I want to give a peer container access to /var/run/haproxy.sock. Unfortunately, it throws an error when I try to do this through bind mounting with a named volume. Is is possible to share the haproxy.sock with other containers? I assume it is, so I wonder which piece I am missing here. Probably rights - but how to set them correctly?
worker1 | <7>haproxy-systemd-wrapper: executing /usr/local/sbin/haproxy -p /run/haproxy.pid -f /usr/local/etc/haproxy/haproxy.cfg -Ds
worker1 | [ALERT] 182/075644 (6) : Starting frontend GLOBAL: error when trying to preserve previous UNIX socket [/var/run/haproxy.sock]
worker1 | <5>haproxy-systemd-wrapper: exit, haproxy RC=1
I have the following config in haproxy.cfg:
global
maxconn 8204
tune.ssl.default-dh-param 2048
stats socket /var/run/haproxy.sock mode 660 level admin
stats timeout 30s
I use docker-compose to start my containers in swarm mode:
version: '3.2'
services:
haproxy:
image: haproxy:1.7.7
ports:
- "80:80"
- "443:443"
volumes:
- "/home/ubuntu/haproxy/haproxy.cfg:/usr/local/etc/haproxy/haproxy.cfg:ro"
- "socket:/var/run/haproxy.sock:rw"
ulimits:
nofile:
soft: 16479
hard: 16479
deploy:
placement:
constraints:
- node.hostname==worker1
volumes:
socket: {}
Named volumes can only be directories, not single files. As a result, this line;
"socket:/var/run/haproxy.sock:rw"
Will attempt to mount a directory (the "socket" volume) at location /var/run/haproxy.sock inside the container.
If the location of "haproxy.sock" is configurable, you may try something like;
"socket:/my-haproxy-socket-directory"
(the socket itself would be located at /my-haproxy-socket-directory/haproxy.sock inside the container)