I installed docker on kubuntu 18 , but I got error
$ docker-compose up -d --build
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
Reading branch
docker error: .IOError: [Errno 13] Permission denied: "./docker-compose.yml"
I tried to salve it :
username#ubuntuOS:/ProjectPath/DOCKER$ sudo groupadd docker
[sudo] password for username:
groupadd: group 'docker' already exists
username#ubuntuOS:/ProjectPath/DOCKER$ sudo gpasswd -a $USER docker
Adding user username to group docker
username#ubuntuOS:/ProjectPath/DOCKER$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
username#ubuntuOS:/ProjectPath/DOCKER$ docker-compose logs -f
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
username#ubuntuOS:/ProjectPath/DOCKER$ sudo dpkg-reconfigure apparmor
Skipping profile in /etc/apparmor.d/disable: usr.bin.firefox
Skipping profile in /etc/apparmor.d/disable: usr.sbin.rsyslogd
username#ubuntuOS:/ProjectPath/DOCKER$ docker-compose up -d --build
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
username#ubuntuOS:/ProjectPath/DOCKER$ sudo apparmor_parser -r /var/lib/snapd/apparmor/profiles/snap.docker.compose
username#ubuntuOS:/ProjectPath/DOCKER$ docker-compose up -d --build
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
But Failed.
My docker-compose.yml :
version: '3.3'
services:
web:
build:
context: ./ # directory of web/Dockerfile.yml
dockerfile: Dockerfile.yml
container_name: lar_nginx_web
# restart: always
working_dir: /var/www/
volumes:
- ../:/var/www
nginx:
image: nginx:1.19-alpine
container_name: lar_nginx_nginx
# restart: always
ports:
- '8084:80'
# http://127.0.0.1:8000
volumes:
- ../:/var/www
- ./nginx:/etc/nginx/conf.d
db:
container_name: lar_nginx_db
image: mysql:5.7.28
# image: mysql:8.0.21
# restart: always
environment:
- MYSQL_DATABASE=DockerLarNginx
- MYSQL_USER=docker_user
- MYSQL_PASSWORD=4321
- MYSQL_ALLOW_EMPTY_PASSWORD=false
- MYSQL_ROOT_PASSWORD=321
- TZ=Europe/Kiev
volumes:
- /var/lib/mysql
phpmyadmin:
container_name: lar_nginx_phpmyadmin
depends_on:
- db
image: phpmyadmin/phpmyadmin
# restart: always
ports:
- 8085:80
environment:
PMA_HOST: db
MYSQL_ROOT_PASSWORD: 1
composer:
image: composer:2.1
container_name: lar_nginx_composer
volumes:
- ./:/var/www
working_dir: /var/www
command: composer install --ignore-platform-reqs
Project directory :
$ ls -l
total 16
-rwxrwxrwx 1 root root 940 Sep 5 16:39 BySteps.txt
-rwxrwxrwx 1 root root 1561 Sep 5 16:56 docker-compose.yml
-rwxrwxrwx 1 root root 1094 Sep 5 09:15 Dockerfile.yml
drwxrwxrwx 1 root root 0 Sep 2 08:21 nginx
-rwxrwxrwx 1 root root 805 Oct 20 2019 virtualhost.conf
How can it be fixed ?
Modified Block:
Searching for decision I found a hints
I might want to turn off apparmor and check if it works without
But Stopping apparmor I got errors:
username#ubuntuOS:ProjectPath$ sudo systemctl stop apparmor
username#ubuntuOS:ProjectPath$ sudo systemctl enable docker
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
Failed to enable unit: Unit file /etc/systemd/system/docker.service is masked.
username#ubuntuOS:ProjectPath$ sudo systemctl start docker
Failed to start docker.service: Unit docker.service is masked.
username#ubuntuOS:ProjectPath$ sudo systemctl start apparmor
If my Docker installation is from Snap?
I installed with command :
sudo apt-get install docker-ce
Is it snap installation?
docker info
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
Server:
ERROR: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
errors pretty printing info
In which way have I to check is it snap installation and how my errors depends on it ?
I failed to run docker :
$ sudo systemctl enable docker
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
Failed to enable unit: Unit file /etc/systemd/system/docker.service is masked.
$ sudo systemctl start docker
Failed to start docker.service: Unit docker.service is masked.
In my Synaptic I found installed packages:
snap
location of genes from DNA sequence with hidden markov model
and
apparmor
user-space parser utility for AppArmor
I have some prior docker expierence, but I did not have such problems.
How these can be fixed?
Modified Block # 2:
username#ubuntuOS:/ProjectPath//DOCKER$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
username#ubuntuOS:/ProjectPath//DOCKER$ sudo systemctl unmask docker && sudo systemctl start docker
Removed /etc/systemd/system/docker.service.
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
username#ubuntuOS:/ProjectPath//DOCKER$ docker-compose
Define and run multi-container applications with Docker.
Usage:
docker-compose [-f <arg>...] [options] [COMMAND] [ARGS...]
docker-compose -h|--help
Options:
-f, --file FILE Specify an alternate compose file
(default: docker-compose.yml)
-p, --project-name NAME Specify an alternate project name
(default: directory name)
--verbose Show more output
--log-level LEVEL Set log level (DEBUG, INFO, WARNING, ERROR, CRITICAL)
--no-ansi Do not print ANSI control characters
-v, --version Print version and exit
-H, --host HOST Daemon socket to connect to
--tls Use TLS; implied by --tlsverify
--tlscacert CA_PATH Trust certs signed only by this CA
--tlscert CLIENT_CERT_PATH Path to TLS certificate file
--tlskey TLS_KEY_PATH Path to TLS key file
--tlsverify Use TLS and verify the remote
--skip-hostname-check Don't check the daemon's hostname against the
name specified in the client certificate
--project-directory PATH Specify an alternate working directory
(default: the path of the Compose file)
--compatibility If set, Compose will attempt to convert keys
in v3 files to their non-Swarm equivalent
--env-file PATH Specify an alternate environment file
Commands:
build Build or rebuild services
config Validate and view the Compose file
create Create services
down Stop and remove containers, networks, images, and volumes
events Receive real time events from containers
exec Execute a command in a running container
help Get help on a command
images List images
kill Kill containers
logs View output from containers
pause Pause services
port Print the public port for a port binding
ps List containers
pull Pull service images
push Push service images
restart Restart services
rm Remove stopped containers
run Run a one-off command
scale Set number of containers for a service
start Start services
stop Stop services
top Display the running processes
unpause Unpause services
up Create and start containers
version Show the Docker-Compose version information
username#ubuntuOS:/ProjectPath//DOCKER$ sudo tail -f /var/log/syslog
Sep 15 06:40:28 ubuntuOS systemd[3516]: Failed to start snap.docker.compose.2c72d705-91cd-406c-a3eb-bcbdbcfed2d5.scope.
Sep 15 06:40:30 ubuntuOS kernel: [ 1169.609359] audit: type=1400 audit(1631677230.198:65): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/proc/14125/mounts" pid=14125 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 15 06:40:30 ubuntuOS kernel: [ 1169.738542] audit: type=1400 audit(1631677230.330:66): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/ProjectPath//DOCKER/docker-compose.yml" pid=14125 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 15 06:40:30 ubuntuOS kernel: [ 1169.738565] audit: type=1400 audit(1631677230.330:67): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/ProjectPath//DOCKER/docker-compose.yml" pid=14125 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Sep 15 06:40:39 ubuntuOS kernel: [ 1178.543524] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=176.10.192.176 DST=213.109.234.130 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=40086 DF PROTO=TCP SPT=44902 DPT=6881 WINDOW=64240 RES=0x00 SYN URGP=0
Sep 15 06:41:06 ubuntuOS systemd[3516]: snap.docker.compose.009e07fe-8e69-4d56-a1ad-be6649422dc1.scope: Failed to add PIDs to scope's control group: Permission denied
Sep 15 06:41:06 ubuntuOS systemd[3516]: snap.docker.compose.009e07fe-8e69-4d56-a1ad-be6649422dc1.scope: Failed with result 'resources'.
Sep 15 06:41:06 ubuntuOS systemd[3516]: Failed to start snap.docker.compose.009e07fe-8e69-4d56-a1ad-be6649422dc1.scope.
Sep 15 06:41:07 ubuntuOS kernel: [ 1206.991294] audit: type=1400 audit(1631677267.581:68): apparmor="DENIED" operation="open" profile="snap.docker.compose" name="/proc/14166/mounts" pid=14166 comm="python3" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000
Sep 15 06:41:08 ubuntuOS kernel: [ 1208.265731] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=104.140.188.18 DST=213.109.234.130 LEN=44 TOS=0x00 PREC=0x00 TTL=246 ID=50654 PROTO=TCP SPT=56649 DPT=8888 WINDOW=1024 RES=0x00 SYN URGP=0
Sep 15 06:41:24 ubuntuOS kernel: [ 1223.876776] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=176.67.84.17 DST=213.109.234.130 LEN=58 TOS=0x00 PREC=0x00 TTL=122 ID=7917 PROTO=UDP SPT=61585 DPT=6881 LEN=38
Sep 15 06:41:37 ubuntuOS kernel: [ 1237.119996] [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=185.76.147.123 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=250 ID=61449 PROTO=TCP SPT=41688 DPT=3556 WINDOW=1024 RES=0x00 SYN URGP=0
Modified Block # 3:
username#ubuntuOS:/ProjectPath/DOCKER$ sudo systemctl start docker
[sudo] password for username:
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
username#ubuntuOS:/ProjectPath/DOCKER$ sudo journalctl -xe
Sep 16 06:31:15 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=125.64.94.144 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=48901 DPT=17988 WINDOW=65535 RES=0x00
Sep 16 06:31:23 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=193.27.229.54 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54084 PROTO=TCP SPT=55154 DPT=47319 WINDOW=1024 RES=0x00 S
Sep 16 06:31:42 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=192.241.220.215 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=54321 PROTO=TCP SPT=51354 DPT=443 WINDOW=65535 RES=0x00
Sep 16 06:32:08 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=193.27.229.54 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=248 ID=55215 PROTO=TCP SPT=55154 DPT=30869 WINDOW=1024 RES=0x00 S
Sep 16 06:32:09 ubuntuOS sudo[12849]: username : TTY=pts/5 ; PWD=/ProjectPath/DOCKER ; USER=root ; COMMAND=/bin/systemctl start docker
Sep 16 06:32:09 ubuntuOS sudo[12849]: pam_unix(sudo:session): session opened for user root by username(uid=0)
Sep 16 06:32:09 ubuntuOS systemd[1]: Starting LSB: Create lightweight, portable, self-sufficient containers....
-- Subject: Unit docker.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has begun starting up.
Sep 16 06:32:09 ubuntuOS docker[12852]: * /usr/bin/dockerd not present or not executable
Sep 16 06:32:09 ubuntuOS sudo[12849]: pam_unix(sudo:session): session closed for user root
Sep 16 06:32:09 ubuntuOS systemd[1]: docker.service: Control process exited, code=exited status=1
Sep 16 06:32:09 ubuntuOS systemd[1]: docker.service: Failed with result 'exit-code'.
Sep 16 06:32:09 ubuntuOS systemd[1]: Failed to start LSB: Create lightweight, portable, self-sufficient containers..
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has failed.
--
-- The result is RESULT.
Sep 16 06:32:28 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=40.124.92.24 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=52505 PROTO=TCP SPT=53846 DPT=2375 WINDOW=1024 RES=0x00 SYN
Sep 16 06:32:29 ubuntuOS sudo[12904]: username : TTY=pts/5 ; PWD=/ProjectPath/DOCKER ; USER=root ; COMMAND=/bin/journalctl -xe
Sep 16 06:32:29 ubuntuOS sudo[12904]: pam_unix(sudo:session): session opened for user root by username(uid=0)
-- Reboot --
Jan 25 17:55:16 ubuntuOS systemd-timedated[13988]: Changed local time to Wed Jan 25 17:55:16 2023
-- Subject: Time change
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The system clock has been changed to 1674662116924753 microseconds after January 1st, 1970.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Anacron 2.3 started on 2023-01-25
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Daily apt download activities...
-- Subject: Unit apt-daily.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apt-daily.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.daily' in 5 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Message of the Day...
-- Subject: Unit motd-news.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.weekly' in 10 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Clean php session files...
-- Subject: Unit phpsessionclean.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit phpsessionclean.service has begun starting up.
--
-- The result is RESULT.
Sep 16 06:32:28 ubuntuOS kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=40.124.92.24 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=52505 PROTO=TCP SPT=53846 DPT=2375 WINDOW=1024 RES=0x00 SYN
Sep 16 06:32:29 ubuntuOS sudo[12904]: username : TTY=pts/5 ; PWD=/ProjectPath/DOCKER ; USER=root ; COMMAND=/bin/journalctl -xe
Sep 16 06:32:29 ubuntuOS sudo[12904]: pam_unix(sudo:session): session opened for user root by username(uid=0)
-- Reboot --
Jan 25 17:55:16 ubuntuOS systemd-timedated[13988]: Changed local time to Wed Jan 25 17:55:16 2023
-- Subject: Time change
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- The system clock has been changed to 1674662116924753 microseconds after January 1st, 1970.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Anacron 2.3 started on 2023-01-25
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Daily apt download activities...
-- Subject: Unit apt-daily.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit apt-daily.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.daily' in 5 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Message of the Day...
-- Subject: Unit motd-news.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.weekly' in 10 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Clean php session files...
-- Subject: Unit phpsessionclean.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit phpsessionclean.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Will run job `cron.monthly' in 15 min.
Jan 25 17:55:16 ubuntuOS systemd[1]: Starting Discard unused blocks...
-- Subject: Unit fstrim.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit fstrim.service has begun starting up.
Jan 25 17:55:16 ubuntuOS anacron[14008]: Jobs will be executed sequentially
Jan 25 17:55:16 ubuntuOS systemd[1]: Started Run anacron jobs.
-- Subject: Unit anacron.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit anacron.service has finished starting up.
--
-- The start-up result is RESULT.
Jan 25 17:55:16 ubuntuOS systemd[1]: Started Message of the Day.
-- Subject: Unit motd-news.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit motd-news.service has finished starting up.
Thanks!
It is the permissions to this file: docker-compose.yml?
ERROR: .PermissionError: [Errno 13] Permission denied: './docker-compose.yml'
I had an error similar with MySQL server and simply allowing permission to write to this file solved the issue.
Good luck!
Related
I installed Kubuntu 18 about 3 weeks ago on partition in 28G(sdb5), but after installing of docker seems this space is not enough for my root partition
I found that /var/lib/docker/ takes 11.1 GiB.
I found a decision of using sdb7 partition for docker which is not used now.
So after I formatted /sdb7 into ext4 and used /sdb7 in /etc/fstab and restarted OS I run:
cd /var/lib
sudo rsync -av docker /mnt/_work_sdb7
sudo mv docker docker.old
sudo ln -s /mnt/_work_sdb7/docker
and next :
$ docker-compose up -d --build
ERROR: Couldn't connect to Docker daemon at http+docker://localunixsocket - is it running?
If it's at a non-standard location, specify the URL with the DOCKER_HOST environment variable.
I found a way of fixing such error:
sudo usermod -aG docker $USER
sudo newgrp - docker
But it did not help. Next :
Some configation/permittions missing?
# docker-compose --version
docker-compose version 1.17.1, build unknown
# docker --version
Docker version 19.03.2, build 6a30dfc
MODIFIED :
I run command and see messages in console :
$ sudo dockerd --data-root=/mnt/_work_sdb7
INFO[2019-09-14T14:56:26.394402307+03:00] Starting up
INFO[2019-09-14T14:56:26.395196810+03:00] detected 127.0.0.53 nameserver, assuming systemd-resolved, so using resolv.conf: /run/systemd/resolve/resolv.conf
INFO[2019-09-14T14:56:26.444127000+03:00] parsed scheme: "unix" module=grpc
INFO[2019-09-14T14:56:26.444152461+03:00] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2019-09-14T14:56:26.444179994+03:00] ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock 0 <nil>}] } module=grpc
INFO[2019-09-14T14:56:26.444193376+03:00] ClientConn switching balancer to "pick_first" module=grpc
INFO[2019-09-14T14:56:26.444651765+03:00] pickfirstBalancer: HandleSubConnStateChange: 0xc000143020, CONNECTING module=grpc
INFO[2019-09-14T14:56:26.444710232+03:00] blockingPicker: the picked transport is not ready, loop back to repick module=grpc
INFO[2019-09-14T14:56:26.463935589+03:00] pickfirstBalancer: HandleSubConnStateChange: 0xc000143020, READY module=grpc
INFO[2019-09-14T14:56:26.503211493+03:00] parsed scheme: "unix" module=grpc
INFO[2019-09-14T14:56:26.503236499+03:00] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2019-09-14T14:56:26.503253831+03:00] ccResolverWrapper: sending update to cc: {[{unix:///run/containerd/containerd.sock 0 <nil>}] } module=grpc
INFO[2019-09-14T14:56:26.503264403+03:00] ClientConn switching balancer to "pick_first" module=grpc
INFO[2019-09-14T14:56:26.503334016+03:00] pickfirstBalancer: HandleSubConnStateChange: 0xc000143420, CONNECTING module=grpc
INFO[2019-09-14T14:56:26.503354596+03:00] blockingPicker: the picked transport is not ready, loop back to repick module=grpc
INFO[2019-09-14T14:56:26.503629147+03:00] pickfirstBalancer: HandleSubConnStateChange: 0xc000143420, READY module=grpc
WARN[2019-09-14T14:56:26.584401464+03:00] Your kernel does not support swap memory limit
WARN[2019-09-14T14:56:26.584423249+03:00] Your kernel does not support cgroup rt period
WARN[2019-09-14T14:56:26.584431948+03:00] Your kernel does not support cgroup rt runtime
INFO[2019-09-14T14:56:26.584832727+03:00] Loading containers: start.
INFO[2019-09-14T14:56:26.861388365+03:00] Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address
INFO[2019-09-14T14:56:27.120567034+03:00] Loading containers: done.
INFO[2019-09-14T14:56:27.294102345+03:00] Docker daemon commit=6a30dfc graphdriver(s)=overlay2 version=19.03.2
INFO[2019-09-14T14:56:27.294224407+03:00] Daemon has completed initialization
INFO[2019-09-14T14:56:27.366695106+03:00] API listen on /var/run/docker.sock
The command above did not finish and was working:
I opened console in other tab and run :
$ sudo usermod -aG docker $USER
$ sudo newgrp - docker
# cd /mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker
# sudo systemctl enable docker
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
# sudo systemctl start docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sat 2019-09-14 15:00:34 EEST; 8s ago
Docs: https://docs.docker.com
Process: 14694 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
Main PID: 14694 (code=exited, status=1/FAILURE)
Sep 14 15:00:34 serge-at-hoe systemd[1]: docker.service: Service hold-off time over, scheduling restart.
Sep 14 15:00:34 serge-at-hoe systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Stopped Docker Application Container Engine.
Sep 14 15:00:34 serge-at-hoe systemd[1]: docker.service: Start request repeated too quickly.
Sep 14 15:00:34 serge-at-hoe systemd[1]: docker.service: Failed with result 'exit-code'.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Failed to start Docker Application Container Engine.
# journalctl -xe
-- Automatic restarting of the unit docker.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Stopped Docker Application Container Engine.
-- Subject: Unit docker.service has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has finished shutting down.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Closed Docker Socket for the API.
-- Subject: Unit docker.socket has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has finished shutting down.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Stopping Docker Socket for the API.
-- Subject: Unit docker.socket has begun shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has begun shutting down.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Starting Docker Socket for the API.
-- Subject: Unit docker.socket has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has begun starting up.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Listening on Docker Socket for the API.
-- Subject: Unit docker.socket has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has finished starting up.
--
-- The start-up result is RESULT.
Sep 14 15:00:34 serge-at-hoe systemd[1]: docker.service: Start request repeated too quickly.
Sep 14 15:00:34 serge-at-hoe systemd[1]: docker.service: Failed with result 'exit-code'.
Sep 14 15:00:34 serge-at-hoe systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has failed.
--
-- The result is RESULT.
Sep 14 15:00:34 serge-at-hoe systemd[1]: docker.socket: Failed with result 'service-start-limit-hit'.
Sep 14 15:00:42 serge-at-hoe systemd[1]: Started Run anacron jobs.
-- Subject: Unit anacron.service has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit anacron.service has finished starting up.
--
-- The start-up result is RESULT.
Sep 14 15:00:42 serge-at-hoe anacron[14760]: Anacron 2.3 started on 2019-09-14
Sep 14 15:00:42 serge-at-hoe anacron[14760]: Normal exit (0 jobs run)
What is wrong ?
MODIFIED 2 :
I did not find existing file, so I created new file /etc/docker/daemon.json
with content :
{
"data-root": "/mnt/_work_sdb7/docker" ,
"storage-driver": "overlay2"
}
/etc/docker# ls -la
total 24
drwxr-xr-x 2 root root 4096 вер 14 16:52 .
drwxr-xr-x 150 root root 12288 вер 14 16:05 ..
-rwxrwxrwx 1 root root 81 вер 14 16:52 daemon.json
-rw------- 1 root root 244 вер 6 18:12 key.json
In my /etc/fstab :
/dev/sdb7 /mnt/_work_sdb7 ext4 defaults 0 0
and restarted the OS.
After that in my docker project I run :
$ sudo systemctl enable docker
[sudo] password for serge:
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
serge#serge-at-hoe:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker$ sudo systemctl start docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
serge#serge-at-hoe:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker$ systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Sat 2019-09-14 16:54:09 EEST; 2s ago
Docs: https://docs.docker.com
Process: 5199 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
Main PID: 5199 (code=exited, status=1/FAILURE)
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Service hold-off time over, scheduling restart.
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
вер 14 16:54:09 serge-at-hoe systemd[1]: Stopped Docker Application Container Engine.
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Start request repeated too quickly.
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Failed with result 'exit-code'.
вер 14 16:54:09 serge-at-hoe systemd[1]: Failed to start Docker Application Container Engine.
serge#serge-at-hoe:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker$ journalctl -xe
--
-- Automatic restarting of the unit docker.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
вер 14 16:54:09 serge-at-hoe systemd[1]: Stopped Docker Application Container Engine.
-- Subject: Unit docker.service has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has finished shutting down.
вер 14 16:54:09 serge-at-hoe systemd[1]: Closed Docker Socket for the API.
-- Subject: Unit docker.socket has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has finished shutting down.
вер 14 16:54:09 serge-at-hoe systemd[1]: Stopping Docker Socket for the API.
-- Subject: Unit docker.socket has begun shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has begun shutting down.
вер 14 16:54:09 serge-at-hoe systemd[1]: Starting Docker Socket for the API.
-- Subject: Unit docker.socket has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has begun starting up.
вер 14 16:54:09 serge-at-hoe systemd[1]: Listening on Docker Socket for the API.
-- Subject: Unit docker.socket has finished start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.socket has finished starting up.
--
-- The start-up result is RESULT.
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Start request repeated too quickly.
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Failed with result 'exit-code'.
вер 14 16:54:09 serge-at-hoe systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit docker.service has failed.
--
-- The result is RESULT.
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.socket: Failed with result 'service-start-limit-hit'.
вер 14 16:54:10 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=01:00:5e:00:00:01:c8:e7:f0:6e:fc:29:08:00 SRC=100.103.0.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=40300 PROTO=2
вер 14 16:54:10 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=213.109.129.134 DST=213.109.234.130 LEN=44 TOS=0x00 PREC=0x00 TTL=250 ID=15541 DF PROTO=TCP SPT=35673 DPT=23 WINDOW=14600 R
вер 14 16:54:11 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=36.63.165.72 DST=213.109.234.130 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=901 DF PROTO=TCP SPT=44000 DPT=1433 WINDOW=8192 RES=0
вер 14 16:54:12 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=01:00:5e:00:00:01:c8:e7:f0:6e:fc:29:08:00 SRC=100.103.0.1 DST=224.0.0.1 LEN=32 TOS=0x00 PREC=0xC0 TTL=1 ID=48963 PROTO=2
вер 14 16:54:23 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=159.224.38.32 DST=213.109.234.130 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=26239 DF PROTO=TCP SPT=34959 DPT=6881 WINDOW=7300 RES
вер 14 16:54:23 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=185.222.211.54 DST=213.109.234.130 LEN=40 TOS=0x00 PREC=0x00 TTL=251 ID=1768 PROTO=TCP SPT=41109 DPT=8321 WINDOW=1024 RES=0
вер 14 16:54:23 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=87.122.153.155 DST=213.109.234.130 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=2867 DF PROTO=TCP SPT=47437 DPT=6881 WINDOW=7300 RES
вер 14 16:54:24 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=159.224.38.32 DST=213.109.234.130 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=26240 DF PROTO=TCP SPT=34959 DPT=6881 WINDOW=7300 RES
вер 14 16:54:24 serge-at-hoe kernel: [UFW BLOCK] IN=enp4s0 OUT= MAC=44:8a:5b:ee:2a:dd:c8:e7:f0:6e:fc:29:08:00 SRC=87.122.153.155 DST=213.109.234.130 LEN=60 TOS=0x00 PREC=0x00 TTL=57 ID=2868 DF PROTO=TCP SPT=47437 DPT=6881 WINDOW=7300 RES
lines 2823-2877/2877 (END)
I see errors :
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Start request repeated too quickly.
вер 14 16:54:09 serge-at-hoe systemd[1]: docker.service: Failed with result 'exit-code'.
вер 14 16:54:09 serge-at-hoe systemd[1]: Failed to start Docker Application Container Engine.
?
MODIFIED 3 :
I found /etc/systemd/system.conf in which all parameters were commented
I uncommented or added parameters with some values, incrementing them and restarting OS. I made so several times and at least I have :
DefaultStartLimitIntervalSec=350s
DefaultStartLimitBurst=260
StartLimitInterval=350s
StartLimitBurst=260
StartLimitIntervalSec=260
while all the rest parameters commented, But any way I see errors :
вер 14 18:05:44 serge-at-hoe systemd[1]: docker.service: Start request repeated too quickly.
вер 14 18:05:44 serge-at-hoe systemd[1]: docker.service: Failed with result 'exit-code'.
вер 14 18:05:44 serge-at-hoe systemd[1]: Failed to start Docker Application Container Engine.
Which values must have these(or some others) values ?
MODIFIED # 4 :
I tried in /etc/systemd/system.conf to change some values to zero, as I googled such possible decision:
DefaultStartLimitIntervalSec=0
DefaultStartLimitBurst=260
StartLimitInterval=350
StartLimitBurst=260
StartLimitIntervalSec=0
But restarting OS I failed to login into the system and has a lot of flash messages on the screen.
I modified the file with all 0 :
DefaultStartLimitIntervalSec=0
DefaultStartLimitBurst=0
StartLimitInterval=0
StartLimitBurst=0
StartLimitIntervalSec=0
I reloaded ok but running docker I still have "Start request repeated too quickly" errors:
$ sudo usermod -aG docker $USER
#:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker$ sudo newgrp - docker
#:/root# cd /mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker
#:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker# sudo systemctl start docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
#:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker# sudo systemctl enable docker
Synchronizing state of docker.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable docker
#:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker# sudo systemctl start docker
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
#:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker# systemctl status docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Mon 2019-09-16 14:30:07 EEST; 298ms ago
Docs: https://docs.docker.com
Process: 5183 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
Main PID: 5183 (code=exited, status=1/FAILURE)
Sep 16 14:30:07 s systemd[1]: docker.service: Service hold-off time over, scheduling restart.
Sep 16 14:30:07 s systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
Sep 16 14:30:07 s systemd[1]: Stopped Docker Application Container Engine.
Sep 16 14:30:07 s systemd[1]: docker.service: Start request repeated too quickly.
Sep 16 14:30:07 s systemd[1]: docker.service: Failed with result 'exit-code'.
Sep 16 14:30:07 s systemd[1]: Failed to start Docker Application Container Engine.
#:/mnt/_work_sdb8/wwwroot/lar/DockerApps/votes_docker# journalctl -xe
-- Support: http://www.ubuntu.com/support
--
-- Unit snapd.service has finished shutting down.
Sep 16 14:30:15 s systemd[1]: Starting Snappy daemon...
-- Subject: Unit snapd.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit snapd.service has begun starting up.
Sep 16 14:30:15 s snapd[6435]: AppArmor status: apparmor is enabled and all features are available
Sep 16 14:30:15 s snapd[6435]: cannot run daemon: assert storage root unexpectedly world-writable: /var/lib/snapd/assertions/asserts-v0
Sep 16 14:30:15 s systemd[1]: snapd.service: Main process exited, code=exited, status=1/FAILURE
Sep 16 14:30:15 s systemd[1]: snapd.service: Failed with result 'exit-code'.
Sep 16 14:30:15 s systemd[1]: Failed to start Snappy daemon.
-- Subject: Unit snapd.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit snapd.service has failed.
--
-- The result is RESULT.
Sep 16 14:30:15 s systemd[1]: snapd.service: Triggering OnFailure= dependencies.
Sep 16 14:30:15 s systemd[1]: snapd.service: Service hold-off time over, scheduling restart.
Sep 16 14:30:15 s systemd[1]: snapd.service: Scheduled restart job, restart counter is at 25663.
-- Subject: Automatic restarting of a unit has been scheduled
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Automatic restarting of the unit snapd.service has been scheduled, as the result for
-- the configured Restart= setting for the unit.
Sep 16 14:30:15 s systemd[1]: Stopped Snappy daemon.
-- Subject: Unit snapd.service has finished shutting down
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit snapd.service has finished shutting down.
Sep 16 14:30:15 s systemd[1]: Starting Snappy daemon...
-- Subject: Unit snapd.service has begun start-up
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit snapd.service has begun starting up.
Sep 16 14:30:15 s snapd[6467]: AppArmor status: apparmor is enabled and all features are available
Sep 16 14:30:15 s snapd[6467]: cannot run daemon: assert storage root unexpectedly world-writable: /var/lib/snapd/assertions/asserts-v0
Sep 16 14:30:15 s systemd[1]: snapd.service: Main process exited, code=exited, status=1/FAILURE
Sep 16 14:30:15 s systemd[1]: snapd.service: Failed with result 'exit-code'.
Sep 16 14:30:15 s systemd[1]: Failed to start Snappy daemon.
-- Subject: Unit snapd.service has failed
-- Defined-By: systemd
-- Support: http://www.ubuntu.com/support
--
-- Unit snapd.service has failed.
--
-- The result is RESULT.
Sep 16 14:30:15 s systemd[1]: snapd.service: Triggering OnFailure= dependencies.
I am not sure if that valid options in /etc/systemd/system.conf or some other issue?
Did you typed:
sudo systemctl start docker
sudo systemctl enable docker
?
The way you are trying to install docker on another partition is not correct.
You need a partition (sdb7 in your case). Suppose its mounted at /mnt/sdb7
Docker by default store all its data (containers, images and so on) in /var/lib/docker you need to change this in your case to something like /mnt/sdb7/docker using data-root option of docker.
While starting docker deamon use --data-root option.
dockerd --data-root=/mnt/sdb7/docker
Hope this helps.
Update:
The dockerd command will run in foreground.
You need to set --data-root option permanently for docker.service that you start/stop using systemctl.
To set that option permanently refer this.
You need to add this line "data-root": "/mnt/docker-data" in /etc/docker/daemon.json file.
Update-2:
docker.socket: Failed with result 'service-start-limit-hit' means docker.service seems to fail and restart to fast. The is explained here.
You need to edit systemd file for docker using systemctl edit docker.service as mentioned here and tweak the values of StartLimitIntervalSec= and StartLimitBurst= as mentioned here so that the docker.service will not fail to quickly.
Update-3:
Editing /etc/systemd/system.conf file is dangerous it might cause serious problem with your VM. What I suggested was to change make change using systemctl edit docker.service.
The docker.service systemd file contents should be similar to this.
Also refer this.
Wheh the /etc/docker/daemon.json exists, docker no longer started!
I installed docker from snap, so service docker restart will not work.
I start docker with
sudo snap start docker
The output from journalctl -xe is:
Aug 20 09:08:44 user-TV kernel: aufs aufs_fill_super:912:mount[1404]: no arg
Aug 20 09:08:44 user-TV kernel: overlayfs: missing 'lowerdir'
Aug 20 08:55:29 user-TV audit[644]: AVC apparmor="DENIED" operation="open" profile="snap.docker.dockerd" name="/etc/docker/daemon.json" pid=644 comm="dockerd" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
Aug 20 08:55:29 user-TV docker.dockerd[644]: unable to configure the Docker daemon with file /etc/docker/daemon.json: open /etc/docker/daemon.json: permission denied
Aug 20 08:55:29 user-TV kernel: audit: type=1400 audit(1534726529.513:7216): apparmor="DENIED" operation="open" profile="snap.docker.dockerd" name="/etc/docker/daemon.json" pid=644 comm="dockerd" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
Aug 20 08:55:29 user-TV systemd[1]: snap.docker.dockerd.service: Main process exited, code=exited, status=1/FAILURE
Why it failed with open /etc/docker/daemon.json: permission denied in line 4 even I chmod 777 to it?
The content of the file is:
{
"experimental": true
}
The docker version is 17.06.2-ce
You have an AppArmor policy which is blocking access to this file.
Aug 20 08:55:29 user-TV audit[644]: AVC apparmor="DENIED" operation="open" profile="snap.docker.dockerd" name="/etc/docker/daemon.json" pid=644 comm="dockerd" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
Modify the apparmor to allow this and you should be ok
I configure Docker to listen to both a Unix socket (default) and to an all-interfaces TCP port. After updating to Docker version 18.09.0, build 4d60db4 I could no longer start Docker while using /etc/docker/daemon.json on Centos 7.5.
journalctl -xe reported:
Nov 12 08:58:45 my.dev dockerd[6778]: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: hosts: (from flag: [unix://],
On systemd systems the daemon.json config option is no longer supported. Instead:
sudo rm /etc/daemon/daemon.json
sudo systemctl edit docker.service
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H unix:///var/run/docker.sock -H tcp://0.0.0.0:1234
sudo systemctl daemon-reload
sudo systemctl restart docker.service
So I installed docker engine on RHEL 7
Now when I do a
service docker start
I get the following error:
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.
and when I go to "systemctl status docker.service" and "journalctl -xe"
I get:
docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Drop-In: /etc/systemd/system/docker.service.d
└─docker.conf
Active: failed (Result: exit-code) since Thu 2016-09-08 22:15:53 EDT; 10s ago
Docs: https://docs.docker.com
Process: 13504 ExecStart=/usr/bin/docker daemon -H fd:// --mtu 1400 --exec-opt native.cgroupdriver=systemd (code=exited, status=1/FAILURE)
Main PID: 13504 (code=exited, status=1/FAILURE)
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: Starting Docker Application Container Engine...
Sep 08 22:15:53 app-linux2.app-netapp.lab.com docker[13504]: time="2016-09-08T22:15:53.227074798-04:00" level=fatal msg="no sockets found via socket activation: make sure the service ...by systemd"
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: Failed to start Docker Application Container Engine.
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: Unit docker.service entered failed state.
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: docker.service failed.
And
--
-- The start-up result is done.
Sep 08 22:10:01 app-linux2.app-netapp.lab.com CROND[12753]: (root) CMD (/usr/lib64/sa/sa1 1 1)
Sep 08 22:10:01 app-linux2.app-netapp.lab.com systemd[1]: Starting Session 58 of user root.
-- Subject: Unit session-58.scope has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit session-58.scope has begun starting up.
Sep 08 22:10:53 app-linux2.app-netapp.lab.com polkitd[766]: Registered Authentication Agent for unix-process:12878:2674931 (system bus name :1.173 [/usr/bin/pkttyagent --notify-fd 5 --fallback], ob
Sep 08 22:10:53 app-linux2.app-netapp.lab.com systemd[1]: Starting Docker Application Container Engine...
-- Subject: Unit docker.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has begun starting up.
Sep 08 22:10:53 app-linux2.app-netapp.lab.com docker[12895]: time="2016-09-08T22:10:53.413304246-04:00" level=fatal msg="no sockets found via socket activation: make sure the service was started by
Sep 08 22:10:53 app-linux2.app-netapp.lab.com systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Sep 08 22:10:53 app-linux2.app-netapp.lab.com systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has failed.
--
-- The result is failed.
Sep 08 22:10:53 app-linux2.app-netapp.lab.com systemd[1]: Unit docker.service entered failed state.
Sep 08 22:10:53 app-linux2.app-netapp.lab.com systemd[1]: docker.service failed.
Sep 08 22:10:53 app-linux2.app-netapp.lab.com polkitd[766]: Unregistered Authentication Agent for unix-process:12878:2674931 (system bus name :1.173, object path /org/freedesktop/PolicyKit1/Authent
Sep 08 22:13:36 app-linux2.app-netapp.lab.com polkitd[766]: Registered Authentication Agent for unix-process:13214:2691210 (system bus name :1.174 [/usr/bin/pkttyagent --notify-fd 5 --fallback], ob
Sep 08 22:13:36 app-linux2.app-netapp.lab.com polkitd[766]: Unregistered Authentication Agent for unix-process:13214:2691210 (system bus name :1.174, object path /org/freedesktop/PolicyKit1/Authent
Sep 08 22:15:53 app-linux2.app-netapp.lab.com polkitd[766]: Registered Authentication Agent for unix-process:13489:2704913 (system bus name :1.175 [/usr/bin/pkttyagent --notify-fd 5 --fallback], ob
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: Starting Docker Application Container Engine...
-- Subject: Unit docker.service has begun start-up
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has begun starting up.
Sep 08 22:15:53 app-linux2.app-netapp.lab.com docker[13504]: time="2016-09-08T22:15:53.227074798-04:00" level=fatal msg="no sockets found via socket activation: make sure the service was started by
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has failed.
--
-- The result is failed.
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: Unit docker.service entered failed state.
Sep 08 22:15:53 app-linux2.app-netapp.lab.com systemd[1]: docker.service failed.
Sep 08 22:15:53 app-linux2.app-netapp.lab.com polkitd[766]: Unregistered Authentication Agent for unix-process:13489:2704913 (system bus name :1.175, object path /org/freedesktop/PolicyKit1/Authent
lines 3473-3523/3523 (END)
I tried to search solution for this
but could not find any.
Just Remove Docker Lib and restart it again with:
sudo rm -rf /var/lib/docker
then
sudo systemctl enable docker
sudo systemctl start docker
Check your OS logs files for warning or error messages.
Probably you have made a mistake in the config files of docker and when the service starts it gets an error.
The log's location depends on your OS.
On Linux system logs are often in:
/var/log/daemon.log
/var/log/docker
/var/log/messages
/var/log/syslog
/var/log/upstart/docker.log
Some useful linux console commands to inspect docker logs:
sudo systemctl status docker.service
sudo journalctl -fu docker.service
cat /var/log/daemon.log | grep docker
cat /var/log/messages | grep docker
If you are using Windows this article might be helpful
Here are more details
What version of Docker do you use? If you are not locked to the elder one, consider use of the most recent version (currently it's 1.12). Here's my startup options (Debian 8, /etc/systemd/system/docker.service):
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target docker.socket
Requires=docker.socket
[Service]
Type=notify
ExecStart=/usr/bin/docker daemon -H fd:// --dns=10.240.116.7 --dns 8.8.8.8 --bip=172.17.42.1/24
MountFlags=slave
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
[Install]
WantedBy=multi-user.target
Also try to start Docker in debug mode (-D) without systemd, just like if it was a common program. This will help to find out why daemon doesn't start.
Fixing the Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details. problem, for me this worked:
create daemon.json in /etc/docker/
put this in it:
{
"exec-root": "/path/to/docker/run",
"storage-driver": "overlay",
"graph": "/path/to/docker/lib"
}
then try: docker daemon
reboot
docker run hello-world should succeed now
There are many reasons for docker service failing to run. One of them that I encountered is using single quotes instead of double quotes for the key value pairs in the json file.
It fails
sudo cat > /etc/docker/daemon.json << '_EOF'
{
'registry-mirrors': ['https://docker.io']
}
_EOF
It works!
sudo cat > /etc/docker/daemon.json << '_EOF'
{
"registry-mirrors": ["https://docker.io"]
}
_EOF
For more info see here
I came across same issue in my Linux VM(virtual machine).
System details : ubuntu 18.04
I had to just delete my daemon.json and then do a service docker start this worked for me.
Note: I had put insecure registry in my daemon.json file and i didn't want that as well hence i deleted it. I don't know it's usage though.
I'm trying to have docker container stored in a luks device, but using the below command it is not working.
I'm also trying to have a docker container to use (and maybe open) a luks file as a volume data, but I don't know how to bind it to the container
I have done the following :
pvcreate /dev/sdb
Physical volume "/dev/sdb" successfully created
vgcreate vgluks /dev/sdb
Volume group "vgluks" successfully created
lvcreate -l 90%FREE -n lvdocker-data vgluks
WARNING: crypto_LUKS signature detected on /dev/vgluks/lvdocker-data at offset 0. Wipe it? [y/n]: y
Wiping crypto_LUKS signature on /dev/vgluks/lvdocker-data.
Logical volume "lvdocker-data" created.
lvcreate -l 100%FREE -n lvdocker-metadata vgluks
Logical volume "lvdocker-metadata" created.
created a key
dd if=/dev/urandom of=/tmp/key bs=4K count=1
1+0 records in
1+0 records out
4096 bytes (4.1 kB) copied, 0.00126301 s, 3.2 MB/s
cryptsetup luksFormat --batch-mode --key-file=/tmp/key /dev/vgluks/lvdocker-data
cryptsetup luksFormat --batch-mode --key-file=/tmp/key /dev/vgluks/lvdocker-metadata
cryptsetup luksOpen --key-file=/tmp/key /dev/vgluks/lvdocker-data cryptfs-data
cryptsetup luksOpen --key-file=/tmp/key /dev/vgluks/lvdocker-metadata cryptfs-metadata
formated in ext4
mkfs.ext4 /dev/mapper/cryptfs-data
mkfs.ext4 /dev/mapper/cryptfs-metadata
my docker.service looks like this :
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network.target docker.socket
Requires=docker.socket
[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
ExecStart=/usr/bin/docker daemon -H fd:// $OPTIONS
MountFlags=slave
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
[Install]
WantedBy=multi-user.target
and the /etc/sysconfig/docker is like :
OPTIONS="--storage-driver=devicemapper --storage-opt dm.datadev=/dev/vgluks/lvdocker-data --storage-opt dm.metadatadev=/dev/vgluks/lvdocker-metadata --insecure-registry myregistryhost:443 -H tcp://0.0.0.0:4243 -H unix:///var/run/docker.sock"
The output of systemctl is :
systemctl status -l docker.service
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Wed 2015-12-23 16:05:28 CET; 25min ago
Docs: https://docs.docker.com
Main PID: 6544 (code=exited, status=1/FAILURE)
Dec 23 16:05:28 localhost.localdomain systemd[1]: Starting Docker Application Container Engine...
Dec 23 16:05:28 localhost.localdomain docker[6544]: time="2015-12-23T16:05:28.457356524+01:00" level=warning msg="/!\\ DON'T BIND ON ANY IP ADDRESS WITHOUT setting -tlsverify IF YOU DON'T KNOW WHAT YOU'RE DOING /!\\"
Dec 23 16:05:28 localhost.localdomain docker[6544]: time="2015-12-23T16:05:28.478448525+01:00" level=fatal msg="Error starting daemon: error initializing graphdriver: Error running deviceCreate (CreatePool) dm_task_run failed"
Dec 23 16:05:28 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Dec 23 16:05:28 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Dec 23 16:05:28 localhost.localdomain systemd[1]: Unit docker.service entered failed state.
Dec 23 16:05:28 localhost.localdomain systemd[1]: docker.service failed.
After executing yum install docker on centos7, I want to start docker by executing service docker start, then i can see the error:
Redirecting to /bin/systemctl start docker.service
Job for docker.service failed. See 'systemctl status docker.service' and 'journalctl -xn' for details.
then I execute systemctl status docker.service -l, then the error is:
docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled)
Active: failed (Result: exit-code) since Sun 2015-03-15 03:49:49 EDT; 12min ago
Docs: http://docs.docker.com
Process: 11444 ExecStart=/usr/bin/docker -d $OPTIONS $DOCKER_STORAGE_OPTIONS (code=exited, status=1/FAILURE)
Main PID: 11444 (code=exited, status=1/FAILURE)
Mar 15 03:49:48 localhost.localdomain docker[11444]: 2015/03/15 03:49:48 docker daemon: 1.3.2 39fa2fa/1.3.2; execdriver: native; graphdriver:
Mar 15 03:49:48 localhost.localdomain docker[11444]: [a25f748b] +job serveapi(fd://)
Mar 15 03:49:48 localhost.localdomain docker[11444]: [info] Listening for HTTP on fd ()
Mar 15 03:49:48 localhost.localdomain docker[11444]: [a25f748b] +job init_networkdriver()
Mar 15 03:49:48 localhost.localdomain docker[11444]: [a25f748b] -job init_networkdriver() = OK (0)
Mar 15 03:49:49 localhost.localdomain docker[11444]: 2015/03/15 03:49:49 write /var/lib/docker/init/dockerinit-1.3.2: no space left on device
Mar 15 03:49:49 localhost.localdomain systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Mar 15 03:49:49 localhost.localdomain systemd[1]: Failed to start Docker Application Container Engine.
Mar 15 03:49:49 localhost.localdomain systemd[1]: Unit docker.service entered failed state.
I really have no idea, looking forward to your response, I will be very appreciative!
this error usually occurs because of missing device-mapper-event-libs package.
# yum install device-mapper-event-libs
Thanks for Ben Whaley's advice,When I check my disk space,Indeed it's not enough.I extend my disk space and solve the problem. It's the first time I put forward questions,It's really of help. thanks again.
I upgraded the CentOS 7 kernel from 3 to 4.
NOTE: I upgraded Kernel for other reasons also, first try without upgrading kernel.
delete the folder docker under /var/lib
go to cd /etc/sysconfig
vi docker (before editing copy docker docker.org)
see Line there you find OPTIONS='--selinux-disabled --log-driver=journald'
Remove --selinux-disabled should like OPTIONS='--log-driver=journald'
Now un-comment # setsebool -P docker_transition_unconfined 1 to setsebool -P docker_transition_unconfined 1
reboot the machine or you try only docker start to check for me it works :)