the host, we lost control of this file, and the file can be and only be found in the container. We can use lsof -L1 | grep deleted
to get all the deleted files (in the host but not the container) and when we tail -f
the "deleted" file inside the container, we can see the process is reading a "deleted" file. And we can also get the contant from its file descriptor(just cat it).
go mod