Share and learn in the Docker community.
Hello Everyone
I downloaded docker-ce from this link :Index of linux/ubuntu/dists/bionic/pool/stable/arm64/
And use sudo dpkg -i install this file but have below error:
Is it safe to assume that you installed the packages it depends on (containerd.io and docker-ce-cli) as well? May I ask, why you choose to install an older version (18.03.1) instead of the current version (20.10.7)?
@meyay Thanks for your answer ! I accordting to your suggestion downloaded the newest version( containerd.io docker-ce-cli docker-ce) and firstly install comtainerd and docker-ce-cli it work fine ,but when i lastly installed docker-ce ,it have error also,more info see below , Do you know what’s the reason ?Thx.
Below is act (sudo systemctl status docker.service) command info:
ex@myd-c8mmx:~/docker$ sudo systemctl status docker.service
Failed to get journal cutoff time: Bad message
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sat 2021-06-26 23:55:02 AKDT; 17s ago
Docs: https://docs.docker.com
Process: 4786 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAI
LURE)
Main PID: 4786 (code=exited, status=1/FAILURE)
Jun 26 23:55:02 myd-c8mmx systemd[1]: docker.service: Service hold-off time over, scheduling restart.
Jun 26 23:55:02 myd-c8mmx systemd[1]: docker.service: Scheduled restart job, restart counter is at 4.
Jun 26 23:55:02 myd-c8mmx systemd[1]: Stopped Docker Application Container Engine.
Jun 26 23:55:02 myd-c8mmx systemd[1]: docker.service: Start request repeated too quickly.
Jun 26 23:55:02 myd-c8mmx systemd[1]: docker.service: Failed with result 'exit-code'.
Jun 26 23:55:02 myd-c8mmx systemd[1]: Failed to start Docker Application Container Engine.
Below is act “sudo journalctl -xe” command info:
alex@myd-c8mmx:~/docker$ sudo journalctl -xe
-- Logs begin at Sun 2018-01-28 06:58:17 AKST, end at Mon 2021-06-28 05:40:15 AKDT. --
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al/28251b403e0b45f1a011e730a5565e7c, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al/28251b403e0b45f1a011e730a5565e7c, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al/28251b403e0b45f1a011e730a5565e7c, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al/28251b403e0b45f1a011e730a5565e7c, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al/28251b403e0b45f1a011e730a5565e7c/system.journal, refusing.
Jun 28 05:38:28 localhost.localdomain systemd-tmpfiles[3575]: Unsafe symlinks encountered in /var/log/journ
al/28251b403e0b45f1a011e730a5565e7c/system.journal, refusing.
Jun 28 05:38:28 localhost.localdomain systemd[1]: systemd-tmpfiles-setup.service: Main process exited, code
=exited, status=1/FAILURE
Jun 28 05:38:28 localhost.localdomain systemd[1]: systemd-tmpfiles-setup.service: Failed with result 'exit-
code'.
Jun 28 05:38:28 localhost.localdomain systemd[1]: Failed to start Create Volatile Files and Directories.
-- Subject: Unit systemd-tmpfiles-setup.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit systemd-tmpfiles-setup.service has failed.
--
-- The result is RESULT.
Jun 28 05:38:28 localhost.localdomain systemd[1]: Starting Update UTMP about System Boot/Shutdown...
-- Subject: Unit systemd-update-utmp.service has begun start-up
-- Defined-By: systemd
In the paste I performed plenty of air-gapped installation on RHEL systems with Docker Enterprise → never had any issues.
Seems like something else is “bend” on your system that docker depends on.
Regarding the unsafe symlinks, you might want to check the path /var/log/journal/*/system.journal to see whether the ownership/acl is correct or cyclic symlinks occur.
Please share the output of:
ls -l -d /var /var/log /var/log/journal /var/log/journal/*On my test system the output looks like this:
ls -l -d /var /var/log /var/log/journal /var/log/journal/*/
drwxr-xr-x 13 root root 164 Dec 26 2018 /var
drwxrwxr-x 10 root syslog 4096 Jun 27 06:25 /var/log
drwxr-sr-x+ 3 root systemd-journal 46 Dec 26 2018 /var/log/journal
drwxr-sr-x+ 2 root systemd-journal 8192 Jun 27 02:51 /var/log/journal/a37345d57edc4161b7937f76943c410f/And the ouput of the ACLs (if ACLs is active on your system):
getfacl /var /var/log /var/log/journal /var/log/journal/*Mine looks like this:
getfacl /var /var/log /var/log/journal /var/log/journal/*
getfacl: Removing leading '/' from absolute path names
# file: var
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
# file: var/log
# owner: root
# group: syslog
user::rwx
group::rwx
other::r-x
# file: var/log/journal
# owner: root
# group: systemd-journal
# flags: -s-
user::rwx
group::r-x
group:adm:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:adm:r-x
default:mask::r-x
default:other::r-x
# file: var/log/journal/a37345d57edc4161b7937f76943c410f
# owner: root
# group: systemd-journal
# flags: -s-
user::rwx
group::r-x
group:adm:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:adm:r-x
default:mask::r-x
default:other::r-xThanks for your quickly reply, info as below:
root@myd-c8mmx:/# ls -l -d /var /var/log /var/log/journal /var/log/journal/*
drwxr-xr-x 12 root root 4096 Jun 29 2019 /var
drwxrwxr-x 4 root syslog 4096 Jun 27 03:29 /var/log
drwxr-sr-x+ 3 root systemd-journal 4096 Jan 28 2018 /var/log/journal
drwxr-sr-x+ 2 root systemd-journal 12288 Jun 27 03:29 /var/log/journal/28251b403e0b45f1a011e730a5565e7c
Seems the same with you.
And getfacl info see below and I agree with you
but seems the owner and user permissions are seem with you.
root@myd-c8mmx:/# getfacl /var /var/log /var/log/journal /var/log/journal/*
getfacl: Removing leading '/' from absolute path names
# file: var
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
# file: var/log
# owner: root
# group: syslog
user::rwx
group::rwx
other::r-x
# file: var/log/journal
# owner: root
# group: systemd-journal
# flags: -s-
user::rwx
group::r-x
group:adm:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:adm:r-x
default:mask::r-x
default:other::r-x
# file: var/log/journal/28251b403e0b45f1a011e730a5565e7c
# owner: root
# group: systemd-journal
# flags: -s-
user::rwx
group::r-x
group:adm:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:adm:r-x
default:mask::r-x
default:other::r-x
Agreed, the output looks like mine: no symlink used, unix ownership and permissions look fine, the acl’s look fine. The “Unsafe symlinks encountered” messages makes no sense to me, unless the files inside /var/log/journal/*/* use symlinks to point to another directory - though this seems highly unlikely.
I hope you will find a fix for these issues. Good luck!
Thanks for your help all the same.BTW,I forgot one thing is I use linux and the file system ubuntu 18.04 LTS is porting use qemu tool,Does the reason may be from this ?
Does the other people know how to fix this ?
Hello @meyay ,I think i have progress after I upgrade ubuntu system and have below error
root@myd-c8mmx:/# sudo dockerd
INFO[2021-07-02T20:23:11.676487515-08:00] Starting up
INFO[2021-07-02T20:23:11.678760211-08:00] detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: /run/systemd/resolve/resolv.conf
INFO[2021-07-02T20:23:11.680840287-08:00] parsed scheme: "unix" module=grpc
INFO[2021-07-02T20:23:11.680959409-08:00] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2021-07-02T20:23:11.681048032-08:00] ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2021-07-02T20:23:11.681084656-08:00] ClientConn switching balancer to "pick_first" module=grpc
INFO[2021-07-02T20:23:11.696749909-08:00] parsed scheme: "unix" module=grpc
INFO[2021-07-02T20:23:11.696888406-08:00] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2021-07-02T20:23:11.696968904-08:00] ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2021-07-02T20:23:11.697003153-08:00] ClientConn switching balancer to "pick_first" module=grpc
ERRO[2021-07-02T20:23:11.704599098-08:00] failed to mount overlay: no such device storage-driver=overlay2
ERRO[2021-07-02T20:23:11.704847217-08:00] exec: "fuse-overlayfs": executable file not found in $PATH storage-driver=fuse-overlayfs
ERRO[2021-07-02T20:23:11.719385497-08:00] AUFS was not found in /proc/filesystems storage-driver=aufs
ERRO[2021-07-02T20:23:11.723979763-08:00] failed to mount overlay: no such device storage-driver=overlay
WARN[2021-07-02T20:23:11.739042031-08:00] Your kernel does not support CPU CFS scheduler
WARN[2021-07-02T20:23:11.739148653-08:00] Your kernel does not support CPU realtime scheduler
WARN[2021-07-02T20:23:11.739180653-08:00] Your kernel does not support cgroup blkio weight
WARN[2021-07-02T20:23:11.739202902-08:00] Your kernel does not support cgroup blkio weight_device
WARN[2021-07-02T20:23:11.739223277-08:00] Your kernel does not support cgroup blkio throttle.read_bps_device
WARN[2021-07-02T20:23:11.739245151-08:00] Your kernel does not support cgroup blkio throttle.write_bps_device
WARN[2021-07-02T20:23:11.739265276-08:00] Your kernel does not support cgroup blkio throttle.read_iops_device
WARN[2021-07-02T20:23:11.739285150-08:00] Your kernel does not support cgroup blkio throttle.write_iops_device
INFO[2021-07-02T20:23:11.740080756-08:00] Loading containers: start.
WARN[2021-07-02T20:23:11.752289217-08:00] Running modprobe bridge br_netfilter failed with message: modprobe: WARNING: Module bridge not found in directory /lib/modules/4.14.98-g7eae243
modprobe: WARNING: Module br_netfilter not found in directory /lib/modules/4.14.98-g7eae243
, error: exit status 1
WARN[2021-07-02T20:23:11.767282486-08:00] Running iptables --wait -t nat -L -n failed with message: `modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.14.98-g7eae243
iptables v1.6.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.`, error: exit status 3
INFO[2021-07-02T20:23:12.091048554-08:00] stopping event stream following graceful shutdown error="<nil>" module=libcontainerd namespace=moby
failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables -t nat -N DOCKER: modprobe: FATAL: Module ip_tables not found in directory /lib/modules/4.14.98-g7eae243
iptables v1.6.1: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
(exit status 3)
It mentioned I need upgrade my kernel but I think my kernel version can run docker without upgrade
root@myd-c8mmx:/# uname -a
Linux myd-c8mmx 4.14.98-g7eae243 #1 SMP PREEMPT Mon May 4 14:58:57 CST 2020 aarch64 aarch64 aarch64 GNU/Linux
Do you agree with me also?Thx!
The error message indicates that the kernel is missing required modules - as in: either not compiled into the kernel or not existing as loadable module.
I had ubuntu 18.04 running on a RPi 3 for some time and I can’t remember having any problems running docker on it, except the obvious: limited ram, limited cpu, limited network bandwith and slow storage with hight latency thanks to using a sdcard as storage. I immediatly replaced it with a second hand bought intel nuc with an i3 cpu (which I later replaced with a beffy lenovo m920q mini-pc).
You can use this prefilght check to see if all required preconditions are met:
curl -s https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh | bash