Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Handle 'cannot connect to Docker daemon' correctly #9

Closed
purestaketdb opened this issue Feb 26, 2020 · 6 comments
Closed

Handle 'cannot connect to Docker daemon' correctly #9

purestaketdb opened this issue Feb 26, 2020 · 6 comments

Comments

@purestaketdb
Copy link

Minor issue when running './sandbox up' on OS X when the Docker daemon has been turned off. Sandbox util incorrectly reports progress, while also showing errors from Docker.

`Building a new Docker Image...
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
ERRO[0000] failed to dial gRPC: cannot connect to the Docker daemon. Is 'docker daemon' running on this host?: dial unix /var/run/docker.sock: connect: connection refused

Starting a new Docker Container...
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
See 'docker run --help'.

Sandbox started! Printing status...
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?`

Fix: Correct flow to exit out if daemon is not running or update bolded status messages to indicate issue.
@winder
Copy link
Contributor

winder commented Mar 10, 2020

Strange, set -e is supposed to terminate the program when an error like this happens.

Does this script execute for you?

#!/bin/bash

set -e

invalid-command

echo "Should not get here"

@purestaketdb
Copy link
Author

It did not reach the echo statement. This is really minor in the grand scheme of thing, as the errors are outputted along the way.

fabrice102 added a commit to fabrice102/sandbox that referenced this issue Mar 11, 2020
@fabrice102
Do not ignore errors if data folder corrupted
5b14d7e 
Previously, `set +e` was used, which was then carried to `ask_clean`
This may explain the problem seen in issue algorand#9.
@fabrice102 fabrice102 mentioned this issue Mar 11, 2020
Merged
winder pushed a commit that referenced this issue Mar 17, 2020
@fabrice102
Better error handling (#12)
80efe42 
* Do not ignore errors if data folder corrupted

Previously, `set +e` was used, which was then carried to `ask_clean`
This may explain the problem seen in issue #9.

* Test if docker running before asking to reset sandbox

Avoid users resetting sandbox before realizing that
the issue was that Docker was not running.
@winder
Copy link
Contributor

winder commented Mar 17, 2020

@purestaketdb could you see if the improvement @fabrice102 made fixes this?

@winder winder closed this as completed Sep 14, 2020
@winder
Copy link
Contributor

winder commented Sep 14, 2020

Let me know if this is still an issue, closing due to inactivity.

@modernlearner
Copy link

I just ran into this issue with "connection refused". It looks like the docker.pid or docker.sock permissions have to be changed to allow a connection. The Docker installation guide is a misleading because it considers docker installed successfully when the command sudo docker run hello-world works.

However, without running as root:

$ docker run hello-world
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.

Based on a stackoverflow answer you can do this to fix the issue:

$ sudo chmod o=rwx /var/run/docker.sock
$ docker run hello-world # make sure it worked

After doing this I was able to run the ./sandbox up and start to see some progress in setting up the docker containers.

As per #23 it would be great to see this mentioned in the README or to see a more helpful error message that suggests doing the above.

@fabrice102
Copy link
Contributor

Thanks @modernlearner for your answer to detect Docker running.

However, doing

sudo chmod o=rwx /var/run/docker.sock

should only be done on experimental machines without any important data.

On Linux, it indeed gives full root access to any user of the machine.
See https://docs.docker.com/engine/security/#docker-daemon-attack-surface

Adding your username to the group docker is slightly better:

sudo groupadd docker
sudo usermod -aG docker $USER

(followed by logging out and logging back in)
However, it is still quite dangerous as it gives root access to yourself without the protection that sudo offers (i.e., asking for the user password and logging any sudo command).
See https://docs.docker.com/engine/install/linux-postinstall/#manage-docker-as-a-non-root-user

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@winder @fabrice102 @purestaketdb