Docker wont launch on Windows 11 - docker

I'm going crazy; I have spent way too much time and would immensely appreciate any help.
Here's the problem:
When I launch Docker Desktop, the engine stays on Stopped, and never launches.
I'm on Windows 11
I've installed the WSL 2 backend (following these steps), noticed Hyper-V was not installed so I installed it
I've tried to uninstall and reinstall docker desktop
I've tried to launch docker desktop as admin
I've tried using: 'C:\Program Files\Docker\Docker\DockerCli.exe' -SwitchDaemon
I'm really stuck.
When I run self diagnose:
"C:\Program Files\Docker\Docker\resources\com.docker.diagnose.exe" check
I get this (trimmed a bit to comply to character limit):
[044:20:57:56.119][I] ipc.NewClient: e7c958f3-com.docker.diagnose -> \\.\pipe\dockerBackendV2 com.docker.service.exe
[goroutine 1 [running, locked to thread]:
[win/backend/pkg/service.NewClientForPath(...)
[ win/backend/pkg/service/service.go:42
[win/backend/pkg/service.NewClient({0x15cf112, 0x13}, {0x0, 0x0, 0x0})
[ win/backend/pkg/service/service.go:31 +0xd0
[common/pkg/diagkit/gather/diagnose.init()
[ common/pkg/diagkit/gather/diagnose/ipc_windows.go:23 +0x11f
Starting diagnostics
[PASS] DD0027: is there available disk space on the host?
[SKIP] DD0028: is there available VM disk space?
[FAIL] DD0031: does the Docker API work? error during connect: In the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect.: Get "http://%2F%2F.%2Fpipe%2Fdocker_engine_linux/v1.24/containers/json?limit=0": open //./pipe/docker_engine_linux: The system cannot find the file specified.
[FAIL] DD0004: is the Docker engine running? Get "http://ipc/docker": open \\.\pipe\dockerLifecycleServer: The system cannot find the file specified.
[044:20:57:56.176][I] ipc.NewClient: e90d0409-com.docker.diagnose -> \\.\pipe\dockerLifecycleServer VMDockerdAPI
[PASS] DD0016: is the LinuxKit VM running?
[PASS] DD0001: is the application running?
[PASS] DD0018: does the host support virtualization?
[PASS] DD0002: does the bootloader have virtualization enabled?
[PASS] DD0020: is the Hyper-V Windows Feature enabled?
[PASS] DD0017: can a VM be started?
[PASS] DD0015: are the binary symlinks installed?
error during connect: In the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect.: Get "http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.24/containers/json": open //./pipe/docker_engine: The system cannot find the file specified.
[FAIL] DD0003: is the Docker CLI working? exit status 1
[PASS] DD0013: is the $PATH ok?
[PASS] DD0005: is the user in the docker-users group?
[PASS] DD0007: is the backend responding?
[FAIL] DD0014: are the backend processes running? 3 errors occurred:
* vpnkit-bridge.exe is not running
* vpnkit.exe is not running
* com.docker.proxy.exe is not running
[PASS] DD0008: is the native API responding?
[FAIL] DD0009: is the vpnkit API responding? open \\.\pipe\dockerVpnKitDiagnostics: The system cannot find the file specified.
[FAIL] DD0010: is the Docker API proxy responding? failed to ping Docker proxy API with error: Get "http://ipc/desktop-diagnostics/ping": open \\.\pipe\dockerDesktopLinuxEngine: The system cannot find the file specified.
[044:20:58:05.735][I] ipc.NewClient: dcada6c0-diagnose -> \\.\pipe\dockerDesktopLinuxEngine Proxy
[044:20:58:14.888][I] (a6e3c814-3) 6b92eeae-diagnose-network C->S diagnosticsd GET /ping
[044:20:58:14.888][E] (a6e3c814-3) 6b92eeae-diagnose-network C<-S NoResponse GET /ping (0s): Get "http://ipc/ping": open \\.\pipe\dockerDiagnosticd: The system cannot find the file specified.
[044:20:58:16.899][I] (a6e3c814-5) 6b92eeae-diagnose-network C->S diagnosticsd GET /ping
[044:20:58:16.899][E] (a6e3c814-5) 6b92eeae-diagnose-network C<-S NoResponse GET /ping (0s): Get "http://ipc/ping": open \\.\pipe\dockerDiagnosticd: The system cannot find the file specified.
[FAIL] DD0032: do Docker networks overlap with host IPs? error during connect: In the default daemon configuration on Windows, the docker client must be run with elevated privileges to connect.: Get "http://%2F%2F.%2Fpipe%2Fdocker_engine_linux/v1.24/networks": open //./pipe/docker_engine_linux: The system cannot find the file specified.
[SKIP] DD0030: is the image access management authorized?
[PASS] DD0033: does the host have Internet access?
Please investigate the following 3 issues:
1 : The test: are the LinuxKit services running?
Failed with: failed to ping VM diagnosticsd with error: Get "http://ipc/ping": open \\.\pipe\dockerDiagnosticd: The system cannot find the file specified.
The Docker engine runs inside a Linux VM as a service. Therefore the services must have started.
2 : The test: are the backend processes running?
Failed with: 3 errors occurred:
* vpnkit-bridge.exe is not running
* vpnkit.exe is not running
* com.docker.proxy.exe is not running
Not all of the backend processes are running.
3 : The test: is the VM networking working?
Failed with: network checks failed: Post "http://ipc/check-network-connectivity": open \\.\pipe\dockerDiagnosticd: The system cannot find the file specified.
VM seems to have a network connectivity issue. Please check your host firewall and anti-virus settings in case they are blocking the VM.
I've authorized Docker Desktop through the firewall, but it didn't change anything. I'd be so grateful for any help!

I payed Docker Pro subscription to contact the support and got this answer that SOLVED it ! Pfiew I had really tried everything, couldn't have guessed that.
The answer :
Hi,
We have identified an issue in Docker Desktop 4.5.0 where the default backend selected after installing is not the correct one.
We will release a Docker Desktop 4.5.1 shortly to address this, in the meanwhile you can switch to the correct backend by editing the following file:
%APPDATA%\Docker\settings.json and at the bottom change the value for the wslEngineEnabled field to true.
After that Docker Desktop should start correctly.
Sorry for the inconvenience
And it worked !!

Related

Docker Desktop(for Apple chip) not working on Apple M1 Max chip

As I try to launch it, it stacks at starting state, and nothing happens. Reinstalling and installing prev. versions(4.4, 4.5) don't do the trick it is still stacking on starting...
After diagnose check:
/Applications/Docker.app/Contents/MacOS/com.docker.diagnose check
and here are fails
[FAIL] DD0031: does the Docker API work? Cannot connect to the Docker daemon at unix://docker.raw.sock. Is the docker daemon running?
[FAIL] DD0004: is the Docker engine running? Get "http://ipc/docker": dial unix lifecycle-server.sock: connect: no such file or directory
[FAIL] DD0011: are the LinuxKit services running? failed to ping VM diagnosticsd with error: Get "http://ipc/ping": dial unix diagnosticd.sock: connect: no such file or directory
[FAIL] DD0016: is the LinuxKit VM running? vm is not running: failed to open kmsg.log: open log/vm/kmsg.log: no such file or directory
[FAIL] DD0017: can a VM be started? vm has not started: failed to open kmsg.log: open log/vm/kmsg.log: no such file or directory
[FAIL] DD0003: is the Docker CLI working? exit status 1
[FAIL] DD0012: is the VM networking working? network checks failed: Post "http://ipc/check-network-connectivity": dial unix diagnosticd.sock: connect: no such file or directory
[FAIL] DD0032: do Docker networks overlap with host IPs? Cannot connect to the Docker daemon at unix://docker.raw.sock. Is the docker daemon running?
as a conclusion:
Please investigate the following 1 issue:
1 : The test: can a VM be started?
Failed with: vm has not started: failed to open kmsg.log: open log/vm/kmsg.log: no such file or directory
Reset to a factory defaults seems not taking effect.
Rebooting also useless.
Turns out it was because of turned on VPN on network settings. Answer found here

How to use vpnkit with minikube on mac

There are many question around this topic, but not the specific info I am after.
Host OS is Mac, and recently had to uninstall Docker Desktop due to their licensing change. So instead we have moved to minikube, and it is all working great with VirtualBox driver.
But ideally we would like to use the hyperkit driver, as it requires less resources than virtualbox, and is (anecdotally) faster. This also all works great until we connect to our VPN (using cisco anyconnect) and then all outbound networking from within the minikube VM stops working. e.g.
k8> minikube ssh "traceroute 8.8.8.8"
traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 46 byte packets
1 host.minikube.internal (192.168.64.1) 0.154 ms 0.181 ms 0.151 ms
2 * * *
Everything else is is fine, inbound networking via ingress is all good. And maven-docker-plugin is happily creating images with the minikube docker daemon. Just nothing outbound.
So figured I'd try to work with VPNKit as I have read it is meant to address this issue. But cannot find a lot of detailed documentation, and so am struggling.
We have tried starting VPNKit with minimal config:
vpnkit --ethernet /tmp/vpkit-ethernet.socket --debug
And then attempt to start minikube, but it fails:
k8> minikube delete
🔥 Deleting "minikube" in hyperkit ...
💀 Removed all traces of the "minikube" cluster.
k8> minikube start --driver=hyperkit --hyperkit-vpnkit-sock=/tmp/vpnkit-ethernet.socket
😄 minikube v1.25.1 on Darwin 10.15.7
✨ Using the hyperkit driver based on user configuration
👍 Starting control plane node minikube in cluster minikube
🔥 Creating hyperkit VM (CPUs=2, Memory=6000MB, Disk=20000MB) ...
🔥 Deleting "minikube" in hyperkit ...
🤦 StartHost failed, but will try again: creating host: create: Error creating machine: Error in driver during machine creation: hyperkit crashed! command line:
hyperkit loglevel=3 console=ttyS0 console=tty0 noembed nomodeset norestore waitusb=10 systemd.legacy_systemd_cgroup_controller=yes random.trust_cpu=on hw_rng_model=virtio base host=minikube
🔥 Creating hyperkit VM (CPUs=2, Memory=6000MB, Disk=20000MB) ...
😿 Failed to start hyperkit VM. Running "minikube delete" may fix it: creating host: create: Error creating machine: Error in driver during machine creation: hyperkit crashed! command line:
hyperkit loglevel=3 console=ttyS0 console=tty0 noembed nomodeset norestore waitusb=10 systemd.legacy_systemd_cgroup_controller=yes random.trust_cpu=on hw_rng_model=virtio base host=minikube
❌ Exiting due to PR_HYPERKIT_CRASHED: Failed to start host: creating host: create: Error creating machine: Error in driver during machine creation: hyperkit crashed! command line:
hyperkit loglevel=3 console=ttyS0 console=tty0 noembed nomodeset norestore waitusb=10 systemd.legacy_systemd_cgroup_controller=yes random.trust_cpu=on hw_rng_model=virtio base host=minikube
💡 Suggestion: Hyperkit is broken. Upgrade to the latest hyperkit version and/or Docker for Desktop. Alternatively, you may choose an alternate --driver
🍿 Related issues:
▪ https://github.com/kubernetes/minikube/issues/6079
▪ https://github.com/kubernetes/minikube/issues/5780
And in the vpnkit log we see:
time="2022-02-14T06:07:57Z" level=debug msg="usernet: accepted vmnet connection"
time="2022-02-14T06:07:57Z" level=warning msg="Uwt: Pipe.listen: rejected ethernet connection: EOF"
time="2022-02-14T06:08:07Z" level=debug msg="usernet: accepted vmnet connection"
time="2022-02-14T06:08:07Z" level=warning msg="Uwt: Pipe.listen: rejected ethernet connection: EOF"
So kind of implies something is not right with how I started vpnkit. Have played with IP args to ensure it all matches, but does not help.
My guess is that the --ethernet=path arg is not the right type of socket. I have seen there is also --vsock-path=path but specifying this does not appear to create the socket file like --ethernet=path does. Do I have to create this some other way?
Or are there other config options I need to mess with. e.g. I thought --gateway-forwards=path could help, but can find no documentation on file format or contents.
So, I guess two main questions:
Is what we are trying even possible? Is it the the right way to go about it? Or is it much more complicated than simply running the vpnkit command?
If we are on the right track, does anyone have experience with this, and know how to set up the socket for minikube+vpnkit+hyperkit? What args, config, or other setup is required?
And just to note: --hyperkit-vpnkit-sock=auto is not an option for us, as we do not have docker installed, and so the docker socket file does not exist.
And just in case its a version issue:
k8> minikube version
minikube version: v1.25.1
commit: 3e64b11ed75e56e4898ea85f96b2e4af0301f43d
k8> vpnkit --version
854498c13b1884d4a48d84f3569eb34681af2126
k8> hyperkit -v
hyperkit: 0.20200908
Homepage: https://github.com/docker/hyperkit
License: BSD

Can I run k8s master INSIDE a docker container? Getting errors about k8s looking for host's kernel details

In a docker container I want to run k8s.
When I run kubeadm join ... or kubeadm init commands I see sometimes errors like
\"modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could
not open moddep file
'/lib/modules/3.10.0-1062.1.2.el7.x86_64/modules.dep.bin'.
nmodprobe:
FATAL: Module configs not found in directory
/lib/modules/3.10.0-1062.1.2.el7.x86_64",
err: exit status 1
because (I think) my container does not have the expected kernel header files.
I realise that the container reports its kernel based on the host that is running the container; and looking at k8s code I see
// getKernelConfigReader search kernel config file in a predefined list. Once the kernel config
// file is found it will read the configurations into a byte buffer and return. If the kernel
// config file is not found, it will try to load kernel config module and retry again.
func (k *KernelValidator) getKernelConfigReader() (io.Reader, error) {
possibePaths := []string{
"/proc/config.gz",
"/boot/config-" + k.kernelRelease,
"/usr/src/linux-" + k.kernelRelease + "/.config",
"/usr/src/linux/.config",
}
so I am bit confused what is simplest way to run k8s inside a container such that it consistently past this getting the kernel info.
I note that running docker run -it solita/centos-systemd:7 /bin/bash on a macOS host I see :
# uname -r
4.9.184-linuxkit
# ls -l /proc/config.gz
-r--r--r-- 1 root root 23834 Nov 20 16:40 /proc/config.gz
but running exact same on a Ubuntu VM I see :
# uname -r
4.4.0-142-generic
# ls -l /proc/config.gz
ls: cannot access /proc/config.gz
[Weirdly I don't see this FATAL: Module configs not found in directory error every time, but I guess that is a separate question!]
UPDATE 22/November/2019. I see now that k8s DOES run okay in a container. Real problem was weird/misleading logs. I have added an answer to clarify.
I do not believe that is possible given the nature of containers.
You should instead test your app in a docker container then deploy that image to k8s either in the cloud or locally using minikube.
Another solution is to run it under kind which uses docker driver instead of VirtualBox
https://kind.sigs.k8s.io/docs/user/quick-start/
It seems the FATAL error part was a bit misleading.
It was badly formatted by my test environment (all on one line.
When k8s was failing I saw the FATAL and assumed (incorrectly) that was root cause.
When I format the logs nicely I see ...
kubeadm join 172.17.0.2:6443 --token 21e8ab.1e1666a25fd37338 --discovery-token-unsafe-skip-ca-verification --experimental-control-plane --ignore-preflight-errors=all --node-name 172.17.0.3
[preflight] Running pre-flight checks
[WARNING FileContent--proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables does not exist
[preflight] The system verification failed. Printing the output from the verification:
KERNEL_VERSION: 4.4.0-142-generic
DOCKER_VERSION: 18.09.3
OS: Linux
CGROUPS_CPU: enabled
CGROUPS_CPUACCT: enabled
CGROUPS_CPUSET: enabled
CGROUPS_DEVICES: enabled
CGROUPS_FREEZER: enabled
CGROUPS_MEMORY: enabled
[WARNING SystemVerification]: this Docker version is not on the list of validated versions: 18.09.3. Latest validated version: 18.06
[WARNING SystemVerification]: failed to parse kernel config: unable to load kernel module: "configs", output: "modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.4.0-142-generic/modules.dep.bin'\nmodprobe: FATAL: Module configs not found in directory /lib/modules/4.4.0-142-generic\n", err: exit status 1
[discovery] Trying to connect to API Server "172.17.0.2:6443"
[discovery] Created cluster-info discovery client, requesting info from "https://172.17.0.2:6443"
[discovery] Failed to request cluster info, will try again: [the server was unable to return a response in the time allotted, but may still be processing the request (get configmaps cluster-info)]
There are other errors later, which I originally though were a side-effect of the nasty looking FATAL error e.g. .... "[util/etcd] Attempt timed out"]} but I now think root cause is Etcd part times out sometimes.
Adding this answer in case someone else puzzled like I was.

Why Docker can't start or starting forever?

I have installed docker on Windows 10, run it as administrator.
It's still in the process of launching (starting) after half an hour.
Log looks like:
Version: 17.07.0-ce-win26 (13125)
Channel: edge
Sha1: 7c2cb3783c478f82e7a09cfbd5933d7b587c9c1e
Started on: 2017/09/06 09:17:16.119
Resources: C:\Program Files\Docker\Docker\Resources
OS: Windows 10 Pro
Edition: Professional
Id: 1607
Build: 14393
BuildLabName: 14393.1593.amd64fre.rs1_release.170731-1934
...
[09:18:19.619][DockerDaemonChecker][Error ] Docker daemon is not running
[09:18:19.658][NamedPipeServer][Error ] Unable to execute Start: error during connect: Get http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.31/containers/json: open //./pipe/docker_engine: The system cannot find the file specified. In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.
в Docker.Backend.DockerDaemonChecker.Check(Func`1 isDaemonProcessStillRunning) в C:\gopath\src\github.com\docker\pinata\win\src\Docker.Backend\DockerDaemonChecker.cs:line 63
в Docker.Core.Pipe.NamedPipeServer.<>c__DisplayClass9_0.<Register>b__0(Object[] parameters) в C:\gopath\src\github.com\docker\pinata\win\src\Docker.Core\pipe\NamedPipeServer.cs:line 47
в Docker.Core.Pipe.NamedPipeServer.RunAction(String action, Object[] parameters) в C:\gopath\src\github.com\docker\pinata\win\src\Docker.Core\pipe\NamedPipeServer.cs:line 145
[09:18:19.674][NamedPipeClient][Error ] Unable to send Start: error during connect: Get http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.31/containers/json: open //./pipe/docker_engine: The system cannot find the file specified. In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.
[09:18:19.674][Notifications ][Error ] error during connect: Get http://%2F%2F.%2Fpipe%2Fdocker_engine/v1.31/containers/json: open //./pipe/docker_engine: The system cannot find the file specified. In the default daemon configuration on Windows, the docker client must be run elevated to connect. This error may also indicate that the docker daemon is not running.
[09:18:19.705][CrashReport ][Info ] Preparing package to send with the diagnostics
I am trying to reboot, shut down PC, virtualization is enable in bios.
Could you give me some advise to solve the problem?
I had a similar problem some weeks ago with a new user of our systems.
In my case i forgot to add the user to the docker-users group.
Further problems/solutions that i already had:
not enough memory, docker consumes some of it
Crashed containers
Firewall or other tools that block even local TCP access
Bad docker config in %ProgramData%\Docker\config\daemon.json, you could for example try to set it to an empty json file ({})

Docker on RHEL 6 Cgroup mounting failing

I'm trying to get my head around something that's been working on a Centos+Vagrant, but not on our providers RHEL (Red Hat Enterprise Linux Server release 6.5 (Santiago)). A sudo service docker restart hands this:
Stopping docker: [ OK ]
Starting cgconfig service: Error: cannot mount cpuset to /cgroup/cpuset: Device or resource busy
/sbin/cgconfigparser; error loading /etc/cgconfig.conf: Cgroup mounting failed
Failed to parse /etc/cgconfig.conf [FAILED]
Starting docker: [ OK ]
The service starts okey enough, but images cannot run. A mounting failed error is shown when I try. And the startup-log also gives a warning or two. Regarding the kernelwarning, centos gives the same and has no problems as Epel should resolve this:
WARNING: You are running linux kernel version 2.6.32-431.17.1.el6.x86_64, which might be unstable running docker. Please upgrade your kernel to 3.8.0.
2014/08/07 08:58:29 docker daemon: 1.1.2 d84a070; execdriver: native; graphdriver:
[1233d0af] +job serveapi(unix:///var/run/docker.sock)
[1233d0af] +job initserver()
[1233d0af.initserver()] Creating server
2014/08/07 08:58:29 Listening for HTTP on unix (/var/run/docker.sock)
[1233d0af] +job init_networkdriver()
[1233d0af] -job init_networkdriver() = OK (0)
2014/08/07 08:58:29 WARNING: mountpoint not found
Anyone had any success overcoming this problem or should I throw in the towel and wait for the provider to update to RHEL 7?
I have the same issue.
(1) check cgconfig status
# /etc/init.d/cgconfig status
if it stopped, restart it
# /etc/init.d/cgconfig restart
check cgconfig is running
(2) check cgconfig is on
# chkconfig --list cgconfig
cgconfig 0:off 1:off 2:off 3:off 4:off 5:off 6:off
if cgconfig is off, turn it on
(3) if still does not work, may be some cgroups modules is missing. In the kernel .config file, make menuconfig, add those modules into kernel and recompile and reboot
after that, it should be OK
I ended up asking the same question at Google Groups and in the end finding a solution with some help. What worked for me was this:
umount cgroup
sudo service cgconfig start
The project of making Docker work was put on halt all the same. Later a problem of network connection for the containers. This took to much time to solve and had to give up.
So I spent the whole day trying to rig docker to work on my vps. I was running into this same error. Basically what it came down to was the fact that OpenVZ didn't support docker containers up until a couple months ago. Specifically this RHEL update:
https://openvz.org/Download/kernel/rhel6/042stab105.14
Assuming this is your problem, or some variation of it, the burden of solving it is on your host. They will need to follow these steps:
https://openvz.org/Docker_inside_CT
In my case
/etc/rc.d/rc.cgconfig start
was generating
Starting cgconfig service: Error: cannot mount cpu,cpuacct,memory to
/cgroup/cpu_and_mem: Device or resource busy /usr/sbin/cgconfigparser;
error loading /etc/cgconfig.conf: Cgroup mounting failed Failed to
parse /etc/cgconfig.conf
i had to use:
/etc/rc.d/rc.cgconfig restart
and it automagicly umouted and mounted groups
Stopping cgconfig service: Starting cgconfig service:
it seems like the cgconfig service not running,so check it!
# /etc/init.d/cgconfig status
# mkdir -p /cgroup/cpuacct /cgroup/memory /cgroup/devices /cgroup/freezer net_cls /cgroup/blkio
# cat /etc/cgconfig.conf |tail|grep "="|awk '{print "mount -t cgroup -o",$1,$1,$NF}'>cgroup_mount.sh
# sh ./cgroup_mount.sh
# /etc/init.d/cgconfig restart
# /etc/init.d/docker restart
This situation occurs when the kernel is booted with cgroup_disable=memory and /etc/cgconfig.conf contains memory = /cgroup/memory;
This causes only /cgroup/cpuset to be mounted instead of the full set.
Solution: either remove cgroup_disable=memory from your kernel boot options or comment out memory = /cgroup/memory; from cgconfig.conf.
The cgconfig service startup uses mount and umount which requires an extra privilege bump from docker.
See the --privileged=true flag here for more info.
I was able to overcome this issue by starting my container with:
docker run -it --privileged=true my-image.
Tested in Centos6, Centos6.5.

Resources