Re: docker command run from containers got permission denied on /var/run/docker.sock

t; > Adrian > > > > - Original message - > From: Ben Parees > To: Weiqiang Zhuang > Cc: users > Subject: [EXTERNAL] Re: docker command run from containers got permission > denied on /var/run/docker.sock > Date: Wed, Oct 2, 2019 11:48 AM > > >

RE: docker command run from containers got permission denied on /var/run/docker.sock

According to this doc https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.16/#podsecuritycontext-v1-core `privileged` seems to be in both pod and container securityContext. Also have seen people use it in pod.spec... But anyway...     Adrian     - Original message -From: Ben

Re: docker command run from containers got permission denied on /var/run/docker.sock

r-cmds > image: argoproj/argoexec:v2.3.0 > command: ['sh', '-c', 'sleep 1d'] > > ``` > > Adrian > > > - Original message - > From: Ben Parees > To: Weiqiang Zhuang > Cc: users > Subject: [EXTERNAL] Re: docker command run from conta

RE: docker command run from containers got permission denied on /var/run/docker.sock

Thanks Ben. Yes, the pod is running as root.   BTW, now I moved the privileged into the containers section and suddenly this works. Not sure why the securityContext behaves this though.   ``` apiVersion: v1kind: Podmetadata:    name: doodspec:    containers:      - securityContext:          

Re: docker command run from containers got permission denied on /var/run/docker.sock

On Wed, Oct 2, 2019 at 1:38 PM Weiqiang Zhuang wrote: > On an Openshift 3.11 cluster, we tried to run docker commands but all > returned following error: > > ``` > Got permission denied while trying to connect to the Docker daemon socket > at unix:///var/run/docker.sock: Get >

docker command run from containers got permission denied on /var/run/docker.sock

On an Openshift 3.11 cluster, we tried to run docker commands but all returned following error:   ``` Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.39/version: dial unix /var/run/docker.sock: