docker run error(operation not support) after load busybox images on embeded playform - docker
I built a docker form source for my embedded platform(armv7) and install them successfully. But I got an error(docker: Error response from daemon: operation not supported) when trying load arm32v7/busybox image
I built docker(Version: 18.09.4) and its dependencies with buildroot and install it successfully
2.Then I run dockerd with command "dockerd -s overlay &"
3.And I load armv7/busybox image which was saved from my notebook.
(As my embeded board was limited by gateway and can't connect the Internet, I use my notebook save image for my embeded board)
4.finally I load the image successfully and run it failed with "docker: Error response from daemon: operation not supported"
5.run docker info on board output like this
# docker info
WARN[1970-01-02T02:46:52.315076016Z] Could not get operating system name: Error opening /usr/lib/os-release: open /usr/lib/os-release: no such file or directory
WARN[1970-01-02T02:46:52.328707599Z] failed to retrieve docker-init version: exec: "docker-init": executable file not found in $PATH
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 1
Server Version: 18.09.4
Storage Driver: overlay
Backing Filesystem: tmpfs
Supports d_type: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version:
runc version: v1.0.0-rc7
init version: N/A (expected: )
Kernel Version: 4.9.37
OSType: linux
Architecture: armv7l
CPUs: 2
Total Memory: 498.3MiB
Name: (none)
ID: VS4X:CF4M:UNNY:QKJW:2PKQ:5ZUL:7N7C:24AK:O2VN:ZRLM:BUZO:5BHO
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
WARNING: the overlay storage-driver is deprecated, and will be removed in a future release.
1.on my notebook
leo#ubuntu:~$ sudo docker pull arm32v7/busybox
Using default tag: latest
latest: Pulling from arm32v7/busybox
2b35d97f9c81: Pulling fs layer
2b35d97f9c81: Pull complete
Digest: sha256:6b1ef683f696c503a0afb93d06684a9a70f8f793a90220eb0da569be116ce1d1
Status: Downloaded newer image for arm32v7/busybox:latest
leo#ubuntu:~$ sudo docker save arm32v7/busybox -o arm_busybox.tar
2.on my embeded board
# rz
rz waiting to receive.
Starting zmodem transfer. Press Ctrl+C to cancel.
Transferring arm_busybox.tar...
100% 1141 KB 1141 KB/sec 00:00:01 0 Errors
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
arm32v7/busybox latest 94491159407b Less than a second ago 944kB
# docker^C
# docker images rmi 94491159407b
"docker images" requires at most 1 argument.
See 'docker images --help'.
Usage: docker images [OPTIONS] [REPOSITORY[:TAG]]
List images
# docker rmi 94491159407b
Untagged: arm32v7/busybox:latest
Deleted: sha256:94491159407b8aca603c71cdcaf164be9e63ed17239b2b081ce3a6bf765f6e8a
Deleted: sha256:7dc29058f73fc3fe174d0cc6795bee0a4130ba807f971e6e0cf4a88d77a9fe53
#
# ls
arm_busybox.tar
# docker load -i arm_busybox.tar
7dc29058f73f: Loading layer [==================================================>] 1.16MB/1.16MB
Loaded image: arm32v7/busybox:latest
#
# docker run
"docker run" requires at least 1 argument.
See 'docker run --help'.
Usage: docker run [OPTIONS] IMAGE [COMMAND] [ARG...]
Run a command in a new container
# docker images
REPOSITORY TAG IMAGE ID CREATED SIZE
arm32v7/busybox latest 94491159407b Less than a second ago 944kB
# docker run arm32v7/busybox
docker: Error response from daemon: operation not supported.
See 'docker run --help'.
# docker run arm32v7/busybox ls
docker: Error response from daemon: operation not supported.
See 'docker run --help'.
# docker run arm32v7/busybox /bin/sh
docker: Error response from daemon: operation not supported.
See 'docker run --help'.
docker run arm32v7/busybox should return successfully. but get an error response.
why?
After CONFIG_TMPFS_XATTR and CONFIG_TMPFS_POSIX_ACL flags switch to [=y] (before compiling kernel),docker run don't return error, but block !!
I enable debug mode when starting dockerd. there is log of dockerd
# dockerd -D -s overlay
...
DEBU[1970-01-02T07:55:03.848247951Z] form data: {"AttachStderr":true,"AttachStdin":false,"AttachStdout":true,"Cmd":null,"Domainname":"","Entrypoint":null,"Env":[],"HostConfig":{"AutoRemove":false,"Binds":null,"BlkioDeviceReadBps":null,"BlkioDeviceReadIOps":null,"BlkioDeviceWriteBps":null,"BlkioDeviceWriteIOps":null,"BlkioWeight":0,"BlkioWeightDevice":[],"CapAdd":null,"CapDrop":null,"Cgroup":"","CgroupParent":"","ConsoleSize":[0,0],"ContainerIDFile":"","CpuCount":0,"CpuPercent":0,"CpuPeriod":0,"CpuQuota":0,"CpuRealtimePeriod":0,"CpuRealtimeRuntime":0,"CpuShares":0,"CpusetCpus":"","CpusetMems":"","DeviceCgroupRules":null,"Devices":[],"DiskQuota":0,"Dns":[],"DnsOptions":[],"DnsSearch":[],"ExtraHosts":null,"GroupAdd":null,"IOMaximumBandwidth":0,"IOMaximumIOps":0,"IpcMode":"","Isolation":"","KernelMemory":0,"Links":null,"LogConfig":{"Config":{},"Type":""},"MaskedPaths":null,"Memory":0,"MemoryReservation":0,"MemorySwap":0,"MemorySwappiness":-1,"NanoCpus":0,"NetworkMode":"default","OomKillDisable":false,"OomScoreAdj":0,"PidMode":"","PidsLimit":0,"PortBindings":{},"Privileged":false,"PublishAllPorts":false,"ReadonlyPaths":null,"ReadonlyRootfs":false,"RestartPolicy":{"MaximumRetryCount":0,"Name":"no"},"SecurityOpt":null,"ShmSize":0,"UTSMode":"","Ulimits":null,"UsernsMode":"","VolumeDriver":"","VolumesFrom":null},"Hostname":"","Image":"94491159407b","Labels":{},"NetworkingConfig":{"EndpointsConfig":{}},"OnBuild":null,"OpenStdin":false,"StdinOnce":false,"Tty":false,"User":"","Volumes":{},"WorkingDir":""}
DEBU[1970-01-02T07:55:03.907315451Z] container mounted via layerStore: &{/var/lib/docker/overlay/9efba7d0f8b20b508274373120276bfcead4c0afdc98ac6c813a41e64c61df9e/merged 0x2bdd510 0x2bdd510}
DEBU[1970-01-02T07:55:03.946627243Z] Calling POST /v1.39/containers/77d7e164a3a10e34bb25ff59852bdfac9c962639dedf543614d71107567f6417/attach?stderr=1&stdout=1&stream=1
DEBU[1970-01-02T07:55:03.947147743Z] attach: stdout: begin
DEBU[1970-01-02T07:55:03.953483993Z] Calling POST /v1.39/containers/77d7e164a3a10e34bb25ff59852bdfac9c962639dedf543614d71107567f6417/wait?condition=next-exit
DEBU[1970-01-02T07:55:03.954236410Z] attach: stderr: begin
DEBU[1970-01-02T07:55:03.964652451Z] Calling POST /v1.39/containers/77d7e164a3a10e34bb25ff59852bdfac9c962639dedf543614d71107567f6417/start
DEBU[1970-01-02T07:55:03.981005285Z] container mounted via layerStore: &{/var/lib/docker/overlay/9efba7d0f8b20b508274373120276bfcead4c0afdc98ac6c813a41e64c61df9e/merged 0x2bdd510 0x2bdd510}
DEBU[1970-01-02T07:55:03.982641076Z] Assigning addresses for endpoint boring_montalcini's interface on network bridge
DEBU[1970-01-02T07:55:03.982754368Z] RequestAddress(LocalDefault/172.17.0.0/16, <nil>, map[])
DEBU[1970-01-02T07:55:03.982917743Z] Request address PoolID:172.17.0.0/16 App: ipam/default/data, ID: LocalDefault/172.17.0.0/16, DBIndex: 0x0, Bits: 65536, Unselected: 65533, Sequence: (0xc0000000, 1)->(0x0, 2046)->(0x1, 1)->end Curr:2 Serial:false PrefAddress:<nil>
DEBU[1970-01-02T07:55:04.013580701Z] Assigning addresses for endpoint boring_montalcini's interface on network bridge
INFO[1970-01-02T07:55:04.015169910Z] /etc/resolv.conf does not exist
INFO[1970-01-02T07:55:04.015304618Z] No non-localhost DNS nameservers are left in resolv.conf. Using default external servers: [nameserver 8.8.8.8 nameserver 8.8.4.4]
INFO[1970-01-02T07:55:04.015357285Z] IPv6 enabled; Adding default IPv6 external servers: [nameserver 2001:4860:4860::8888 nameserver 2001:4860:4860::8844]
DEBU[1970-01-02T07:55:04.018542701Z] Programming external connectivity on endpoint boring_montalcini (dcf05afcaeb79ee2fc5fc4a6aceda37c6083f3a19fe608fabb4bb8d91f7e5f1b)
DEBU[1970-01-02T07:55:04.019416368Z] EnableService 77d7e164a3a10e34bb25ff59852bdfac9c962639dedf543614d71107567f6417 START
DEBU[1970-01-02T07:55:04.019500118Z] EnableService 77d7e164a3a10e34bb25ff59852bdfac9c962639dedf543614d71107567f6417 DONE
DEBU[1970-01-02T07:55:04.022324743Z] bundle dir created bundle=/var/run/docker/containerd/77d7e164a3a10e34bb25ff59852bdfac9c962639dedf543614d71107567f6417 module=libcontainerd namespace=moby root=/var/lib/docker/overlay/9efba7d0f8b20b508274373120276bfcead4c0afdc98ac6c813a41e64c61df9e/merged
DEBU[1970-01-02T07:55:04.030072118Z] event published ns=moby topic="/containers/create" type=containerd.events.ContainerCreate
INFO[1970-01-02T07:55:04.060624576Z] shim containerd-shim started address="/containerd-shim/moby/77d7e164a3a10e34bb25ff59852bdfac9c962639dedf543614d71107567f6417/shim.sock" debug=true pid=1383
DEBU[0000] registering ttrpc server
DEBU[0000] serving api on unix socket socket="[inherited from parent]"
mv root dir to a persistent path, not tmpfs, then:
stop dockerd
mv /var/lib/docker /root/docker
start dockerd
docker run arm32v7/busybox
Related
Docker run results in error: layer does not exist
I'm trying to setup redmine (with postgres) on my raspberry pi 3 using docker-compose. It already worked once, but then I tried to install plugins and somehow managed to bork my system. Now it won't let me start my database container anymore. Even creating a new postgres:12.8 container, yields the error layer does not exist: $ docker run --rm -it postgres:12.8 bash docker: Error response from daemon: layer does not exist. I've already restarted the system twice, which sadly didn't change anything. How can I get this to work again? Additional info: $ docker info Client: Debug Mode: false Server: Containers: 5 Running: 4 Paused: 0 Stopped: 1 Images: 65 Server Version: 19.03.13 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd init version: fec3683 Security Options: seccomp Profile: default Kernel Version: 4.19.66-v7+ Operating System: Raspbian GNU/Linux 9 (stretch) OSType: linux Architecture: armv7l CPUs: 4 Total Memory: 926.1MiB Name: raspberrypi ID: <redacted> Docker Root Dir: /var/lib/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false WARNING: No swap limit support WARNING: No cpu cfs quota support WARNING: No cpu cfs period support Update 1: Removing the image (via docker rmi) doesn't stop the error. $ docker run --rm -it postgres:12.8 bash Unable to find image 'postgres:12.8' locally 12.8: Pulling from library/postgres Digest: sha256:e10cd754296c1b3e93a121bcc64550d183df56f20bab47e08cacb123fb969b5e Status: Downloaded newer image for postgres:12.8 docker: Error response from daemon: layer does not exist. See 'docker run --help'. Other images can be run as usual: $ docker run --rm -it alpine bash Unable to find image 'alpine:latest' locally latest: Pulling from library/alpine 4ee0caa23b36: Pull complete Digest: sha256:eb3e4e175ba6d212ba1d6e04fc0782916c08e1c9d7b45892e9796141b1d379ae Status: Downloaded newer image for alpine:latest / # whoami root / #
Nuking /var/lib/docker seems to get the system working again - this removes all images and lots of other docker-related data. This doesn't feel like a great solution, but it'll have to do for now. $ sudo service docker stop $ docker ps Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running? $ sudo rm -rf /var/lib/docker $ sudo service docker start $ docker run --rm -it postgres:12.8 bash Unable to find image 'postgres:12.8' locally 12.8: Pulling from library/postgres 607f77084e8a: Pull complete ce89a6184ac9: Pull complete 2a4e6e7ac863: Pull complete f3b6f439172b: Pull complete 2e803a3461b4: Pull complete 467430f26cab: Pull complete 1a81afc37621: Pull complete 4ceea61b7b5c: Pull complete 1f5bfa96a004: Pull complete b40859b8e537: Pull complete c7b3bf3cab26: Pull complete 653c63793cd5: Pull complete aad7328542d8: Pull complete Digest: sha256:e10cd754296c1b3e93a121bcc64550d183df56f20bab47e08cacb123fb969b5e Status: Downloaded newer image for postgres:12.8 root#8ba418515688:/# References: https://github.com/coreos/bugs/issues/1808 https://github.com/coreos/bugs/issues/1313
I have the error below and a restart of docker daemon seems to fix it. Still wondering what causes it in the first place. level=error msg="Handler for POST /v1.41/containers/create returned error: layer does not exist"
'docker: invalid reference format' when docker repository is not explicitly specified
I'm running a Docker in Docker container in kubernetes through the Gitlab CI (there is a main image and dind is as a service). In the pod I can build docker images and push them, however any further manipulation or a simple docker run triggers an error of invalid reference format. There are two additional insecure private repositories specified in the dind service specification. If I try to run docker images without a repo prefix specified, it fails. (note that the images are there, it's just their tag which doesn't have the repo specified) bash-4.2# docker run hello-world docker: invalid reference format. See 'docker run --help'. bash-4.2# docker run docker.io/hello-world Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. (amd64) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/ bash-4.2# I would expect the basic docker pull/run commands to pass and to use the images cached in the daemon even when their current tag doesn't contain a repository specified. Added docker info Containers: 3 Running: 1 Paused: 0 Stopped: 2 Images: 21 Server Version: 18.09.5 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: false Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: bb71b10fd8f58240ca47fbb579b9d1028eea7c84 runc version: 2b18fe1d885ee5083ef9f0838fee39b62d653e30 init version: fec3683 Security Options: seccomp Profile: default Kernel Version: 4.14.35-1844.3.2.el7uek.x86_64 Operating System: Alpine Linux v3.9 (containerized) OSType: linux Architecture: x86_64 CPUs: 20 Total Memory: 125.5GiB Name: runner-vppr4q7s-project-14503-concurrent-08qxbj ID: HQ3U:HATA:TZUT:OLVS:MHRZ:F4DY:ENBD:Z5WH:FQBC:SGI3:BUUY:QIME Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false HTTP Proxy: xxxxxxxx HTTPS Proxy: xxxxxxx No Proxy: localhost,127.0.0.1,.xxxxxxxxxx Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: xxxxxxxxxxxx:5000 yyyyyyyyyyyy:5000 127.0.0.0/8 Live Restore Enabled: false Product License: Community Engine WARNING: API is accessible on http://0.0.0.0:2375 without encryption. Access to the remote API is equivalent to root access on the host. Refer to the 'Docker daemon attack surface' section in the documentation for more information: https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface WARNING: bridge-nf-call-iptables is disabled WARNING: bridge-nf-call-ip6tables is disabled Registries: Additionally: bash-4.2# docker tag docker.io/hello-world:latest hello-world:v1 Error parsing reference: "hello-world:v1" is not a valid repository/tag: invalid reference format bash-4.2# docker tag docker.io/hello-world:latest some:2000/hello-world:v1 bash-4.2# docker tag docker.io/hello-world:latest docker.io/hello-world:v1 (ok) And docker images doesn't show the docker.io/hello-world:latest and docker.io/hello-world:v1 but shows some:2000/hello-world:v1
Docker hello-world gives error that container /hello: no such file or directory": unknown
I am new on Docker and try to understand how it works. I installed docker to virtualbox centos 7 instance. The service is working properly but when I run hello-world image it gives following error . [root#localhost ~]# docker run hello-world docker: Error response from daemon: OCI runtime create failed: container_linux.go:344: starting container process caused "exec: \"/hello\": stat /hello: no such file or directory": unknown. I tried $ docker system prune but didn't work again. Here is all command line history that includes system information and docker information. [root#localhost ~]# cat /etc/os-release NAME="CentOS Linux" VERSION="7 (Core)" ID="centos" ID_LIKE="rhel fedora" VERSION_ID="7" PRETTY_NAME="CentOS Linux 7 (Core)" ANSI_COLOR="0;31" CPE_NAME="cpe:/o:centos:centos:7" HOME_URL="https://www.centos.org/" BUG_REPORT_URL="https://bugs.centos.org/" CENTOS_MANTISBT_PROJECT="CentOS-7" CENTOS_MANTISBT_PROJECT_VERSION="7" REDHAT_SUPPORT_PRODUCT="centos" REDHAT_SUPPORT_PRODUCT_VERSION="7" [root#localhost ~]# docker --version Docker version 18.09.3, build 774a1f4 [root#localhost ~]# docker run hello-world docker: Error response from daemon: OCI runtime create failed: container_linux.go:344: starting container process caused "exec: \"/hello\": stat /hello: no such file or directory": unknown. [root#localhost ~]# docker system prune WARNING! This will remove: - all stopped containers - all networks not used by at least one container - all dangling images - all dangling build cache Are you sure you want to continue? [y/N] y Deleted Containers: ace04702bb0e2a1997dc35a0a21c7ca49a395809e5d1da98ddc99ee16544dcc4 e70f5999470577d0eca655643b7ba2ce41ee99495bb257d8ca5f956c26a7079b 82f65c36f76cf2cbf6297a514865d45524bf3cb4472be5e5da72c632cd535a3b Total reclaimed space: 0B [root#localhost ~]# docker run hello-world docker: Error response from daemon: OCI runtime create failed: container_linux.go:344: starting container process caused "exec: \"/hello\": stat /hello: no such file or directory": unknown. [root#localhost ~]# docker info Containers: 1 Running: 0 Paused: 0 Stopped: 1 Images: 1 Server Version: 18.09.3 Storage Driver: overlay2 Backing Filesystem: xfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: e6b3f5632f50dbc4e9cb6288d911bf4f5e95b18e runc version: 6635b4f0c6af3810594d2770f662f34ddc15b40d init version: fec3683 Security Options: seccomp Profile: default Kernel Version: 3.10.0-957.el7.x86_64 Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64 CPUs: 1 Total Memory: 3.701GiB Name: localhost.localdomain ID: R2XU:6ZAF:2UZO:QBUR:GGWW:GFIG:DHVF:5DZG:DPG2:GIKV:3GE5:NLS2 Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false Product License: Community Engine
this is causing because of old version of CentOS. Check https://github.com/moby/moby/issues/35906 Please upgrade your CentOS to 7.4.
After reading some documentation acknowledged that this issue has not occurred from docker but selinux configuration. It recommended that #sestatus Current Mode should be permissive but it was enforcing in my case. I think this makes all error halts process rather than logging. So #setenforce 0 #docker system prune -a it works! Thanks for all help on this issue.
sha256 of locally built docker image
How do I get the sha256 checksum of an already locally built docker image? I want to use the checksum to annotate a FROM instruction in a derived image: FROM name#sha256:checksum I already tried checksums from docker inspect. Neither the first nor the last of the checksums in the Layers list worked. The one in "Id" did not work. The one in "Parent" did not work. The one in "Container" did not work. The one in "Image" did not work. Some of them I only tried out of desperation to finally find the correct checksum for my docker image, but I cannot find the correct checksum. Only thing I did not try yet, because of the number of layers, is to go through all of the layers in case they are in a random order. But to put them there like that would not make sense to begin with. The error I see when I run docker build -t <some name> . in the directory of the Dockerfile of the derived image when it is not working is: Step 1/7 : FROM name#sha256:<checksum> repository name not found: does not exist or no pull access Info Docker version: Docker version 17.05.0-ce, build 89658be (obtained via docker --version) Output of docker info: Containers: 0 Running: 0 Paused: 0 Stopped: 0 Images: 3841 Server Version: 17.05.0-ce Storage Driver: aufs Root Dir: /var/lib/docker/aufs Backing Filesystem: extfs Dirs: 2620 Dirperm1 Supported: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host macvlan null overlay Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 9048e5e50717ea4497b757314bad98ea3763c145 runc version: 9c2d8d184e5da67c95d601382adf14862e4f2228 init version: 949e6fa Security Options: apparmor seccomp Profile: default Kernel Version: 4.4.0-78-generic Operating System: Ubuntu 16.04.2 LTS OSType: linux Architecture: x86_64 CPUs: 4 Total Memory: 7.684GiB Name: xiaolong-hp-pavilion ID: QCJS:JPK4:KC7J:6MYF:WWCA:XQM2:7AF7:HWWI:BRZK:GT6B:D2NP:OJFS Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): false Registry: https://index.docker.io/v1/ Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false WARNING: No swap limit support
The checksum docker is looking for in the FROM line comes from the registry server. In the inspect output, you'll see this in the RepoDigest section: docker inspect -f '{{.RepoDigests}}' $image_name If you haven't pushed this image to a registry server, then you won't be able to use this hash value. E.g.: $ docker inspect -f '{{.RepoDigests}}' busybox:latest [busybox#sha256:32f093055929dbc23dec4d03e09dfe971f5973a9ca5cf059cbfb644c206aa83f] $ cat df.testsha FROM busybox#sha256:32f093055929dbc23dec4d03e09dfe971f5973a9ca5cf059cbfb644c206aa83f CMD echo "hello world" $ docker build -f df.testsha -t test-sha . Sending build context to Docker daemon 23.35MB Step 1/2 : FROM busybox#sha256:32f093055929dbc23dec4d03e09dfe971f5973a9ca5cf059cbfb644c206aa83f ---> 00f017a8c2a6 Step 2/2 : CMD echo "hello world" ---> Running in c516e5b6a694 ---> 68dc47866183 Removing intermediate container c516e5b6a694 Successfully built 68dc47866183 Successfully tagged test-sha:latest $ docker run --rm test-sha hello world
Can not pull/push images after update docker to 1.12
The private registry was worked well based on docker 1.10.3,but I can not pull/push images after the docker updated to 1.12.0. I had modified the /etc/sysconfig/docker as: OPTIONS='--selinux-enabled=true --insecure-registry=myip:5000' or OPTIONS='--selinux-enabled=true --insecure-registry myip:5000' but when I exec pull/push,I got this error: $ docker pull myip:5000/cadvisor Using default tag: latest Error response from daemon: Get https://myip:5000/v1/_ping: http: server gave HTTP response to HTTPS client when I change back docker to 1.10.3, it still work well as below: $ docker pull myip:5000/cadvisor Using default tag: latest Trying to pull repository myip:5000/cadvisor ... latest: Pulling from myip:5000/cadvisor 09d0220f4043: Pull complete a3ed95caeb02: Pull complete 151807d34af9: Pull complete 14cd28dce332: Pull complete Digest: sha256:33b6475cd5b7646b3748097af1224de3eee3ba7cf5105524d95c0cf135f59b47 Status: Downloaded newer image for myip/cadvisor:latest Some relative information are listed below: docker version Client: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git commit: 8eab29e Built: OS/Arch: linux/amd64 Server: Version: 1.12.0 API version: 1.24 Go version: go1.6.3 Git commit: 8eab29e Built: OS/Arch: linux/amd64 docker info Containers: 4 Running: 1 Paused: 0 Stopped: 3 Images: 241 Server Version: 1.12.0 Storage Driver: devicemapper Pool Name: docker-253:0-6809-pool Pool Blocksize: 65.54 kB Base Device Size: 107.4 GB Backing Filesystem: xfs Data file: /dev/loop0 Metadata file: /dev/loop1 Data Space Used: 5.459 GB Data Space Total: 107.4 GB Data Space Available: 34.74 GB Metadata Space Used: 9.912 MB Metadata Space Total: 2.147 GB Metadata Space Available: 2.138 GB Thin Pool Minimum Free Space: 10.74 GB Udev Sync Supported: true Deferred Removal Enabled: false Deferred Deletion Enabled: false Deferred Deleted Device Count: 0 Data loop file: /var/lib/docker/devicemapper/devicemapper/data WARNING: Usage of loopback devices is strongly discouraged for production use. Use '--storage-opt dm.thinpooldev' to specify a custom block storage device. Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata Library Version: 1.02.107-RHEL7 (2016-06-09) Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: host overlay null bridge Swarm: inactive Runtimes: runc Default Runtime: runc Security Options: seccomp Kernel Version: 3.10.0-229.el7.x86_64 Operating System: CentOS Linux 7 (Core) OSType: linux Architecture: x86_64 CPUs: 24 Total Memory: 62.39 GiB Name: server_3 ID: TITS:BL4B:M5FE:CIRO:5SW6:TVIV:HW36:J7OS:WLHF:46T6:2RBA:WCNV Docker Root Dir: /var/lib/docker Debug Mode (client): false Debug Mode (server): true File Descriptors: 21 Goroutines: 32 System Time: 2016-08-02T10:33:06.414048675+08:00 EventsListeners: 0 Registry: https://index.docker.io/v1/ WARNING: bridge-nf-call-iptables is disabled WARNING: bridge-nf-call-ip6tables is disabled Insecure Registries: 127.0.0.0/8 docker exec <registry-container> registry -version registry github.com/docker/distribution v2.2.1 After I restart the docker daemon in debug mode, the daemon logs when reproducing my problem are listed below: DEBU[0794] Calling POST /v1.24/images/create?fromImage=10.10.10.40%3A5000%2Fcadvisor&tag=latest DEBU[0794] hostDir: /etc/docker/certs.d/10.10.10.40:5000 DEBU[0794] hostDir: /etc/docker/certs.d/10.10.10.40:5000 DEBU[0794] Trying to pull 10.10.10.40:5000/cadvisor from https://10.10.10.40:5000 v2 WARN[0794] Error getting v2 registry: Get https://10.10.10.40:5000/v2/: http: server gave HTTP response to HTTPS client ERRO[0794] Attempting next endpoint for pull after error: Get https://10.10.10.40:5000/v2/: http: server gave HTTP response to HTTPS client DEBU[0794] Trying to pull 10.10.10.40:5000/cadvisor from https://10.10.10.40:5000 v1 DEBU[0794] hostDir: /etc/docker/certs.d/10.10.10.40:5000 DEBU[0794] attempting v1 ping for registry endpoint https://10.10.10.40:5000/v1/ DEBU[0794] Fallback from error: Get https://10.10.10.40:5000/v1/_ping: http: server gave HTTP response to HTTPS client ERRO[0794] Attempting next endpoint for pull after error: Get https://10.10.10.40:5000/v1/_ping: http: server gave HTTP response to HTTPS client ERRO[0794] Handler for POST /v1.24/images/create returned error: Get https://10.10.10.40:5000/v1/_ping: http: server gave HTTP response to HTTPS client DEBU[1201] clean 2 unused exec commands What's more, I just run a simple command to launch the private registry for test, anything else is by default: docker run -d -p 5000:5000 --restart=always --name registry -v 'pwd'/data:/var/lib/registry registry:2 No proxy is configured. In summary, it is only a quiet sample environment for test.
I had the same issue. This helped for me: Create or modify /etc/docker/daemon.json on the client machine { "insecure-registries":["myregistry.example.com:5000"] } Restart docker daemon sudo /etc/init.d/docker restart
For Windows users Add local registry here and apply:
For Mac Users: Update the docker preferences using the (docker) icon in top bar Preferences -> Daemon -> Insecure Registry [Click (+) sign] -> add :port hit "Apply & Restart" button at bottom
I also had same issue and followed below steps: 1. Create file vi /etc/docker/daemon.json 2. Add below content { "insecure-registries":["192.168.1.142:5000"] } 3.Restart Docker service docker restart
If you are using Windows and you get this error you need to create a file here: "C:\ProgramData\docker\config\daemon.json" and do the same as #Bspec mentioned above: { "insecure-registries":["myregistry.example.com:5000"] } Then restart docker using PowerShell commands: Stop-Service docker Start-Service docker
modifying "/etc/docker/daemon.json" didn't work for me. Putting it under "/etc/sysconfig/docker" as below, worked. INSECURE_REGISTRY="--insecure-registry 192.168.24.1:8787"
In order to push, add the ip to insecure registry on the client side (e.g. for Windows) To pull, add it to the server side (in this case Ubuntu) vim /etc/docker/daemon.json and then restart Docker.
None of the solutions worked on Ubuntu 18.04 so spend some time to find the root cause. Steps to solve an issue sudo vi /lib/systemd/system/docker.service # ExecStart=dockerd .... --insecure-registry=192.168.99.100:5000 sudo systemctl stop docker.service sudo systemctl daemon-reload sudo systemctl start docker.service What was the issue? I would recommend to check where exactly dockerd options are configured regardless of you Linux distribution with: sudo find /etc /lib -name 'docker*' | while read -r line; do grep dockerd $line /dev/null; done
first test localy docker push localhost:5000/<ImageName> if docker pushed is Done going to another server and do it: sudo nano /etc/docker/daemon.json {"insecure-registries" : ["<HostName or IP Address registry server>:5000"]} Saving and... and for next sudo systemctl daemon-reload sudo service docker restart nice! now docker pushing on another server: docker tag <image id> <HostName or IP Address registry server>:5000/<ImageName> docker push <HostName or IP Address registry server>:5000/<ImageName> Enjoy It.