| 1 |
On 07/10/17 18:50, Mick wrote: |
| 2 |
> On Saturday, 7 October 2017 17:23:33 BST Hubert Hauser wrote: |
| 3 |
>> I am using Gentoo as Host OS for Docker containers. |
| 4 |
>> I have compiled |
| 5 |
>> kernel using instructions on page |
| 6 |
>> https://wiki.gentoo.org/wiki/Docker#Kernel and I have installed Docker |
| 7 |
>> from Gentoo repository. |
| 8 |
>> |
| 9 |
>> Host system informations: |
| 10 |
>> |
| 11 |
>> pecan@tux ~ $ uname -a |
| 12 |
>> Linux tux 4.12.12-gentoo #8 SMP Sat Oct 7 13:58:47 CEST 2017 x86_64 |
| 13 |
>> Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz GenuineIntel GNU/Linux |
| 14 |
>> |
| 15 |
>> Docker version: |
| 16 |
>> |
| 17 |
>> pecan@tux ~ $ docker version |
| 18 |
>> Client: |
| 19 |
>> Version: 17.03.2-ce |
| 20 |
>> API version: 1.27 |
| 21 |
>> Go version: go1.9.1 |
| 22 |
>> Git commit: f5ec1e2 |
| 23 |
>> Built: Sat Oct 7 14:50:59 2017 |
| 24 |
>> OS/Arch: linux/amd64 |
| 25 |
>> Cannot connect to the Docker daemon at unix:///var/run/docker.sock. |
| 26 |
>> Is the docker daemon running? |
| 27 |
>> |
| 28 |
>> Look at "Cannot connect to the Docker daemon at |
| 29 |
>> unix:///var/run/docker.sock. Is the docker daemon running?". The same |
| 30 |
>> message appears if I try get docker system-wide informations: |
| 31 |
>> |
| 32 |
>> pecan@tux ~ $ docker info |
| 33 |
>> Cannot connect to the Docker daemon at unix:///var/run/docker.sock. |
| 34 |
>> Is the docker daemon running? |
| 35 |
> It seems you have not yet started docker. |
| 36 |
I can't start it because failure occurs when starting Docker daemon. |
| 37 |
|
| 38 |
On 07/10/17 18:50, Mick wrote: |
| 39 |
>> The same error appears if I try run the same command as sudo, so this |
| 40 |
>> error applies to daemon. I tried to check if there a mistake in Docker |
| 41 |
>> daemon privileges. |
| 42 |
>> |
| 43 |
>> pecan@tux ~ $ sudo docker info |
| 44 |
>> Cannot connect to the Docker daemon at unix:///var/run/docker.sock. |
| 45 |
>> Is the docker daemon running? |
| 46 |
>> |
| 47 |
>> Based on the message I am able to say that maybe Docker daemon not |
| 48 |
>> running. I checked daemon status to make sure: |
| 49 |
>> |
| 50 |
>> pecan@tux ~ $ sudo service docker status |
| 51 |
>> * status: crashed |
| 52 |
> Did you try starting it from the CLI? Any useful messages there? |
| 53 |
Yes. |
| 54 |
|
| 55 |
The result of command sudo dockerd: |
| 56 |
https://paste.pound-python.org/show/AyjLQEBGABpjo57E9WMa/ |
| 57 |
and of sudo dockerd -s overlay2: |
| 58 |
https://paste.pound-python.org/show/ulyqb7D363I51JqkvrEk/. |
| 59 |
|
| 60 |
You can also look at attachments dockerd.txt (sudo dockerd) and |
| 61 |
dockerd-overlay2.txt (sudo dockerd -s overlay2). |
| 62 |
|
| 63 |
I must run dockerd without connecting into VPN. |
| 64 |
|
| 65 |
I've reset iptables and ip6tables rules to defaults: |
| 66 |
|
| 67 |
pecan@tux ~ $ sudo iptables -L |
| 68 |
Chain INPUT (policy ACCEPT) |
| 69 |
target prot opt source destination |
| 70 |
|
| 71 |
Chain FORWARD (policy ACCEPT) |
| 72 |
target prot opt source destination |
| 73 |
DOCKER-ISOLATION all -- anywhere anywhere |
| 74 |
DOCKER all -- anywhere anywhere |
| 75 |
ACCEPT all -- anywhere anywhere ctstate |
| 76 |
RELATED,ESTABLISHED |
| 77 |
ACCEPT all -- anywhere anywhere |
| 78 |
ACCEPT all -- anywhere anywhere |
| 79 |
|
| 80 |
Chain OUTPUT (policy ACCEPT) |
| 81 |
target prot opt source destination |
| 82 |
|
| 83 |
Chain DOCKER (1 references) |
| 84 |
target prot opt source destination |
| 85 |
|
| 86 |
Chain DOCKER-ISOLATION (1 references) |
| 87 |
target prot opt source destination |
| 88 |
RETURN all -- anywhere anywhere |
| 89 |
|
| 90 |
(tensorflow) pecan@tux ~ $ sudo ip6tables -L |
| 91 |
Chain INPUT (policy ACCEPT) |
| 92 |
target prot opt source destination |
| 93 |
|
| 94 |
Chain FORWARD (policy ACCEPT) |
| 95 |
target prot opt source destination |
| 96 |
|
| 97 |
Chain OUTPUT (policy ACCEPT) |
| 98 |
target prot opt source destination |
| 99 |
|
| 100 |
Here's my Docker logs: |
| 101 |
|
| 102 |
(tensorflow) pecan@tux ~ $ sudo cat /var/log/docker-err.log |
| 103 |
time="2017-10-07T14:54:24.561887891+02:00" level=info |
| 104 |
msg="libcontainerd: new containerd process, pid: 994" |
| 105 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 106 |
driver not satisfied (wrong filesystem?) |
| 107 |
time="2017-10-07T14:56:44.682987498+02:00" level=info |
| 108 |
msg="libcontainerd: new containerd process, pid: 4983" |
| 109 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 110 |
driver not satisfied (wrong filesystem?) |
| 111 |
time="2017-10-07T17:00:16.938724808+02:00" level=info |
| 112 |
msg="libcontainerd: new containerd process, pid: 7254" |
| 113 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 114 |
driver not satisfied (wrong filesystem?) |
| 115 |
time="2017-10-07T17:03:58.151814419+02:00" level=info |
| 116 |
msg="libcontainerd: new containerd process, pid: 7857" |
| 117 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 118 |
driver not satisfied (wrong filesystem?) |
| 119 |
time="2017-10-07T17:05:09.492506131+02:00" level=info |
| 120 |
msg="libcontainerd: new containerd process, pid: 7964" |
| 121 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 122 |
driver not satisfied (wrong filesystem?) |
| 123 |
time="2017-10-07T17:06:27.126674008+02:00" level=info |
| 124 |
msg="libcontainerd: new containerd process, pid: 8202" |
| 125 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 126 |
driver not satisfied (wrong filesystem?) |
| 127 |
time="2017-10-07T17:09:47.482580356+02:00" level=info |
| 128 |
msg="libcontainerd: new containerd process, pid: 8730" |
| 129 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 130 |
driver not satisfied (wrong filesystem?) |
| 131 |
time="2017-10-07T21:16:26.088461863+02:00" level=info |
| 132 |
msg="libcontainerd: new containerd process, pid: 6414" |
| 133 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 134 |
driver not satisfied (wrong filesystem?) |
| 135 |
time="2017-10-08T10:20:56.011379547+02:00" level=debug msg="docker group |
| 136 |
found. gid: 987" |
| 137 |
time="2017-10-08T10:20:56.023468730+02:00" level=debug msg="Listener |
| 138 |
created for HTTP on unix (/var/run/docker.sock)" |
| 139 |
time="2017-10-08T10:20:56.023686388+02:00" level=info |
| 140 |
msg="libcontainerd: new containerd process, pid: 26284" |
| 141 |
time="2017-10-08T10:20:56.030713286+02:00" level=debug msg="containerd: |
| 142 |
read past events" count=0 |
| 143 |
time="2017-10-08T10:20:56.030808207+02:00" level=debug msg="containerd: |
| 144 |
supervisor running" cpus=4 memory=7849 runtime=docker-runc |
| 145 |
runtimeArgs=[] stateDir="/var/run/docker/libcontainerd/containerd" |
| 146 |
time="2017-10-08T10:20:56.030871453+02:00" level=debug msg="containerd: |
| 147 |
grpc api on /var/run/docker/libcontainerd/docker-containerd.sock" |
| 148 |
time="2017-10-08T10:20:56.524998596+02:00" level=debug |
| 149 |
msg="libcontainerd: containerd health check returned error: rpc error: |
| 150 |
code = 14 desc = grpc: the connection is unavailable" |
| 151 |
time="2017-10-08T10:20:57.035916104+02:00" level=debug msg="Using |
| 152 |
default logging driver json-file" |
| 153 |
time="2017-10-08T10:20:57.035960712+02:00" level=debug msg="Golang's |
| 154 |
threads limit set to 56430" |
| 155 |
time="2017-10-08T10:20:57.036012700+02:00" level=debug |
| 156 |
msg="[graphdriver] trying provided driver: btrfs" |
| 157 |
time="2017-10-08T10:20:57.036027034+02:00" level=debug msg="Cleaning up |
| 158 |
old mountid : start." |
| 159 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 160 |
driver not satisfied (wrong filesystem?) |
| 161 |
time="2017-10-08T10:21:05.597682241+02:00" level=debug msg="docker group |
| 162 |
found. gid: 987" |
| 163 |
time="2017-10-08T10:21:05.597724031+02:00" level=debug msg="Listener |
| 164 |
created for HTTP on unix (/var/run/docker.sock)" |
| 165 |
time="2017-10-08T10:21:05.597910790+02:00" level=info |
| 166 |
msg="libcontainerd: new containerd process, pid: 26392" |
| 167 |
time="2017-10-08T10:21:05.606126357+02:00" level=debug msg="containerd: |
| 168 |
read past events" count=0 |
| 169 |
time="2017-10-08T10:21:05.606219342+02:00" level=debug msg="containerd: |
| 170 |
supervisor running" cpus=4 memory=7849 runtime=docker-runc |
| 171 |
runtimeArgs=[] stateDir="/var/run/docker/libcontainerd/containerd" |
| 172 |
time="2017-10-08T10:21:05.606245984+02:00" level=debug msg="containerd: |
| 173 |
grpc api on /var/run/docker/libcontainerd/docker-containerd.sock" |
| 174 |
time="2017-10-08T10:21:06.114930279+02:00" level=debug |
| 175 |
msg="libcontainerd: containerd health check returned error: rpc error: |
| 176 |
code = 14 desc = grpc: the connection is unavailable" |
| 177 |
time="2017-10-08T10:21:06.614858989+02:00" level=debug |
| 178 |
msg="libcontainerd: containerd health check returned error: rpc error: |
| 179 |
code = 14 desc = grpc: the connection is unavailable" |
| 180 |
time="2017-10-08T10:21:06.645208467+02:00" level=debug msg="Using |
| 181 |
default logging driver json-file" |
| 182 |
time="2017-10-08T10:21:06.645236784+02:00" level=debug msg="Golang's |
| 183 |
threads limit set to 56430" |
| 184 |
time="2017-10-08T10:21:06.645311511+02:00" level=debug |
| 185 |
msg="[graphdriver] trying provided driver: btrfs" |
| 186 |
time="2017-10-08T10:21:06.645324876+02:00" level=debug msg="Cleaning up |
| 187 |
old mountid : start." |
| 188 |
Error starting daemon: error initializing graphdriver: prerequisites for |
| 189 |
driver not satisfied (wrong filesystem?) |
| 190 |
(tensorflow) pecan@tux ~ $ sudo cat /var/log/docker.log |
| 191 |
time="2017-10-07T14:52:13.178261811+02:00" level=info |
| 192 |
msg="libcontainerd: new containerd process, pid: 32311" |
| 193 |
time="2017-10-07T14:52:14.434232306+02:00" level=info msg="Graph |
| 194 |
migration to content-addressability took 0.00 seconds" |
| 195 |
time="2017-10-07T14:52:14.434413425+02:00" level=warning msg="Your |
| 196 |
kernel does not support cgroup blkio weight" |
| 197 |
time="2017-10-07T14:52:14.434423960+02:00" level=warning msg="Your |
| 198 |
kernel does not support cgroup blkio weight_device" |
| 199 |
time="2017-10-07T14:52:14.434759986+02:00" level=info msg="Loading |
| 200 |
containers: start." |
| 201 |
time="2017-10-07T14:52:14.437180876+02:00" level=info msg="Firewalld |
| 202 |
running: false" |
| 203 |
Error starting daemon: Error initializing network controller: list |
| 204 |
bridge addresses failed: no available network |
| 205 |
(tensorflow) pecan@tux ~ $ sudo cat /var/log/docker-out.log |
| 206 |
(tensorflow) pecan@tux ~ $ |
| 207 |
|
| 208 |
Docker daemon options: |
| 209 |
|
| 210 |
(tensorflow) pecan@tux ~ $ sudo cat /etc/docker/daemon.json |
| 211 |
{ |
| 212 |
"debug": true |
| 213 |
} |
| 214 |
|
| 215 |
|
| 216 |
On 07/10/17 18:50, Mick wrote: |
| 217 |
>> Docker daemon is crashed. To see the reason, I looked at the logs: |
| 218 |
>> |
| 219 |
>> pecan@tux ~ $ cat /var/log/docker.log |
| 220 |
>> time="2017-10-07T14:52:13.178261811+02:00" level=info |
| 221 |
>> msg="libcontainerd: new containerd process, pid: 32311" |
| 222 |
>> time="2017-10-07T14:52:14.434232306+02:00" level=info msg="Graph |
| 223 |
>> migration to content-addressability took 0.00 seconds" |
| 224 |
>> time="2017-10-07T14:52:14.434413425+02:00" level=warning msg="Your |
| 225 |
>> kernel does not support cgroup blkio weight" |
| 226 |
> OK, start from checking your kernel has all the necessary modules compiled in, |
| 227 |
> rebuild it and reboot. |
| 228 |
Look here: |
| 229 |
|
| 230 |
pecan@tux ~ $ sudo ~/check-config.sh |
| 231 |
info: reading kernel config from /proc/config.gz ... |
| 232 |
|
| 233 |
Generally Necessary: |
| 234 |
- cgroup hierarchy: properly mounted [/sys/fs/cgroup] |
| 235 |
- CONFIG_NAMESPACES: enabled |
| 236 |
- CONFIG_NET_NS: enabled |
| 237 |
- CONFIG_PID_NS: enabled |
| 238 |
- CONFIG_IPC_NS: enabled |
| 239 |
- CONFIG_UTS_NS: enabled |
| 240 |
- CONFIG_CGROUPS: enabled |
| 241 |
- CONFIG_CGROUP_CPUACCT: enabled |
| 242 |
- CONFIG_CGROUP_DEVICE: enabled |
| 243 |
- CONFIG_CGROUP_FREEZER: enabled |
| 244 |
- CONFIG_CGROUP_SCHED: enabled |
| 245 |
- CONFIG_CPUSETS: enabled |
| 246 |
- CONFIG_MEMCG: enabled |
| 247 |
- CONFIG_KEYS: enabled |
| 248 |
- CONFIG_VETH: enabled |
| 249 |
- CONFIG_BRIDGE: enabled |
| 250 |
- CONFIG_BRIDGE_NETFILTER: enabled |
| 251 |
- CONFIG_NF_NAT_IPV4: enabled |
| 252 |
- CONFIG_IP_NF_FILTER: enabled |
| 253 |
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled |
| 254 |
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled |
| 255 |
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled |
| 256 |
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module) |
| 257 |
- CONFIG_IP_NF_NAT: enabled |
| 258 |
- CONFIG_NF_NAT: enabled |
| 259 |
- CONFIG_NF_NAT_NEEDED: enabled |
| 260 |
- CONFIG_POSIX_MQUEUE: enabled |
| 261 |
|
| 262 |
Optional Features: |
| 263 |
- CONFIG_USER_NS: enabled |
| 264 |
- CONFIG_SECCOMP: enabled |
| 265 |
- CONFIG_CGROUP_PIDS: enabled |
| 266 |
- CONFIG_MEMCG_SWAP: enabled |
| 267 |
- CONFIG_MEMCG_SWAP_ENABLED: enabled |
| 268 |
(cgroup swap accounting is currently enabled) |
| 269 |
- CONFIG_LEGACY_VSYSCALL_EMULATE: enabled |
| 270 |
- CONFIG_BLK_CGROUP: enabled |
| 271 |
- CONFIG_BLK_DEV_THROTTLING: enabled |
| 272 |
- CONFIG_IOSCHED_CFQ: enabled (as module) |
| 273 |
- CONFIG_CFQ_GROUP_IOSCHED: missing |
| 274 |
- CONFIG_CGROUP_PERF: enabled |
| 275 |
- CONFIG_CGROUP_HUGETLB: missing |
| 276 |
- CONFIG_NET_CLS_CGROUP: enabled |
| 277 |
- CONFIG_CGROUP_NET_PRIO: enabled |
| 278 |
- CONFIG_CFS_BANDWIDTH: enabled |
| 279 |
- CONFIG_FAIR_GROUP_SCHED: enabled |
| 280 |
- CONFIG_RT_GROUP_SCHED: enabled |
| 281 |
- CONFIG_IP_VS: enabled (as module) |
| 282 |
- CONFIG_IP_VS_NFCT: enabled |
| 283 |
- CONFIG_IP_VS_RR: enabled (as module) |
| 284 |
- CONFIG_EXT3_FS: enabled |
| 285 |
- CONFIG_EXT3_FS_XATTR: missing |
| 286 |
- CONFIG_EXT3_FS_POSIX_ACL: enabled |
| 287 |
- CONFIG_EXT3_FS_SECURITY: enabled |
| 288 |
(enable these ext3 configs if you are using ext3 as backing filesystem) |
| 289 |
- CONFIG_EXT4_FS: enabled |
| 290 |
- CONFIG_EXT4_FS_POSIX_ACL: enabled |
| 291 |
- CONFIG_EXT4_FS_SECURITY: enabled |
| 292 |
- Network Drivers: |
| 293 |
- "overlay": |
| 294 |
- CONFIG_VXLAN: enabled (as module) |
| 295 |
Optional (for encrypted networks): |
| 296 |
- CONFIG_CRYPTO: enabled |
| 297 |
- CONFIG_CRYPTO_AEAD: enabled |
| 298 |
- CONFIG_CRYPTO_GCM: enabled |
| 299 |
- CONFIG_CRYPTO_SEQIV: enabled |
| 300 |
- CONFIG_CRYPTO_GHASH: enabled |
| 301 |
- CONFIG_XFRM: enabled |
| 302 |
- CONFIG_XFRM_USER: enabled (as module) |
| 303 |
- CONFIG_XFRM_ALGO: enabled (as module) |
| 304 |
- CONFIG_INET_ESP: enabled (as module) |
| 305 |
- CONFIG_INET_XFRM_MODE_TRANSPORT: enabled (as module) |
| 306 |
- "ipvlan": |
| 307 |
- CONFIG_IPVLAN: enabled (as module) |
| 308 |
- "macvlan": |
| 309 |
- CONFIG_MACVLAN: enabled (as module) |
| 310 |
- CONFIG_DUMMY: enabled (as module) |
| 311 |
- "ftp,tftp client in container": |
| 312 |
- CONFIG_NF_NAT_FTP: enabled |
| 313 |
- CONFIG_NF_CONNTRACK_FTP: enabled |
| 314 |
- CONFIG_NF_NAT_TFTP: enabled |
| 315 |
- CONFIG_NF_CONNTRACK_TFTP: enabled |
| 316 |
- Storage Drivers: |
| 317 |
- "aufs": |
| 318 |
- CONFIG_AUFS_FS: missing |
| 319 |
- "btrfs": |
| 320 |
- CONFIG_BTRFS_FS: enabled |
| 321 |
- CONFIG_BTRFS_FS_POSIX_ACL: enabled |
| 322 |
- "devicemapper": |
| 323 |
- CONFIG_BLK_DEV_DM: enabled |
| 324 |
- CONFIG_DM_THIN_PROVISIONING: enabled |
| 325 |
- "overlay": |
| 326 |
- CONFIG_OVERLAY_FS: enabled |
| 327 |
- "zfs": |
| 328 |
- /dev/zfs: missing |
| 329 |
- zfs command: missing |
| 330 |
- zpool command: missing |
| 331 |
|
| 332 |
Limits: |
| 333 |
- /proc/sys/kernel/keys/root_maxkeys: 1000000 |
| 334 |
|
| 335 |
My kernel config: |
| 336 |
https://paste.pound-python.org/show/bFHNp4jrHE8kKzPMtNGq/ (in attachment |
| 337 |
file kernel-config.txt, sudo zcat /proc/config.gz). |
| 338 |
|
| 339 |
-- |
| 340 |
Best regards, |
| 341 |
Hubert Hauser. |
Archives