Bug#840829: docker.io: Won't start under cgroupsv2

2019-12-18 Thread Dmitry Smirnov 
On Thursday, 19 December 2019 2:46:50 PM AEDT Ryutaroh Matsumoto wrote:
> deb http://ppa.launchpad.net/projectatomic/ppa/ubuntu disco main

Please don't advertise those terrible vendor packages - they have no place 
here. We have Podman pending for acceptance in NEW and buildah, crun, cni-
plugins, slirp4netns and fuse-overlayfs are already available from native 
Debian repositories.


> Then podman works fine in place of docker as far as I see.

Yes, Podman is a superior alternative to Docker.

-- 
Best wishes,
 Dmitry Smirnov.

---

Many people, especially ignorant people, want to punish you for speaking
the truth, for being correct, for being you. Never apologize for being
correct, or for being years ahead of your time. If you’re right and you
know it, speak your mind. Speak your mind. Even if you are a minority of
one, the truth is still the truth.
-- Mahatma Gandhi


signature.asc
Description: This is a digitally signed message part.

Bug#840829: docker.io: Won't start under cgroupsv2

2019-11-08 Thread Michael Biebl 
Package: docker.io
Version: 19.03.4+dfsg2-1
Followup-For: Bug #840829

Hi,

systemd maintainer here.

As you might have heard, Fedora has switched to cgroupv2 in their latest
release [1]. The new upstream default in systemd is unified, i.e.
cgroupv2. While we will revert this change for now, we plan to release
bullseye with cgroupv2 as the default [2], making this bug report RC.

I can confirm, that docker still fails if booted with unified hierarchy
enabled. I used cockpit-docker and got the following error message:

OCI runtime create failed: container_linux.go:346: starting container process 
caused "process_linux.go:297: applying cgroup configuration for process caused 
\"open /sys/fs/cgroup/docker/cpuset.cpus.effective: no such file or 
directory\"": unknown

I'm also attached the journal log from docker.service.

If you want to reproduce the failure, you can enable cgroupv2 by adding
"systemd.unified_cgroup_hierarchy=true" to the kernel command line.

Regards,
Michael


[1] https://fedoraproject.org/wiki/Changes/CGroupsV2
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943981

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.3.0-1-amd64 (SMP w/4 CPU cores)
Kernel taint flags: TAINT_WARN
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages docker.io depends on:
ii  adduser 3.118
ii  iptables1.8.3-2
ii  libc6   2.29-3
ii  libdevmapper1.02.1  2:1.02.155-3
ii  libltdl72.4.6-11
ii  libnspr42:4.23-1
ii  libnss3 2:3.47-1
ii  libseccomp2 2.4.1-2
ii  libsystemd0 243-3
ii  lsb-base11.1.0
ii  runc1.0.0~rc9+dfsg1-1
ii  tini0.18.0-1+b1

Versions of packages docker.io recommends:
ii  ca-certificates  20190110
pn  cgroupfs-mount   
ii  git  1:2.24.0-1
pn  needrestart  
ii  xz-utils 5.2.4-1+b1

Versions of packages docker.io suggests:
pn  aufs-tools   
ii  btrfs-progs  5.3.1-1
ii  debootstrap  1.0.116
pn  docker-doc   
ii  e2fsprogs1.45.4-1
pn  rinse
ii  xfsprogs 5.2.1-1
pn  zfs-fuse | zfsutils  

-- no debconf information
-- Logs begin at Tue 2019-11-05 22:38:05 CET, end at Sat 2019-11-09 02:03:07 
CET. --
Nov 09 01:40:47 pluto systemd[1]: Starting Docker Application Container 
Engine...
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.665821447+01:00" 
level=info msg="Starting up"
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.670404791+01:00" 
level=info msg="libcontainerd: started new docker-containerd process" pid=1378
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.670480555+01:00" 
level=info msg="parsed scheme: \"unix\"" module=grpc
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.670493413+01:00" 
level=info msg="scheme \"unix\" not registered, fallback to default scheme" 
module=grpc
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.670519044+01:00" 
level=info msg="ccResolverWrapper: sending update to cc: 
{[{unix:///var/run/docker/containerd/containerd.sock 0  }] }" 
module=grpc
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.670539576+01:00" 
level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.670647704+01:00" 
level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc00038b5c0, 
CONNECTING" module=grpc
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.777299292+01:00" 
level=info msg="starting containerd" 
revision=7c1e88399ec0b0b077121d9d5ad97e647b11c870 version=19.03.4
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.778353477+01:00" 
level=info msg="loading plugin \"io.containerd.content.v1.content\"..." 
type=io.containerd.content.v1
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.778633132+01:00" 
level=info msg="loading plugin \"io.containerd.snapshotter.v1.btrfs\"..." 
type=io.containerd.snapshotter.v1
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.779236043+01:00" 
level=info msg="skip loading plugin \"io.containerd.snapshotter.v1.btrfs\"..." 
error="path 
/var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a 
btrfs filesystem to be used with the btrfs snapshotter: skip plugin" 
type=io.containerd.snapshotter.v1
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.779291267+01:00" 
level=info msg="loading plugin \"io.containerd.snapshotter.v1.devmapper\"..." 
type=io.containerd.snapshotter.v1
Nov 09 01:40:47 pluto dockerd[1274]: time="2019-11-09T01:40:47.779634957+01:00"

Bug#840829: docker.io: Won't start under cgroupsv2

2018-09-15 Thread Dmitry Smirnov 
Control: found -1 18.06.1+dfsg1-1

On Wednesday, 12 September 2018 7:46:15 PM AEST Hector Oron wrote:
> On Sat, Oct 15, 2016 at 12:37:37PM +0100, Sam Morris wrote:
> > When booting with the systemd.unified_cgroup_hierarchy kernel parameter,
> > systemd mounts the cgroup2 filesystem at /sys/fs/cgroup. As a result,
> > docker no longer starts:

This is still a problem with systemd 237 / Linux 4.17.8 booted with 
systemd.unified_cgroup_hierarchy=1 -- Docker daemon fails to start:


Unable to find cpu cgroup in mounts
Unable to find blkio cgroup in mounts
Unable to find cpuset cgroup in mounts
Error starting daemon: Devices cgroup isn't mounted


I have no other suggestions but to use "rkt" which seems to work flawlwssly 
with cgroup2...

-- 
Cheers,
 Dmitry Smirnov.

---

Truth never damages a cause that is just.
-- Mahatma Gandhi


signature.asc
Description: This is a digitally signed message part.

Bug#840829: docker.io: Won't start under cgroupsv2

2018-09-12 Thread Hector Oron 
On Sat, Oct 15, 2016 at 12:37:37PM +0100, Sam Morris wrote:
> Package: docker.io
> Version: 1.11.2~ds1-6
> Severity: normal
> 
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
> 
> When booting with the systemd.unified_cgroup_hierarchy kernel parameter,
> systemd mounts the cgroup2 filesystem at /sys/fs/cgroup. As a result,
> docker no longer starts:
> 
> time="2016-10-13T11:40:35.542974438+01:00" level=info msg="New containerd 
> process, pid: 5361\n"
> time="2016-10-13T11:40:36.560787581+01:00" level=info msg="[graphdriver] 
> using prior storage driver \"overlay\""
> time="2016-10-13T11:40:36.589298060+01:00" level=info msg="Graph migration to 
> content-addressability took 0.00 seconds"
> time="2016-10-13T11:40:36.641136232+01:00" level=info msg="Firewalld running: 
> false"
> time="2016-10-13T11:40:36.769321694+01:00" level=info msg="Default bridge 
> (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip 
> can be used to set a preferred IP address"
> time="2016-10-13T11:40:36.930907456+01:00" level=warning msg="Your kernel 
> does not support cgroup memory limit"
> time="2016-10-13T11:40:36.930946129+01:00" level=warning msg="Unable to find 
> cpu cgroup in mounts"
> time="2016-10-13T11:40:36.930958093+01:00" level=warning msg="Unable to find 
> blkio cgroup in mounts"
> time="2016-10-13T11:40:36.930967804+01:00" level=warning msg="Unable to find 
> cpuset cgroup in mounts"
> time="2016-10-13T11:40:36.933815046+01:00" level=warning msg="mountpoint for 
> pids not found"
> time="2016-10-13T11:40:36.934330952+01:00" level=fatal msg="Error starting 
> daemon: Devices cgroup isn't mounted"

Can you reproduce it with current package in `unstable`?

Regards

-- 


signature.asc
Description: PGP signature

Bug#840829: docker.io: Won't start under cgroupsv2

2016-10-15 Thread Sam Morris 
Package: docker.io
Version: 1.11.2~ds1-6
Severity: normal

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

When booting with the systemd.unified_cgroup_hierarchy kernel parameter,
systemd mounts the cgroup2 filesystem at /sys/fs/cgroup. As a result,
docker no longer starts:

time="2016-10-13T11:40:35.542974438+01:00" level=info msg="New containerd 
process, pid: 5361\n"
time="2016-10-13T11:40:36.560787581+01:00" level=info msg="[graphdriver] using 
prior storage driver \"overlay\""
time="2016-10-13T11:40:36.589298060+01:00" level=info msg="Graph migration to 
content-addressability took 0.00 seconds"
time="2016-10-13T11:40:36.641136232+01:00" level=info msg="Firewalld running: 
false"
time="2016-10-13T11:40:36.769321694+01:00" level=info msg="Default bridge 
(docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can 
be used to set a preferred IP address"
time="2016-10-13T11:40:36.930907456+01:00" level=warning msg="Your kernel does 
not support cgroup memory limit"
time="2016-10-13T11:40:36.930946129+01:00" level=warning msg="Unable to find 
cpu cgroup in mounts"
time="2016-10-13T11:40:36.930958093+01:00" level=warning msg="Unable to find 
blkio cgroup in mounts"
time="2016-10-13T11:40:36.930967804+01:00" level=warning msg="Unable to find 
cpuset cgroup in mounts"
time="2016-10-13T11:40:36.933815046+01:00" level=warning msg="mountpoint for 
pids not found"
time="2016-10-13T11:40:36.934330952+01:00" level=fatal msg="Error starting 
daemon: Devices cgroup isn't mounted"

- -- System Information:
Debian Release: stretch/sid
  APT prefers testing-debug
  APT policy: (550, 'testing-debug'), (550, 'testing'), (520, 
'unstable-debug'), (520, 'unstable'), (510, 'experimental-debug'), (510, 
'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.7.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-BEGIN PGP SIGNATURE-

iQIvBAEBCAAZBQJYAhT8EhxzYW1Acm9ib3RzLm9yZy51awAKCRDSC0ICXNonuROt
D/wO0othjFHjaLx5vN8WoMezgHsssCM5TFAtmrOiON2kZOmgM4o5QHM0SHG9w+RQ
WEVAwjPttfKPFz9NnYM8Pbj8eJWL8j0MRfUnB88HxakjdxTViktIgoOcDjIoD48X
kbkK+TJi1DmQCSNzdNXkGxZRCgQUNVaxFVSrWkUDYoPg7QTO/B98/GK+s1mDVn4p
yJJoB9sEa7uO1XtiMvRj4CeXymmFpG7RSpzn1XC6XZ7w344B6FfSkK2Pbj5MAhla
nGorZsdrgzRmwI2F1s0xdVKWxsjwWJKGK5qK0fX6ax4Fv1s8ZL0DzUNwG3xws0su
c9K9F81qyrfLwl+KrfqYtk067KLYo2cpm0ppcgqNmNVpwcKwku+Vx8A/0QX2Jn+r
BgMpDmaH9WRrcb07Gy33bEYFrAS9lLGTfyxw8EyeETncfrPkWeIo5suUylEuuL1s
Z1xQqk2WR2wKl7pXoCc0K4ZW2h2g/IsbF+W65AKlorKGRCV922oWrZw1kDAVCt1H
WSQqLfJi12ofNehaB3JDpkf3oLEDrgTClodKmx2uvAJZRdfuGjcsN9OTjGWv84gx
aPaIPYba5JwjrCZy8ofx7OxCVFU8D61W3wJ74YXwNcan7TvLW1ckXRg+F9auHDYc
UQiPwQ+asnk4m3xGGEtioGuy7heF2iqJjgKe9MJ5c6UcLg==
=0FE4
-END PGP SIGNATURE-