Use Socket between container A + B

liszca · January 2, 2026, 9:37pm

For container A I got /run/postgresql/postgresql.sock as socket when running the following command:

incus config device add A socket-psql proxy listen=unix:/run/postgresql/postgresql.sock connect=unix:/run/postgresql.sock bind=instance

but where do I find this socket: /run/postgresql.sock its not on the host (MacOS).

Or is not for what I am trying to do?

catfish · January 3, 2026, 3:57am

If you want host to use instance’s socket, it should be bind=host.

candlerb · January 3, 2026, 6:30pm

Presumably you are running incus inside a virtual machine? In which case, that’s where the socket will be.

liszca · January 4, 2026, 2:51am

I looked inside colima but no socket there.

candlerb · January 4, 2026, 6:32pm

@catfish is right: if you want to listen on the host side and forward traffic to the container, bind=host is what you need to give.

Tested using colima 0.9.1 from homebrew

colima start --runtime incus
incus launch images:ubuntu/24.04/cloud test1
incus config device add test1 socket-psql proxy listen=unix:/postgresql.sock connect=unix:/run/postgresql.sock bind=host
colima ssh

brian@colima:/Users/brian$ ls -l /postgresql.sock
srw-r--r-- 1 root root 0 Jan  4 18:30 /postgresql.sock
brian@colima:/Users/brian$ exit
logout

Connections received on /postgresql.sock on the colima VM will be proxied to /run/postgresql.sock in the container.

If you use bind=instance then incus will create a socket inside the instance, listen on that, and will proxy to a socket on the host.

In both cases, it’s up to you to create the target socket (i.e. the one which will receive the proxied connection). If it doesn’t exist, then the connection will fail. In my example above, I hadn’t installed postgres inside the container. If I attempt a connection there’s nowhere for it to go, so it’s dropped on the floor.

brian@colima:/Users/brian$ sudo nc -U /postgresql.sock
brian@colima:/Users/brian$ echo $?
0
brian@colima:/Users/brian$ sudo tail -2 /var/log/incus/test1/proxy.socket-psql.log
Warning: Failed to connect to target: dial unix /run/postgresql.sock: connect: no such file or directory
Warning: Failed to prepare new listener instance: dial unix /run/postgresql.sock: connect: no such file or directory

With two containers, A and B:

If container A is running postgres, it will already have a postgres listening socket
Create a proxy device on container A with “bind=host” to accept inbound connections
If container B is running psql or an application that wants to talk to postgres, create a proxy device with “bind=instance” to create a socket inside the container; set the connect destination to the path on the host which was created by the proxy device

Alternatively you could use TCP/IP directly between the containers, as long as postgres is set up to allow it (hba.conf)