Develop Reference

Docker in Docker for Jenkins slave node is not working

I tried to build a docker image in a docker. the image was properly built in the previous pipeline. but now it gives the below error.
+ docker build -t trabeya/testdocker:15 .
time="2021-03-18T07:36:20Z" level=error msg="failed to dial gRPC: cannot connect to the Docker daemon. Is 'docker daemon' running on this host?: dial unix /var/run/docker.sock: connect: no such file or directory"
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
This is the docker image that is used for jenkins slave node.
FROM jenkins/inbound-agent:0.1
USER root
#install maven
RUN wget https://downloads.apache.org/maven/maven-3/3.6.3/binaries/apache-maven-3.6.3-bin.tar.gz
RUN mkdir /opt/maven
RUN tar xzvf apache-maven-3.6.3-bin.tar.gz --directory /opt/maven
ENV PATH=$PATH:/opt/maven/apache-maven-3.6.3/bin/
ENV MAVEN_HOME=/opt/maven/apache-maven-3.6.3
#install docker
RUN apt-get update
RUN apt install docker.io -y
RUN docker --version
Appreciate it if someone can guide me for a workaround for this issue.

Error trying runnning kubeadm init on Centos 7

I am new at kubeletes and I can´t run "kubeadm init" with success.
Let me show you step by step what I did:
I installed last version dockers using yum following dockers documentation
(I have configurated 'Environment="HTTP_PROXY=http://usuario:password#proxy:port/" "HTTPS_PROXY=http://usuario:password#proxy:port/"' in /etc/systemd/system/docker.service.d/http-proxy.conf).
I have disabled SELINUXTYPE, disabled Swap with the command "swapoff -a" and commented "#/dev/mapper/centos-swap swap swap defaults 0 0" in /etc/fstab.
I used "modprobe br_netfilter" and "echo '1' > /proc/sys/net/bridge/bridge-nf-call-iptables" to activate the module called "br_netfilter".
"kubernetes.repo" file to install "kubelet kubeadm kubectl" using yum:
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
Opened ports:
firewall-cmd --permanent --add-port=6443/tcp
firewall-cmd --permanent --add-port=2379-2380/tcp
firewall-cmd --permanent --add-port=10250/tcp
firewall-cmd --permanent --add-port=10251/tcp
firewall-cmd --permanent --add-port=10252/tcp
firewall-cmd --permanent --add-port=10255/tcp
firewall-cmd --reload
I created "10-kubeadm.conf" file:
[Service]
Environment="KUBELET_KUBECONFIG_ARGS=--bootstrap kubeconfig=/etc/kubernetes/bootstrap-kubelet.conf --kubeconfig=/etc/kubernetes/kubelet.conf"
Environment="KUBELET_CONFIG_ARGS=--config=/var/lib/kubelet/config.yaml"
# This is a file that "kubeadm init" and "kubeadm join" generates at runtime, populating the KUBELET_KUBEADM_ARGS variable dynamically
EnvironmentFile=-/var/lib/kubelet/kubeadm-flags.env
# This is a file that the user can use for overrides of the kubelet args as a last resort. Preferably, the user should use
# the .NodeRegistration.KubeletExtraArgs object in the configuration files instead. KUBELET_EXTRA_ARGS should be sourced from this file.
EnvironmentFile=-/etc/sysconfig/kubelet
ExecStart=
ExecStart=/usr/bin/kubelet $KUBELET_KUBECONFIG_ARGS $KUBELET_CONFIG_ARGS $KUBELET_KUBEADM_ARGS $KUBELET_EXTRA_ARGS
Reload and enable services:
systemctl daemon-reload
systemctl restart docker
systemctl enable docker
systemctl restart kubelet
systemctl enable kubelet
(both services with status: active(running))
Error:
[wait-control-plane] Waiting for the kubelet to boot up the control plane as static Pods from directory "/etc/kubernetes/manifests". This can take up to 4m0s
[kubelet-check] Initial timeout of 40s passed.
Unfortunately, an error has occurred:
timed out waiting for the condition
This error is likely caused by:
- The kubelet is not running
- The kubelet is unhealthy due to a misconfiguration of the node in some way (required cgroups disabled)
If you are on a systemd-powered system, you can try to troubleshoot the error with the following commands:
- 'systemctl status kubelet'
- 'journalctl -xeu kubelet'
Additionally, a control plane component may have crashed or exited when started by the container runtime.
To troubleshoot, list all containers using your preferred container runtimes CLI, e.g. docker.
Here is one example how you may list all Kubernetes containers running in docker:
- 'docker ps -a | grep kube | grep -v pause'
Once you have found the failing container, you can inspect its logs with:
- 'docker logs CONTAINERID'
error execution phase wait-control-plane: couldn't initialize a Kubernetes cluster
Thanks in advance for the help.
Best Regards.

please disable your swap
swapoff -a
vim /etc/fstab
comment the swap line
after that install this packages
yum install -y yum-utils device-mapper-persistent-data lvm2
and add repo by this
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
and you should install docker by this command
yum install -y docker-ce
cat <<EOF > /etc/yum.repos.d/kubernetes.repo
[kubernetes]
name=Kubernetes
baseurl=https://packages.cloud.google.com/yum/repos/kubernetes-el7-x86_64
enabled=1
gpgcheck=1
repo_gpgcheck=1
gpgkey=https://packages.cloud.google.com/yum/doc/yum-key.gpg
https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg
EOF
yum install -y kubelet kubeadm kubectl
then reboot
systemctl start docker && systemctl enable docker
systemctl start kubelet && systemctl enable kubelet
systemctl daemon-reload
systemctl restart kubelet
kubeadm init --apiserver-advertise-address=MASTER_IP --pod-network-cidr=10.244.0.0/16
do not change 10.244.0.0/16
mkdir -p $HOME/.kube
sudo cp -i /etc/kubernetes/admin.conf $HOME/.kube/config
sudo chown $(id -u):$(id -g) $HOME/.kube/config
Next, deploy the flannel network to the kubernetes cluster using the kubectl command.
kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
I write the complete way to run kubernetes and I run kubernetes cluster by this command 1000 of time

install docker on debian - 'overlay' is not supported over overlayfs

I created a docker image for my build pipeline and I am trying to run docker build -t someTag .
However, I am getting this error.
DEBU[0000] Listener created for HTTP on unix (/var/run/docker.sock)
INFO[0000] libcontainerd: new containerd process, pid: 1026
DEBU[0000] Permission denied writing "-500" to /proc/1026/oom_score_adj
DEBU[0000] containerd: grpc api on /var/run/docker/libcontainerd/docker-containerd.sock
DEBU[0000] containerd: read past events count=0
DEBU[0000] containerd: supervisor running cpus=2 memory=976 runtime=docker-runc runtimeArgs=[] stateDir="/var/run/docker/libcontainerd/containerd"
DEBU[0000] libcontainerd: containerd health check returned error: rpc error: code = 14 desc = grpc: the connection is unavailable
DEBU[0001] Permission denied writing "-500" to /proc/self/oom_score_adj
DEBU[0001] Using default logging driver json-file
DEBU[0001] Golang's threads limit set to 6840
DEBU[0001] [zfs] zfs command is not available: exec: "zfs": executable file not found in $PATH
ERRO[0001] 'overlay' is not supported over overlayfs
DEBU[0001] Using graph driver vfs
DEBU[0001] Max Concurrent Downloads: 3
DEBU[0001] Max Concurrent Uploads: 5
INFO[0001] Graph migration to content-addressability took 0.00 seconds
INFO[0001] Loading containers: start.
DEBU[0001] Option Experimental: false
DEBU[0001] Option DefaultDriver: bridge
DEBU[0001] Option DefaultNetwork: bridge
WARN[0001] Running modprobe bridge br_netfilter failed with message: , error: exec: "modprobe": executable file not found in $PATH
WARN[0001] Running modprobe nf_nat failed with message: ``, error: exec: "modprobe": executable file not found in $PATH
WARN[0001] Running modprobe xt_conntrack failed with message: ``, error: exec: "modprobe": executable file not found in $PATH
DEBU[0001] Fail to initialize firewalld: Failed to connect to D-Bus system bus: dial unix /var/run/dbus/system_bus_socket: connect: no such file or directory, using raw iptables instead
DEBU[0001] /usr/sbin/iptables, [-t nat -D PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -D OUTPUT -m addrtype --dst-type LOCAL ! --dst 127.0.0.0/8 -j DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -D OUTPUT -m addrtype --dst-type LOCAL -j DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -D PREROUTING]
DEBU[0001] /usr/sbin/iptables, [-t nat -D OUTPUT]
DEBU[0001] /usr/sbin/iptables, [-t nat -F DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -X DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t filter -F DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t filter -X DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t filter -F DOCKER-ISOLATION]
DEBU[0001] /usr/sbin/iptables, [-t filter -X DOCKER-ISOLATION]
DEBU[0001] /usr/sbin/iptables, [-t nat -n -L DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -N DOCKER]
DEBU[0001] start clean shutdown of all containers with a 15 seconds timeout...
DEBU[0001] Cleaning up old mountid : start.
DEBU[0001] Cleaning up old mountid : done.
Here is the info of my Dockerfile that is installing docker. I found these steps here.
FROM debian:latest
ENV DEBIAN_FRONTEND noninteractive
ENV JENKINS_HOME /var/jenkins_home
USER root
WORKDIR $JENKINS_HOME
RUN apt-get update
RUN apt-get install \
apt-transport-https \
ca-certificates \
curl \
gnupg2 \
software-properties-common -y
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
RUN apt-get install -y iptables
RUN wget https://download.docker.com/linux/debian/dists/jessie/pool/stable/amd64/docker-ce_17.06.0~ce-0~debian_amd64.deb
RUN dpkg -i docker-ce_17.06.0~ce-0~debian_amd64.deb
What I have tried:
I have tried starting dockerd.
From my best guess, it looks like I need dockerd to start.
root#90302deb48a0:/var/jenkins_home# ps -ef | grep docker
root 6 1 0 14:47 ? 00:00:00 grep docker
I have looked into updating
I have tried updating my iptables
root#e898473347a2:/var/jenkins_home# apt-get install -y iptables
Reading package lists... Done
Building dependency tree
Reading state information... Done
iptables is already the newest version (1.6.0+snapshot20161117-6).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
I have verified that I am root and the directories are owned by root.
root#e898473347a2:/var/jenkins_home# whoami
root
I have tried to research where to post this. Please tell me if this needs to be moved somewhere else. I will kindly move this if this doesn't classify as "programming".

It sounds like you are trying to do Docker in Docker (DinD). It requires some hacks and changing the storage driver (you can't do overlay on overlay). See the Dockerfile and entrypoint script at https://github.com/docker-library/docker/tree/a73d96e731e2dd5d6822c99a9af4dcbfbbedb2be/19.03/dind for more information. It has information on where it gets the dind script and the necessary entrypoint changes to run dockerd.
However, there are official dind tagged images on Docker Hub that you may be better off building from. See https://hub.docker.com/_/docker/. You could just use image docker:17.05.0-dind or base your image off of it if you need customizations.

Unable to start Docker service with error "Failed to start docker.service: Unit not found."

I have installed Docker with yum install docker:
$ uname -a
Linux caspgval4 3.10.0-229.20.1.el7.x86_64 #1 SMP Wed Nov 4 10:08:36 CST 2015 x86_64 x86_64 x86_64 GNU/Linux
$ docker --version
Docker version 1.12.6, build 3a094bd/1.12.6
$ docker info
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
$ sudo systemctl status docker
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
Active: inactive (dead)
Docs: http://docs.docker.com
I am trying to install and run Docker, but it is giving an error as below:
$ sudo service docker start
Redirecting to /bin/systemctl start docker.service
Failed to start docker.service: Unit not found.
How do I resolve this issue? I tried the following commands, but no luck:
$ sudo systemctl start docker
Failed to start docker.service: Unit not found.
Extra information:
$ journalctl -u docker
No journal files were found.
-- No entries --
$ cat /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target
Wants=docker-storage-setup.service
Requires=rhel-push-plugin.socket
Requires=docker-cleanup.timer
[Service]
Type=notify
NotifyAccess=all
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
Environment=DOCKER_HTTP_HOST_COMPAT=1
Environment=PATH=/usr/libexec/docker:/usr/bin:/usr/sbin
ExecStart=/usr/bin/dockerd-current \
--add-runtime docker-runc=/usr/libexec/docker/docker-runc-current \
--default-runtime=docker-runc \
--authorization-plugin=rhel-push-plugin \
--exec-opt native.cgroupdriver=systemd \
--userland-proxy-path=/usr/libexec/docker/docker-proxy-current \
$OPTIONS \
$DOCKER_STORAGE_OPTIONS \
$DOCKER_NETWORK_OPTIONS \
$ADD_REGISTRY \
$BLOCK_REGISTRY \
$INSECURE_REGISTRY
ExecReload=/bin/kill -s HUP $MAINPID
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
Restart=on-abnormal
MountFlags=slave
[Install]
WantedBy=multi-user.target
I tried the following:
$ sudo systemctl daemon-reload
$ sudo systemctl start docker
Failed to start docker.service: Unit not found.
$ sudo journalctl -u docker
-- No entries --
More debug information:
$ sudo systemctl status network.target
● network.target - Network
Loaded: loaded (/usr/lib/systemd/system/network.target; static; vendor preset: disabled)
Active: active since Mon 2017-01-23 02:54:39 PST; 2 months 29 days ago
Docs: man:systemd.special(7)
http://www.freedesktop.org/wiki/Software/systemd/NetworkTarget
Jan 23 02:54:39 mymachine systemd[1]: Starting Network.
Jan 23 02:54:39 mymachine systemd[1]: Reached target Network.
$ sudo systemctl status docker-storage-setup.service
● docker-storage-setup.service - Docker Storage Setup
Loaded: loaded (/usr/lib/systemd/system/docker-storage-setup.service; disabled; vendor preset: disabled)
Active: inactive (dead)
$ sudo systemctl status rhel-push-plugin.socket
Unit rhel-push-plugin.socket could not be found.
$ sudo systemctl status docker-cleanup.timer
● docker-cleanup.timer - Run docker-cleanup every hour
Loaded: loaded (/usr/lib/systemd/system/docker-cleanup.timer; disabled; vendor preset: disabled)
Active: inactive (dead)

In case someone has installed docker using snap, they can start the service using
sudo snap status docker #check the status
sudo snap start docker # start the service

Run this command to list all the services:
sudo systemctl list-units --type=service
Look for the correct Docker service name (in my case it is snap.docker.dockerd.service) then run:
sudo systemctl restart snap.docker.dockerd.service

It looks like you're missing the rhel-push-plugin.socket unit which is presumably part of a rhel-push-plugin package. You can try fixing that install, or you can install the upstream Docker package directly from Docker with the following as root:
curl -sSL https://get.docker.com/ | sh
Or more appropriately following the CentOS install guide from Docker. (The CentOS install tends to work on even a RHEL system when you have a supported version, which until the recent 20.10 release did not include CentOS 8 or RHEL 8.)
The upstream Docker install will be a more recent version of Docker, but it will not have the various RHEL modifications like the rhel-push-plugin.

Use the following command if your OS is Ubuntu, it will install Docker successfully:
apt install docker.io

if you have installed docker with snap you can check the status of the daemon like this:
sudo snap services docker
If the current column shows inactive then it's not running. Try starting it with this:
sudo snap start docker
Check the service again, if it's still not running after that you can check the logs:
sudo snap logs docker
which might give more hints on what's stopping it from running
For me, I had an error saying that docker could not create a symlink in /etc/docker/ because another file was in the way. Emptying the directory was not enough due to a known bug in the docker snap. The work-around was to delete the directory then refresh the snap (see https://forum.snapcraft.io/t/layouts-still-brittle-when-refreshing-snaps/26252/2)
sudo rm -rf /etc/docker
sudo snap refresh

I worked around the issue by simply doing the following:
$ sudo apt-get purge containerd.io docker-ce
$ rm -rf /var/lib/containerd
[reboot]
$ sudo apt-get install containerd.io docker-ce

https://docs.aws.amazon.com/AmazonECS/latest/developerguide/docker-basics.html
Note
In some cases, you may need to reboot your instance to provide permissions for the ec2-user to access the Docker daemon. Try rebooting your instance if you see the following error:

Try installing Docker as root (sudo):
sudo yum install docker
See Installation on Red Hat Enterprise Linux.

docker AWS fail to launch - custom kernel

I cannot launch docker on my AWS instance:
root#system:~# docker -H tcp://127.0.0.1:2375 -H
unix:///var/run/docker.sock -d
root#system:~# INFO[0000] +job serveapi(tcp://127.0.0.1:2375, unix:///var/run/docker.sock)
INFO[0000] +job init_networkdriver()
INFO[0000] Listening for HTTP on tcp (127.0.0.1:2375)
INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
Unable to allow incoming packets: iptables failed: iptables --wait -I
FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT:
iptables: No chain/target/match by that name.
(exit status 1)
INFO[0000] -job init_networkdriver() = ERR (1)
FATA[0000] (exit status 1)
How would you troubleshoot that error sequence message?

Double-check the docker installation procedure on AWS:
[ec2-user ~]$ sudo yum update -y
[ec2-user ~]$ sudo yum install -y docker
[ec2-user ~]$ sudo service docker start
Starting cgconfig service: [ OK ]
Starting docker: [ OK ]
[ec2-user ~]$ sudo usermod -a -G docker ec2-user
# Log out and log back in again to pick up the new docker group permissions.
# Verify that the ec2-user can run Docker commands without sudo.
[ec2-user ~]$ docker info