Sharing unix socket via docker volume – permission denied

soupdiver asked:

I try to share my php5-fpm socket via a volume with my nginx webserver. Fpm and nginx are running in different containers and I want to get them working via a shared volume where I place the socket file from fpm.

2014/04/13 10:53:35 [crit] 33#0: *1 connect() to unix:/container/fpm/run/php5-fpm.sock failed (13: Permission denied) while connecting to upstream, client: 192.168.8.2, server: docker.dev, request: "GET /test.php HTTP/1.1", upstream: "fastcgi://unix:/container/fpm/run/php5-fpm.sock:", host: "docker.dev"

I already tried setting permissions to 777 and changing the group of php5-fpm.socket to www-data.

Dockerfile of fpm container

FROM ubuntu:13.10

RUN apt-get update
RUN apt-get upgrade -y
RUN apt-get install -y php5-cli php5-common
RUN apt-get install -y php5-fpm php5-cgi

ADD ./php-fpm.conf /etc/php5/fpm/php-fpm.conf
ADD ./pool.d/www.conf /etc/php5/fpm/pool.d/www.conf
ADD ./php.ini /etc/php5/fpm/php.ini

CMD ["/usr/sbin/php5-fpm"]

Dockerfile of nginx container

FROM ubuntu:13.10

RUN apt-get update
RUN apt-get upgrade -y
RUN apt-get install -y nginx

ADD ./test.php /var/test/test.php
ADD ./test.html /var/test/test.html
ADD ./nginx.conf /etc/nginx/nginx.conf
ADD ./site /etc/nginx/sites-enabled/test

EXPOSE 80

CMD ["/usr/sbin/nginx"]

I can access the test.html but when accessing test.php I get 502 Bad Gateway.

Is there anything else I have to care about permissions when sharing stuff via volumes?

My answer:


Different containers cannot talk to each other via UNIX domain sockets when they are in different network namespaces. There is an unofficial kernel patch that allows this, but you’re on your own if you use it.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.