I'm using docker-php with nginx + php-fpm (docker-compose project). When I'm trying to run an example from the documentation:
<?php
use Docker\API\Model\ContainersCreatePostBody;
use Docker\Docker;
$docker= Docker::create();
$containerConfig = new ContainersCreatePostBody();
$containerConfig->setImage('nginx:latest');
$containerConfig->setCmd(['echo', 'I am running a command']);
$containerCreateResult = $docker->containerCreate($containerConfig);
var_dump($containerCreateResult);
exit;
and I'm getting the error:
Http \ Client \ Socket \ Exception \ ConnectionException - Permission denied
As far as I understand the problem is that user group, that php-fpm is using, does not have rw rights to docker.sock (I'm mounting it from the host on which the docker is running).
Configuration:
docker-compose:
The shell directory contains an application on yii2, that is used by docker-php.
version: '2'
services:
web:
image: 'nginx:latest'
container_name: web
ports:
- '80:80'
- '443:443'
volumes:
- './:/shell'
networks:
- backend
- frontend
restart: always
php:
build: ./docker/php/
container_name: php
volumes:
- './:/shell'
- '/var/run/docker.sock:/var/run/docker.sock'
environment: []
networks:
- backend
restart: always
networks:
frontend:
driver: bridge
backend:
driver: bridge
Dockerfile for php-fpm: github gist (too large file for post ~100 lines)
Docker is installed for the experiment, and so it is useless in the container php-fpm.
Software versions:
- Docker version 1.13.1
- docker-compose version 1.8.0
- Kubuntu 17.10 x64
I found something similar in the Internet (one, two, three ...), the decision is to add the user, from which the application works in the container, to the group www-data.
If I assign 777 rights to docker.sock, then everything will be working, but this is a bad solution =)