var/run/docker.sock

What is a container?

A container collects code and all its dependencies to ensure a smooth and quick transition of applications from one computing environment to another. A container imageA lightweight, standalone, executable package of software. contains everything that is required to run any application (i.e., the code, runtime, system tools, system libraries, and settings).

About /var/run/docker.sock

/var/run/docker.sock is basically the Unix socket the Docker daemon listens on by default. It is also a tool used to communicate with the Docker daemon from within a container. Sometimes, containers need to bind mountWhen you use a bind mount, a file or directory on the host machine is mounted into a container. The file or directory is referenced by its full or relative path on the host machine. the /var/run/docker.sock file.

The image shows how container can access the features of docker daemon without being part of the interface itself.

Docker daemon

By default, a Docker daemon on a Docker platform listens on the /var/run/docker.sock Unix socket. This is verified by the fact that the options provided in daemon contain the following entry.

-H unix:///var/run/docker.sock

 -H options is provided so that the daemon listens on tcp host/port or on other unix sockets. 

Mounting the Docker daemon socket gives the control of the daemon to the container. However, this process should only be used with trusted containers when necessary.

Let’s look at the events that may occur in this process: