I was trying to specify the runtime of containers deployed using Kubernetes. I follow the guide in this link and creating the following RuntimeClass:
apiVersion: node.k8s.io/v1beta1
kind: RuntimeClass
metadata:
name: runc
handler: runc
# $ kubeclt get RuntimeClass
# NAME HANDLER AGE
# runc runc 59m
Then, I set my Pod spec.runtimeClassName="runc". However, when deploying this using Kubernetes, I got the following error:
Warning FailedCreatePodSandBox 2m43s (x141 over 32m) kubelet, jetson1 Failed to create pod sandbox: rpc error: code = Unknown desc = RuntimeHandler "runc" not supported
I can run the container with docker and --runtime=runc without any error. But when deploying it with K8s, the error occur. The following is my docker info:
Client:
Debug Mode: false
Server:
Containers: 11
Running: 5
Paused: 0
Stopped: 6
Images: 12
Server Version: 19.03.6
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: nvidia runc
Default Runtime: nvidia
Init Binary: docker-init
containerd version:
runc version:
init version:
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.140-tegra
Operating System: Ubuntu 18.04.4 LTS
OSType: linux
Architecture: aarch64
CPUs: 4
Total Memory: 3.871GiB
Name: jetson1
ID: HLZ4:DQKM:J7YY:OMDN:JXXZ:PFL5:YJGT:DJBM:SMSL:UTZA:WCZ4:GUD4
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Any suggestions will be appreciated. Thank you!
While runc is able to create containers, it's a rather low-level component. Most tools we know as container runtimes actually rely on it in some way. This answer to another question gives a great overview of it.
The RuntimeClass feature in Kubernetes to target a specific conainer runtime requires it to implement the CRI (Container Runtime Interface) on the local nodes (the "Setup" part of your shared link briefly talks about it). I did some quick research and there is no hint that runc is implementing CRI directly. If it was, Kubernetes would skip accessing Docker as you did; it would use that interface to talk to another component directly from kubelet. Checking Docker settings therefore doesn't help to see if runc is a viable Kubernetes container runtime.
So, you should review why you're trying to do this - runc is likely already used in your default container rumtime stack without you maybe realizing it. Kubernetes has documentation for alternative container runtimes, you can look into installing these if you are looking for something more lightweight than Docker.
Related
i want to change the pull location for the docker image, i already follow the instruction from this link https://quick-adviser.com/how-do-i-change-docker-location/.
i already try adding file daemon.json to C:\ProgramData\Docker\config and fill it with following code:
{
"data-root": "D:\\docker-image"
}
then restarting docker desktop. After that, i trying pull a small size docker image like adminer docker pull adminer and check to D:\docker-image. After the execution is completed, the folder still empty
here's my docker info output:
$ docker info
Client:
Context: default
Debug Mode: false
Plugins:
buildx: Docker Buildx (Docker Inc., v0.7.1)
compose: Docker Compose (Docker Inc., v2.2.3)
scan: Docker Scan (Docker Inc., v0.16.0)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.12
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 7b11cfaabd73bb80907dd23182b9347b4245eb5d
runc version: v1.0.2-0-g52b36a2
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 5.10.16.3-microsoft-standard-WSL2
Operating System: Docker Desktop
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 6.04GiB
Name: docker-desktop
ID: V6FY:3JES:DVIP:5ZLG:6J26:IXE7:RKCB:T3MK:RR4B:X2XC:JR7B:LEIH
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No blkio throttle.read_bps_device support
WARNING: No blkio throttle.write_bps_device support
WARNING: No blkio throttle.read_iops_device support
WARNING: No blkio throttle.write_iops_device support
Basically you're running Docker Desktop with WSL2. So files are no longer located in Windows directly. Docker creates an Linux-Virtual-Machine (WSL2) where all files are located inside in a Linux folder structure.
# Image-Layers are somewhere here:
\\wsl$\docker-desktop-data\version-pack-data\community\docker\image\overlay2
\\wsl$\docker-desktop-data\version-pack-data\community\docker\overlay2
If you want to change the folder on Windows side (e.g. to use disk space on another drive) then you have to move the image file. This is described in the question I posted. How can I change the location of docker images when using Docker Desktop on WSL2 with Windows 10 Home?
Two different possibilities given: Moving the WSL2 in total or Move the file and generate a Symlink (mklink) to keep WSL2 like it is and just redirect to the file in another location.
By default docker locates the WSL-Image-File for the Data here: %homepath%\AppData\Local\Docker\wsl\data as ext4.vhdx
With this Docker Desktop and WSL2 setup you can't just change the path where the images are located by just using a windows path because under the hood docker works in Linux. So images are stored in Linux.
If you just want to get the image data to move them to another system check docker save and docker load https://docs.docker.com/engine/reference/commandline/save/
Does this fit your use case?
I am trying to increase the docker image size on ubuntu. When I do docker info I get following info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 17.09.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0
runc version: 3f2f8b84a77f73d38244dd690525642a72156c64
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.4.0-87-generic
Operating System: Ubuntu 16.04.3 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.67GiB
Name: no1010042033112.corp.adobe.com
ID: PYZE:KYTG:DXED:QI37:43ZM:56BB:TLM6:X2OJ:WDPA:35UP:Z4CU:DSNC
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
As you can see that total memory is Total Memory: 15.67GiB. I couldn't find a way to do it on Ubuntu. I tried following ways
1) sudo dockerd --storage-opt dm.basesize=100G
2) Changing DOCKER_OPTS ="--storage-opt dm.basesize=50G" in /etc/default/docker.
But none of these helped. This option is easily available in Docker config in Windows. But how to do it from a ubuntu terminal
Docker, on Linux, with the overlay2 storage driver, uses all of the host system's disk (and memory). There's no way to make it use less disk (without repartitioning your main system disk) and no way to give it more (without adding new hardware).
Docker for Mac, the Linux-flavored Docker for Windows, and Docker Machine all work by launching virtual machines that run a minimal Linux OS. That VM has a specific disk and memory allocation and there's UI controls for it, but it's because the containers are running on a different OS and need an actual virtualization layer.
On Linux, Docker also supports several storage drivers. These require varying amounts of Linux kernel support. Early versions of Docker used something called devicemapper which worked by allocating space in (most often) a fixed-size file, and then the dm.basesize option you give matters ("dm" is for "devicemapper"). Current versions of Docker on current versions of Linux use a different driver called overlay2 which just stores image and container content in ordinary directories. You still need kernel support for it but there's no reserved or limited disk space. That's also why the only size number in the docker info output is memory, which is a different resource.
Using ubuntu 18.04
after upgrading docker to "Docker version 18.09.0-ce-tp5, build 9eb3d36"
Everything works fine before updating docker
Getting following error on docker-compose up:
ERROR: for mysql_1 Cannot start service mysql: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v1.linux/moby/242793c2e7ad05e93ccff53ae37e5d8b054a72f9c2076c1b480f33929dbb45aa/log.json: no such file or directory): exec: "docker-runc": executable file not found in $PATH: unknown
docker info gives
linux#linux-linux:/$ docker info
Containers: 14
Running: 14
Paused: 0
Stopped: 0
Images: 1091
Server Version: 18.09.0-ce-tp5
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 1038
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: containerd runc
Default Runtime: containerd
Init Binary: docker-init
containerd version: ce243288e27971e324363de8f322d221635a8521 (expected: 468a545b9edcd5932818eb9de8e72413e616e86e)
runc version: 1555a78945e56737bc3d15565191d857ee6fa2b9 (expected: 69663f0bd4b60df09991c08812a60108003fa340)
init version: fec3683
Security Options:
apparmor
Kernel Version: 4.15.0-32-generic
Operating System: Ubuntu 18.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 4
Total Memory: 7.719GiB
Name: linux-linux
ID: F475:F7JY:3HSG:XLGM:BAPD:CZYD:HRRO:SN3N:SFSX:7XOK:VDZ4:SNMV
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Product License: Community Engine
WARNING: No swap limit support
Using ubuntu 18.04 after upgrading docker to "Docker version 18.09.0-ce-tp5, build 9eb3d36"
The TP# releases are pre beta (I suspect it stands for technical preview). These will have issues, and there were lots of changes with the containerd integration. You can try upgrading to beta1, or go back to the stable 18.06.1 release. You can see the releases here:
https://github.com/docker/docker-ce/releases
Issue:
I faced the same issue.
Solution
first i restart docker,but when i tried to start my container i was having Error response from daemon: OCI runtime create failed: container with id exists:xxxxxxxxxx
but in ps -a it was showing nothing.
while i was able to run the new container using the same id.
than tried
reboot my server and it is working fine.
as you can see in this 2 rows:
containerd version: ce243288e27971e324363de8f322d221635a8521 (expected: 468a545b9edcd5932818eb9de8e72413e616e86e)
runc version: 1555a78945e56737bc3d15565191d857ee6fa2b9 (expected: 69663f0bd4b60df09991c08812a60108003fa340)
docker expects another internal container id as the tagged container has. i guess this causes the problem.
have you tried to rebuild your container?
I faced a similar problem.
Try committing your container.
Then run it again.
e.g.
docker commit RUNNING_CONTAINER IMAGE1
docker run -d IMAGE1
service docker restart solved the problem in my case
Trying to pull a docker image in my local repo.
Command used:
docker pull buzybox:1.24
Error response from daemon: repository buzybox not found: does not exist or no pull access
My questions:
1:How to find the repository name which am connected with?
2.Whats the access issue in the error its talking about? Do we also have any kind of access issues in the default repo?? How to find that out?
3.How to change the repo if in case i dont find a image in my currect repo.
4.Do we have any web portal from where we can search if the image is present in repository.
Output id docker info :
docker info
Containers: 5
Running: 0
Paused: 0
Stopped: 5
Images: 2
Server Version: 17.06.2-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk
syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 6e23458c129b551d5c9871e5174f6b1b7f6d1170
runc version: 810190ceaa507aa2727d7ae6f4790c76ec150bd2
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.41-moby
Operating System: Alpine Linux v3.5
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.941GiB
Name: moby
ID: RJWZ:HXFZ:5FQX:V2AB:YAXP:BKSU:RLQH:H24C:LNUD:USDA:VIF7:W2M3
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 15
Goroutines: 26
System Time: 2018-01-28T06:34:45.7011515Z
EventsListeners: 0
Registry: https://index.docker.io/v1/
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Thanks in advance Guys!!
Nilotpal
You do not connect to a repository. You connect to a registry. You are probably connected to https://index.docker.io/v1/ but to be sure, you can run sudo docker info and look for the registry line. The repository in your case is buzybox and you are trying to download the image with tag 1.24 from that repository.
The access issue is probably that you mispelled busybox (notice the 's' instead of a 'z').
To log into a different registry, then run
docker login https://<YOUR-DOMAIN>:8080
and then make sure to specify the new registry when you download an image like so:
docker pull <YOUR-DOMAIN>:8080/busybox:1.24
I have been trying to compile docker for the ARM-64 architecture. Docker doesn’t officially support ARM 64-bits (at least not through the package management tools); hence I have to build it from source. Building docker binary set needs docker itself as a dependency. I’ve already managed to compile both the docker daemon and the client via the following (hack) command:
./hack/make.sh dynbinary
However, I haven’t managed to run it successfully. Both binaries are compiled and work, but when I want to start up the daemon it complains about other dependencies:
Failed to connect to containerd. Please make sure containerd is installed in your PATH or you have specified the correct address. Got error: exec: "docker-containerd": executable file not found in $PATH
As I mentioned earlier, I cannot build all the binaries as they need docker itself running.
Looking forward to your help.
Two weeks ago, I was able to install Docker on a Pine64 running Armbian (Debian based). It was as easy as following the official documentation for armhf with one exception, change [arch=armhf] by [arch=arm64] when you add the new apt source.
After the install you have a real Arm64 docker running :
root#pine64:~# docker system info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 60
Server Version: 17.12.0-ce
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 28
Dirperm1 Supported: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 89623f28b87a6004d4b785663257362d1658a729
runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8f
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 3.10.107-pine64
Operating System: Debian GNU/Linux 8 (jessie)
OSType: linux
Architecture: aarch64
CPUs: 4
Total Memory: 979.6MiB
Name: pine64
ID: xxx
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Username: xxx
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false