Using Buttervolume inside Docker container

[dabide]

I am currently using an older version of Buttervolume inside a CI build agent, using docker exec buttervolume buttervolume. That works perfectly.

Is there any way to use the newer, managed plugin based version this way? docker-runc doesn't seem to work, as it doesn't detect that the plugin is running. /var/run/docker.sock and /run/docker/plugins/runtime-root/plugins.moby are mapped from the host.

On the host:

# drunc list
ID                                                                 PID         STATUS      BUNDLE                                                                                                                                       CREATED                          OWNER
abf6245ea65ee121ff48c30f99c283dac49d225221579ee4a140b7d8a843f200   19607       running     /run/docker/containerd/daemon/io.containerd.runtime.v1.linux/plugins.moby/abf6245ea65ee121ff48c30f99c283dac49d225221579ee4a140b7d8a843f200   2018-11-01T16:26:26.605625462Z   root

Inside the CI container:

# drunc list
ID                                                                 PID         STATUS      BUNDLE                                                                                                                                       CREATED                          OWNER
abf6245ea65ee121ff48c30f99c283dac49d225221579ee4a140b7d8a843f200   0           stopped     /run/docker/containerd/daemon/io.containerd.runtime.v1.linux/plugins.moby/abf6245ea65ee121ff48c30f99c283dac49d225221579ee4a140b7d8a843f200   2018-11-01T16:26:26.605625462Z   root

[dabide]

Running an strace leads me to suspect that running docker-runc inside a container isn't possible: It first reads the state of the plugin, finds the PID, and then tries opening /proc/12345/stat (if the PID is 12345).

Is there any other way of doing this?

[dabide]

Here's a script that lets one work around this:

build.sh

#!/bin/sh
docker build -t buttervolume-cli - <<EOF
FROM python
RUN pip install buttervolume
EOF

buttervolume.sh

#!/bin/sh

PREFIX=$(docker run -v /var/run/docker.sock:/var/run/docker.sock docker docker plugin ls | grep "anybox/buttervolume:latest" | awk '{ print $1 }')
SOCKET=$(docker run -v /run/docker/plugins:/run/docker/plugins alpine find /run/docker/plugins -maxdepth 1 -type d -name ${PREFIX}*)/btrfs.sock

docker run \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -it \
  docker docker run --privileged \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v ${SOCKET}:/run/docker/plugins/btrfs.sock \
    -v /var/lib/buttervolume:/var/lib/buttervolume \
    -it buttervolume-cli buttervolume $@

[petrus-v]

indeed we are using buttervolume cli in a separate docker container. As far I remember it only communicate through the docker API so only mounting docker.sock should be enough.

regards,

[dabide]

As far as I can see from the source code, the CLI version needs access to btrfs.sock. To find that, it needs to know the path to the plugin, and uses docker plugin inspect. I just tested, and this is a much simpler way to do it:

build.sh

#!/bin/sh
docker build -t buttervolume-cli - <<EOF
FROM docker as docker

FROM python:alpine
RUN pip install buttervolume
COPY --from=docker /usr/local/bin/docker /usr/local/bin/docker
EOF

buttervolume.sh

#!/bin/sh
docker run --rm -it \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v /run/docker/plugins:/run/docker/plugins \
  buttervolume-cli buttervolume $@

[petrus-v]

Indeed, reading the code, your're right it communicate through btrfs.sock

For reference we are using the CLI inside the a consul container in the mlfmonde/cluster project