How to mount the LXD socket from the host to a LXD container?


(Hagen Kuehn) #1

I have got a LXD host (Snap) and a LXD container with LXD installed (Snap). I would like to have the LXD container access the LXD socket on the host machine. I want to do this out of the same reasoning I have described with this topic Topic 1650. Based on the solution provided for Docker I tried to derive a solution for LXD but it does not work.

Is there a way of getting this to work?


#2

What is your lxc config device command for the socket?
LXD 3.4+ has additional options that should make it easy to share the socket to the container.


(Hagen Kuehn) #3

I use a Python script that starts the LXD container and does all the magic by the use of the pylxd==2.2.7 package.

The socket I am trying to access on the host is;

$ ls -lah /var/snap/lxd/common/lxd/unix.socket
srw-rw---- 1 root lxd 0 Sep  5 07:10 /var/snap/lxd/common/lxd/unix.socket

File permissions look okay to me…

The below is the JSON I use with pylxd.

{'lxd': {'path': '/mnt/lxd.sock', 'source': '/var/snap/lxd/common/lxd/unix.socket', 'type': 'disk'}}

See https://pylxd.readthedocs.io/en/latest/containers.html#container-attributes for respective docs.

I believe this equates to;

$ lxc config device add mycontainer lxd disk source=/var/snap/lxd/common/lxd/unix.socket path=/mnt/lxd.sock

The container’s boot init does;

touch /run/lxd.sock
mount --move/mnt/lxd.sock /run/lxd.sock
rm /mnt/lxd.sock

Before running any LXD commands, I set the LXD_SOCKET environment variable;

export LXD_SOCKET=/run/lxd.sock

When I then execute lxc ls, I get below error:

Error: Get http://unix.socket/1.0: dial unix "connect: no such file or directory"

#4

Hi @quater,

Have a look at this blog post that works on LXD 3.4 or newer,

There is a typo in your commands (mount --move/mnt…) which is probably the cause of “no such file or directory”. That message means that the client did not encounter the specified socket file at all.


How to mount the SSH agent socket into LXD container
(Hagen Kuehn) #5

Hi @simos,

Thank you very much for this brilliant blog post. Very descriptive! This resolves the problem!

Furthermore I will try to use the new proxy device for Docker instead of the approach that was used with Topic 1650.