We have an Ubuntu 18.04.1 bionic container running on a ubuntu 18.04.1 bionic workstation. In the container we run RSyslog to log output from a number of applications. The logging works but when it is time to rotate the logfile we get the following error
execve("/opt/xxxxx/logrotation.sh", ["/opt/xxxxx/logrotation.sh", "/var/log/xxxx/appl.log"], 0x7ffc5b84a8d8 /* 18 vars */) = -1 EACCES (Permission denied)
It is notable that even if we replace the script with an "echo foo" we still get the same error.
We have checked file permissions. The docker container has been started in privileged mode and with all capabilities. We use the Docker version 19.03.6, build 369ce74a3c. The rsyslog service was "rsyslogd 8.32.0" has been run as both the syslog user and the root user. If rsyslog is run as a foreground application it still can't execute the log rotation script.
We also ran the container on an up to date Debian workstation and then the logrotation worked.
So, having tested all this without success we wonder if there is anyone out there who has any idea of what the problem could be, or can think of something that can be checked.
Related
How can I restart docker daemon running in rootless mode on Linux?
Stopping it works fine with:
docker --user stop docker.service
but starting it back again fails when using:
docker --user start docker.service
The command doesn't return anything but when checking the docker info it says:
ERROR: Cannot connect to the Docker daemon at unix:///run/user/1000/docker.sock. Is the docker daemon running?
It doesn't give any further information...
I had this error a couple of times before, when I accidentally run docker with sudo and therefore got mixed up permissions in my data-root (defined in daemon.json). But this time chowning it back to $USER didn't help with the restart. Also restarting the host machine didn't help (as it did a couple of times previously).
Ok, it seems that "userns-remap" is not compatible with rootless mode:
Rootless mode executes the Docker daemon and containers inside a user namespace. This is very similar to userns-remap mode, except that with userns-remap mode, the daemon itself is running with root privileges, whereas in rootless mode, both the daemon and the container are running without root privileges. Rootless mode does not use binaries with SETUID bits or file capabilities, except newuidmap and newgidmap, which are needed to allow multiple UIDs/GIDs to be used in the user namespace.
I was trying to fix permission issues on shared volumes by experimenting with setting UIDs/GIDs and added "userns-remap" to the ~/.config/docker/daemon.json:
{
"data-root": "/home/me/docker/image-storage",
"userns-remap": "me"
}
So deleting userns-remap from the config file fixed the restarting issue... Man, docker, at least a hint to the config file would be great... Because the userns-remap option was mentioned on some official docker doc pages I didn't even consider it as the source of the trouble in the first place.
I am trying to run a private tangle on my computer through linux docker containers.
Therefore I followed the guide over at https://wiki.iota.org/chrysalis-docs/tutorials/one_click_private_tangle
Every step succeeded up until we tried to execute
./private_tangle.sh install
This reports
Error 1
as seen in the screenshot below:
We do net get any further information, is anyone familiar with this error, or has any clue how to get some more information on the error so that we can at least have a clue where to look?
Some further information:
After executing docker ps -a we see that not a single container is running.
I am running on a windows 10 machine
I execute the commands from within ubuntu (version 20.04)
Ubuntu, docker-desktop and docker-desktop-data are all running WSL2
Docker integration with ubuntu is activated
I thought the error could maybe come from no hornet node initially being installed, so I installed a hornet node successfully, according the guide that https://wiki.iota.org/chrysalis-docs/tutorials/one_click_private_tangle. This changed nothing to the Error.
The version of docker and docker-compose are compliant with the requirements
If any more details are needed to help me solve this problem, please let me know.
I used the documentation (https://wiki.iota.org/chrysalis-docs/tutorials/one_click_private_tangle) to install these containers on my local ubuntu 18.04.
My docker version is: 20.10.12
And docker-compose version is: 1.29.2
By following the steps of the tutorial I managed to successfully start all of the containers without trouble.
My guess here would be that the permission of the 'private-tangle.sh' are not correct or that there is permission problem on the docker level.
You should start with checking the permission level of the private-tangle.sh script by using $ls -l
Here is my output -rwxrwxr-x 1 ben ben 9413 Jan 11 11:28 private-tangle.sh
It could also be due to the docker rights if you have to use sudo when executing a docker command it will give some troubles when executing the script.
You need to add yourself to a docker group to be able to run docker commands without sudo. You can do this by running sudo usermod -aG docker $USER with damiaan-vh as $user.
Solution from source https://stackoverflow.com/posts/70665394/edit
Suggesting to downgrade ubuntu version to 18.04 for more stable version.
For reinstalling the docker and docker-compose programs follow this documentations
(docker: https://docs.docker.com/engine/install/ubuntu/ )
(docker-compose: https://docs.docker.com/compose/install/ )
I have a Virtualbox 6.1.4 with Toolbox 19.03.1 installed on Windows 10 with an user with administrator access.
I created a machine called xpto, then I run the eval $(docker-machine env xpto) to turn it active.
I have a docker compose file with two services (postgres and my application), when I try to run the docker-compose command I got the error below:
ERROR: Couldn’t connect to Docker daemon - you might need to run `docker-machine start default
I percept that the first service (postgres) start ok, but when try to run the second command happens the error above.
I did it in other machines and runs well, only in one machine it is happening.
What can be?
I am currently despairing at the attempt of setting up a docker build step in Atlassian Bamboo.
For starters, I just want to create a build configuration that runs the hello-world image as a proof of confluence. So far, I have failed.
I have tried following the steps on https://confluence.atlassian.com/bamboo0609/using-bamboo/jobs-and-tasks/configuring-tasks/configuring-the-docker-task-in-bamboo , but to no avail.
My setup is this:
We have Bamboo installed on an Ubuntu server. I also installed Docker on that server and added the bamboo user to the docker usergroup and restarted the server to make sure the permission change takes effect. At this point, docker run hello-world works when I run it directly on the server. I can also confirm that this is the server that Bamboo runs on since Bamboo went offline whenever I restarted the server that I installed Docker on.
Then, I have added the docker capability to the server (the agent is the default agent, so it inherits this capability from the server). As the docker path, I have tried various things, none of which worked (aka, the following errors remained the same for each of these):
/snap/docker (the first folder that I found on a manual search)
/usr/bin/docker (the recommended path, though on inspecting the Ubuntu server I quickly found out that no docker folder exists under /usr/bin on the Ubuntu derver)
/var/snap/docker/common/var-lib-docker (the path that Docker returns as its Root Directory when I run docker info on the Ubuntu server)
/var/snap/docker (for good measure)
Now, for the runner, I have tried two different approaches.
First, I tried using a Docker runner with the following settings:
Command: Run a Docker container
Docker image: hello-world
This returns the following error message:
┊
Error occurred while running Task 'Hello World Docker Test(5)' of type com.atlassian.bamboo.plugins.bamboo-docker-plugin:task.docker.cli.com.atlassian.bamboo.task.TaskException: Failed to execute task
┊
Caused by: com.atlassian.bamboo.docker.DockerException: Error running Docker run command
┊
Caused by: com.atlassian.utils.process.ProcessException: Error executing /snap/docker run --volume /var/atlassian/application-data/bamboo/xml-data/build-dir/CAM-DOC-JOB1:/data --workdir /data --rm hello-world
┊
The second was just to run a shell runner for the command docker run hello-world, which returned the following error:
docker: not found
At this point, I feel like I'm out of ideas. Everything points towards Bamboo for some reason not finding Docker on the server, even though I can clearly confirm that it is there. I have tried various different approaches of telling Bamboo where to find Docker, but none of them have worked.
It's obvious that I'm doing something wrong, but I can't figure out what. Or maybe the problem lies in an entirely different direction altogether? Anyway, I would be grateful for any insight shared on this matter.
Okay, I found out what caused this strange behaviour.
The problem was that I installed Docker using sudo snap install docker, and apparently installing docker via snap causes problems with Bamboo.
So I got it to work using these simple steps:
[Server] Uninstalled Snap Docker using sudo snap remove docker
[Server] Reinstalled Docker using sudo apt install docker.io
[Bamboo] Changed the path to Docker in the Server Capabilities to /usr/bin/docker
After that, the hello-world image build succeeded and printed the expected output to the log.
I am trying to run command docker-compose up -d as a build step of Jenkins, in "execute shell". Job fails and gives me following console log:
docker-compose up --build -d
Couldn't connect to Docker daemon at http+docker://localunixsocket - is it running?
If it's at a non-standard location, specify the URL with the DOCKER_HOST environment variable.
Build step 'Execute shell' marked build as failure
Finished: FAILURE`
When I cd into jenkins workspace (/var/lib/jenkins/workspace/app/) and tried to run docker-compose up, at first I could get a normal build. Right now I get error in console: ERROR: Error processing tar file(archive/tar: invalid tar header):. Of course app builds and runs normally in home directory when invoked from console.
Docker is running on host. It is possible to run docker-compose by regular user. I did add jenkins user to docker group. I even tried following some asian tutorial from http://blog.csdn.net/qiyueqinglian/article/details/46559825 that made me change DOCKER_OPTS in default/docker, but after restarting docker service it was not running on port 4243, so I didn't understood translation or it is not working on ubuntu 16.04 (host system).
Jenkins is not running in container, it is casually installed on host, no VM no docker, nothing. I tried removing docker and jenkins completly from host (purge etc) and reinstalling, still the same errors.
Any ideas?
Hit this command as a root user and try again
usermod -aG docker jenkins