features icon indicating copy to clipboard operation
features copied to clipboard
verified publisher icon devcontainers

invalid mount config for type "bind": bind source path does not exist: /var/run/docker.sock

Open prashantchoudhary opened this issue 1 year ago • 3 comments

I am running rootless docker. And trying to spawn a devcontainer with docker-outside-docker feature. When I try to run the container, I get an error

docker: Error response from daemon: invalid mount config for type "bind": bind source path does not exist: /var/run/docker.sock.

This path doesn't exist on my system as it is rootless I think and the actual path will be unix:///run/user/1000/docker.sock.

{
    "name": "MyApi",
    "image": "mcr.microsoft.com/devcontainers/dotnet:1-8.0-bookworm",
    "features": {
        "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {},
    },
    "forwardPorts": [50111, 50111],
    "portsAttributes": {
            "50111": {
                "protocol": "https"
            }
    }
}

Host: Ubuntu 22 Docker: rootless as described here

I believe it is not respecting the DOCKER_HOME env variable.

prashantchoudhary avatar Apr 17 '24 18:04 prashantchoudhary

I have the same issue using podman.

The docker-ouside-of-docker mounts /var/lib/docker.sock from the host, which doesn't exist when using podman or rootless docker.

The fix would be to allow to mount ${XDG_RUNTIME_DIR}/podman/podman.sock (for podman, I believe for rootless docker it would be ${XDG_RUNTIME_DIR}/docker.sock) to /var/lib/docker-host.sock.

Is there any way to override the mount provided by the docker-ouside-of-docker feature?

corco avatar Mar 31 '25 02:03 corco

I have the same problem using Colima to run my Docker VM. Colima puts the docker socket at ~/.colima/docker.sock so docker-in-docker doesn't mount it into the devcontainer. It would be super cool if docker-in-docker could support Docker contexts on the host machine, or customize the host location of the docker socket. I've tried bind-mounting the socket to /var/run/docker.sock but no dice so far (it mounts with bad permissions).

medley56 avatar Aug 20 '25 22:08 medley56

I've had some success using rootless podman (version 4.9.4) on the host by overriding the /var/run/docker-host.sock bind mount to use the path to the podman socket as the source, setting the "remoteUser": "root", and setting the environment variable "DOCKER_BUILDKIT": "0" in the container (edited to use the Change the workspace to ${localWorkspaceFolder} approach so bind mounts specified by, e.g., docker run -v ... work):

{
    "image": "mcr.microsoft.com/devcontainers/base:bullseye",
    "features": {
        "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {}
    },
    "remoteUser": "root",
    "remoteEnv": {
        "DOCKER_BUILDKIT": "0"
    },
    "mounts": ["source=/tmp/podman-run-1234/podman/podman.sock,target=/var/run/docker-host.sock,type=bind"],
    "workspaceFolder": "${localWorkspaceFolder}",
    "workspaceMount": "source=${localWorkspaceFolder},target=${localWorkspaceFolder},type=bind"
}

Note I haven't tested it thoroughly; just some basic docker pull, docker run, and docker build usage.

nathanweeks avatar Oct 31 '25 18:10 nathanweeks