1、使用普通用户登录报错

1
2
[dev@kube-node1 ~]$ docker ps -a
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.37/containers/json?all=1: dial unix /var/run/docker.sock: connect: permission denied

2、查阅官方资料 https://docs.docker.com/install/linux/linux-postinstall/ 得到以下:

1
2
3
The Docker daemon binds to a Unix socket instead of a TCP port. By default that Unix socket is owned by the user root and other users can only access it using sudo. The Docker daemon always runs as the root user.

If you don’t want to preface the docker command with sudo, create a Unix group called docker and add users to it. When the Docker daemon starts, it creates a Unix socket accessible by members of the docker group.

3、解决方案:

3.1、创建docker组
1
# groupadd docker
3.2、将所需用户加入docker组
1
# gpasswd -a ${USER} docker
3.3、重启docker
1
# systemctl restart docker
3.4、验证
1
2
3
4
5
[root@kube-node1 /home/yunwei]# su - dev
Last login: Wed Feb 20 14:08:20 CST 2019 on pts/0
[dev@kube-node1 ~]$ docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
e8404a144626 f57c75cd7b0a "/heapster --source=…" 11 days ago Exited (137) 11 days ago k8s_heapster_heapster-9cc69ddcf-qlww2_kube-system_f8345be8-1d5e-11e9-acd8-005056b22233_11

参考资料:

Comments

2019-03-24