Host socket appears as directory in Docker volume

Question

I have a constraint to use unix domain socket for communication between a Docker container and a process on the host machine. The socket on the host machine resides in /tmp/my_socket.

For that, I am running the docker container with the mounted volume as such: docker run <image> -v /tmp/my_socket:/tmp/my_socket

But I noticed that the container fails to communicate with the socket, so I connected to the container and noticed that the socket is marked as a directory instead of a socket for some reason: drwxr-xr-x 2 root root

Why is the socket mounted as a directory?

I suspect that might be why the container cannot connect to it.

Answer 1

Normally the Unix mount(2) system call only mounts directories. This has implications on Docker's container filesystem setup: normally the thing you mount into a container is a directory, but Docker can do some magic for plain files which can be a little fragile at times. A socket is neither a directory nor a plain file so directly mounting it might not work well.

I'd try to reconfigure the server to put its socket in a dedicated directory (a subdirectory of /var/run would be common). Then you can bind-mount that entire directory into the client container.

sudo mkdir /var/run/my_app/my_socket
sudo my_server --daemon --socket-path /var/run/my_app/my_socket

sudo docker run \
  -d \
  -v /var/run/my_app:/var/run/my_app \
  -e SOCKET_PATH=/var/run/my_app/my_socket \
  my/client

This won't work at all if Docker is inside a VM (including if you're using a Docker Desktop setup or if your Docker is explicitly inside a VM, maybe using minikube or a similar distribution). Unix sockets never cross OS/VM boundaries.