I am facing an issue installing docker-ce from package on a server that has no internet access.
This is the version of my Linux | centos-release-7-2.1511.el7.centos.2.10.x86_64
Virtualization: vmware
Operating system: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-327.el7.x86_64
Architecture: x86-64
Im trying to follow the instructions as set here however since the box doesnt have internet I can't do the yum install.
So I was doing it with rpm -ivh. So far im getting dependency errors after dependency errors.
I tried these 3 versions of docker and all of them are giving out a dependency errors.
-rw-r--r--. 1 root root 19521288 Nov 8 00:52 docker-ce-17.03.0.ce-1.el7.centos.x86_64.rpm
-rw-r--r--. 1 root root 19529520 Nov 8 00:02 docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm
-rw-r--r--. 1 root root 29108 Nov 8 00:53 docker-ce-selinux-17.03.0.ce-1.el7.centos.noarch.rpm
-rw-r--r--. 1 root root 29108 Nov 8 00:03 docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm
-rw-r--r--. 1 root root 19509116 Nov 8 01:26 docker-engine-1.13.1-1.el7.centos.x86_64.rpm
-rw-r--r--. 1 root root 29024 Nov 8 01:26 docker-engine-selinux-1.13.1-1.el7.centos.noarch.rpm
rpm -ivh /docker/images/docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm
warning: /docker/images/docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
error: Failed dependencies:
docker-ce-selinux >= 17.03.2.ce-1.el7.centos is needed by docker-ce-17.03.2.ce-1.el7.centos.x86_64
rpm -ivh /docker/images/docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm
warning: /docker/images/docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
error: Failed dependencies:
selinux-policy-base >= 3.13.1-102 is needed by docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch
selinux-policy-targeted >= 3.13.1-102 is needed by docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch
So I tried looking for that selinux package the I found on the site below:
I tried installing the rpm from rpmfindand unfortunately, its asking for another dependency.
rpm -ivh selinux-policy-minimum-3.13.1-102.el7.noarch.rpm
warning: selinux-policy-minimum-3.13.1-102.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
error: Failed dependencies:
policycoreutils-python >= 2.5 is needed by selinux-policy-minimum-3.13.1-102.el7.noarch
selinux-policy = 3.13.1-102.el7 is needed by selinux-policy-minimum-3.13.1-102.el7.noarch
rpm -ivh selinux-policy-targeted-3.13.1-102.el7.noarch.rpm
warning: selinux-policy-targeted-3.13.1-102.el7.noarch.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
error: Failed dependencies:
policycoreutils >= 2.5 is needed by selinux-policy-targeted-3.13.1-102.el7.noarch
selinux-policy = 3.13.1-102.el7 is needed by selinux-policy-targeted-3.13.1-102.el7.noarch
Has anyone tried installing docker on this version of centos before that has no access to the internet?
Do you have any easier way of getting through this?
Thank you in advance!
On a machine with internet, download all dependencies:
mkdir -p offline_repo && cd offline_repo
curl -O https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm
curl -O https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm
yum install --downloadonly --downloaddir=. docker-ce-*.rpm
You can do it on any machine (any OS) that have docker installed and internet access, you can download the dependencies within a container:
mkdir offline_repo
docker run --rm -it -v $PWD/offline_repo:/offline_repo centos:7.2.1511 \
sh -c 'cd /offline_repo \
&& curl -O https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm \
&& curl -O https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm \
&& yum install --downloadonly --downloaddir=. docker-ce-*.rpm'
Now you should have all required packages available in the offline_repo dir, which should look like this:
$ ls -1 offline_repo/
audit-libs-2.6.5-3.el7_3.1.x86_64.rpm
audit-libs-python-2.6.5-3.el7_3.1.x86_64.rpm
checkpolicy-2.5-4.el7.x86_64.rpm
docker-ce-17.03.2.ce-1.el7.centos.x86_64.rpm
docker-ce-selinux-17.03.2.ce-1.el7.centos.noarch.rpm
iptables-1.4.21-17.el7.x86_64.rpm
libcgroup-0.41-11.el7.x86_64.rpm
libmnl-1.0.3-7.el7.x86_64.rpm
libnetfilter_conntrack-1.0.6-1.el7_3.x86_64.rpm
libnfnetlink-1.0.1-4.el7.x86_64.rpm
libseccomp-2.3.1-2.el7.x86_64.rpm
libselinux-2.5-6.el7.x86_64.rpm
libselinux-python-2.5-6.el7.x86_64.rpm
libselinux-utils-2.5-6.el7.x86_64.rpm
libsemanage-2.5-5.1.el7_3.x86_64.rpm
libsemanage-python-2.5-5.1.el7_3.x86_64.rpm
libsepol-2.5-6.el7.x86_64.rpm
libtool-ltdl-2.4.2-22.el7_3.x86_64.rpm
policycoreutils-2.5-11.el7_3.x86_64.rpm
policycoreutils-python-2.5-11.el7_3.x86_64.rpm
python-IPy-0.75-6.el7.noarch.rpm
selinux-policy-3.13.1-102.el7_3.16.noarch.rpm
selinux-policy-minimum-3.13.1-102.el7_3.16.noarch.rpm
selinux-policy-targeted-3.13.1-102.el7_3.16.noarch.rpm
setools-libs-3.3.8-1.1.el7.x86_64.rpm
systemd-219-30.el7_3.9.x86_64.rpm
systemd-libs-219-30.el7_3.9.x86_64.rpm
Then simply copy it to the offline machine, then install all packages:
cd offline_repo
yum install -y --cacheonly --disablerepo=* *.rpm
Related
Background
I have a Jenkins server on Ubuntu 18.04 running Java version 11, checked by visiting /manage/systemInfo
java.specification.version 11
I have implemented docker build slaves based on Ubuntu 22.04 where I have specified that the java version should be 11:
# install java for Jenkins
RUN apt-get install -qy openjdk-11-jdk
I was wondering that all the build nodes stood as offline, and reading the log saw this:
Error: A JNI error has occurred, please check your installation and try again
Exception in thread "main" java.lang.UnsupportedClassVersionError: hudson/remoting/Launcher has been compiled by a more recent version of the Java Runtime (class file version 55.0), this version of the Java Runtime only recognizes class file versions up to 52.0
This question references List of Java class file format major version numbers? the Class versions:
52 is java 8
55 is java 11
and sure enough, a little further back in the log:
[11/14/22 18:35:38] [SSH] Checking java version of java
[11/14/22 18:35:38] [SSH] java -version returned 1.8.0_312.
so I went hunting for the culprit:
Attempts to find the culprit
sudo docker container exec 20e1bfe2b182 ls -l /usr/bin/java returned
/usr/bin/java -> /etc/alternatives/java
sudo docker container exec 20e1bfe2b182 ls -l /etc/alternatives/java returned
/etc/alternatives/java -> /usr/lib/jvm/java-11-openjdk-amd64/bin/java
and even injected RUN java -version into my Dockerfile before the line installing opendjk (which indicated no java was installed...)
On the host I have run apt list --installed |grep jdk
openjdk-11-jdk/bionic-updates,bionic-security,now 11.0.17+8-1ubuntu2~18.04 amd64 [installed]
openjdk-11-jdk-headless/bionic-updates,bionic-security,now 11.0.17+8-1ubuntu2~18.04 amd64 [installed]
openjdk-11-jre/bionic-updates,bionic-security,now 11.0.17+8-1ubuntu2~18.04 amd64 [installed]
openjdk-11-jre-headless/bionic-updates,bionic-security,now 11.0.17+8-1ubuntu2~18.04 amd64 [installed,automatic]
... the same command on the docker image gave similar results...
find -name java* 2>/dev/null run from / did not give anything useful either
which java output
HOST:
$ which java
/usr/bin/java
$ ls -l /usr/bin/java
lrwxrwxrwx 1 root root 22 Nov 24 2018 /usr/bin/java -> /etc/alternatives/java
$ ls -l /etc/alternatives/java
lrwxrwxrwx 1 root root 43 Jan 25 2022 /etc/alternatives/java -> /usr/lib/jvm/java-11-openjdk-amd64/bin/java
docker
$ sudo docker compose run man which java
/usr/bin/java
$ sudo docker compose run man ls -l /usr/bin/java
lrwxrwxrwx 1 root root 22 Nov 14 20:28 /usr/bin/java -> /etc/alternatives/java
$ sudo docker compose run man ls -l /etc/alternatives/java
lrwxrwxrwx 1 root root 43 Nov 14 20:28 /etc/alternatives/java -> /usr/lib/jvm/java-11-openjdk-amd64/bin/java
echo $PATH output
HOST
$ echo $PATH
/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin
docker
$ sudo docker compose run man echo $PATH
/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
Potential workaround
Adding this to my Dockerfile seems to almost solve the issue:
RUN ln -s /usr/lib/jvm/java-11-openjdk-amd64/ /home/jenkins/jdk
RUN chown jenkins:jenkins /home/jenkins/jdk
Question
... so where does the JDK version 8 come from?
So I am running into an error with the latest docker build from alpine. alpine:3.14.0 was released about a day ago and was trying to install libressl and libressl-dev and both seem to fail with the error below. My work around at the moment was to build using the alpine:3.12.0 as 3.12.0 seems to not have libretls installed. Although I would like to know how to fix this. I tried to remove libretls but that didn't work (error also below). Thanks
$ docker -v
Docker version 20.10.6, build 370c289
$ docker run --rm -it alpine /bin/ash
/ # apk add libressl-dev
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
(1/5) Installing libressl3.3-libcrypto (3.3.3-r0)
(2/5) Installing libressl3.3-libssl (3.3.3-r0)
(3/5) Installing libressl3.3-libtls (3.3.3-r0)
ERROR: libressl3.3-libtls-3.3.3-r0: trying to overwrite usr/lib/libtls.so.20 owned by libretls-3.3.3-r0.
ERROR: libressl3.3-libtls-3.3.3-r0: trying to overwrite usr/lib/libtls.so.20.0.3 owned by libretls-3.3.3-r0.
(4/5) Installing pkgconf (1.7.4-r0)
(5/5) Installing libressl-dev (3.3.3-r0)
Executing busybox-1.33.1-r2.trigger
1 error; 41 MiB in 19 packages
/ #
/ # apk info libretls
libretls-3.3.3-r0 description:
port of libtls from libressl to openssl
libretls-3.3.3-r0 webpage:
https://git.causal.agency/libretls/
libretls-3.3.3-r0 installed size:
84 KiB
/ #
/ # apk del libretls
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.14/main: No such file or directory
WARNING: Ignoring https://dl-cdn.alpinelinux.org/alpine/v3.14/community: No such file or directory
World updated, but the following packages are not removed due to:
libretls: busybox alpine-baselayout apk-tools
OK: 6 MiB in 14 packages
/ # exit
this is the upstream issue. Downgrading to alpine 3.13 works for now until the issue is fixed.
Normally docker images support fixed alpine versions (thanks to MrGlass comment). For example
python:3-alpine -> python:3-alpine3.13
php:7.4-fpm-alpine -> php:7.4-fpm-alpine3.13
I have a requirement where i have to make a local repo for installing packages docker.io,jq and nmap instead of from public repo on ubuntu system(Linux ip-172-31-29-180 4.15.0-1065-aws #69-Ubuntu SMP Thu Mar 26 02:17:29 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux).
I have followed following steps
1) installed apache and created directory debs and debs/amd64 in /var/www/html , configuring local repo
2) downloaded deb file from https://download.docker.com/linux/debian/dists/buster/pool/stable/amd64 as my debian verions is buster (files are containerd.io_1.2.6-3_amd64.deb docker-ce-cli_19.03.8~3-0~debian-buster_amd64.deb docker.io_18.09.1+dfsg1-7.1+deb10u1_amd64.deb)
3) making downloaded package known to local repo
apt-install dpkg-dev -y
cd /var/www/html/debs
dpkg-scanpackages amd64 | gzip -9c > amd64/Packages.gz
4) configuring apt to download from localhost repo
echo "deb http://localhost/debs/ amd64/" > /etc/apt/sources.list
5) apt install docker.io gives error
E: Package 'docker.io' has no installation candidate
although when i do a apt list| grep docker.io it gives below o/p
docker.io/now 19.03.6-0ubuntu1~18.04.1 amd64 [residual-config]
Any idea what i am doing wrong so i cannot install docker.io from local repo using deb files
I was able to solve the issue after adding [trusted=yes] inside the sources.list file echo "deb [trusted=yes] localhost/debs amd64/" > /etc/apt/sources.list
I'm testing dr-elephant :
https://github.com/damienclaveau/docker-dr-elephant
But when i run :
docker build -t dr-elephant:2.0.6 .
I'm getting
Complete!
Last metadata expiration check: 0:00:19 ago on Thu Oct 24 07:51:21 2019.
No match for argument: krb5-auth-dialog
No match for argument: pam_krb5
Error: Unable to find a match
The command '/bin/sh -c yum install -y wget git unzip zip which && yum install -y krb5-server krb5-libs krb5-workstation && yum install -y krb5-auth-dialog pam_krb5 && yum install -y openssh-server openssh-clients && yum clean all' returned a non-zero code: 1
Any idea on how to fix this ?
Thanks
The error is right there: yum couldn't install packages named pam_krb5 and krb5-auth-dialog
You can easily test this by running the centos image and try to install those packages:
[root#228fcb9e4c19 /]# yum install -y krb5-auth-dialog pam_krb5
Failed to set locale, defaulting to C
CentOS-8 - AppStream 1.1 MB/s | 6.0 MB 00:05
CentOS-8 - Base 2.0 MB/s | 7.9 MB 00:03
CentOS-8 - Extras 634 B/s | 2.1 kB 00:03
No match for argument: krb5-auth-dialog
No match for argument: pam_krb5
Error: Unable to find a match
About how to fix this... you could try to remove that line (9 in the Dockerfile), but how do you know whether those packages were necessary by the app or not? So your best bet is to just contact the owner and tell him that his Dockerfile no longer works (it's 2 years old).
Usually this problem arises because the base image doesn't have a fixed version. You can check it's using FROM centos:latest, but today's centos is not the same as the centos of two years ago. You could also just try to edit the tag of the base image and use an older centos version, it might or might not work.
When I run docker build I get this:
Sending build context to Docker daemon 10.24kB
WARN[11935] Couldn't run auplink before unmount /var/lib/docker/aufs/mnt/21647778a50f097d4535246ec5206960dd909f4bb8b0e3d04fdd53a7402fc2de-init: exec: "auplink": executable file not found in $PATH
Step 1/2 : FROM debian:jessie
---> 86baf4e8cde9
Step 2/2 : RUN apt-get update
WARN[11935] Couldn't run auplink before unmount /var/lib/docker/aufs/mnt/21647778a50f097d4535246ec5206960dd909f4bb8b0e3d04fdd53a7402fc2de: exec: "auplink": executable file not found in $PATH
---> Running in 1fef9bef5bf7
ERRO[11934] containerd: start container error="shim error: fork/exec /usr/bin/docker-runc: exec format error" id=1fef9bef5bf77141a97669d2aa785e74f9027a849919a937f714e93fbae3916d
ERRO[11935] Create container failed with error: shim error: fork/exec /usr/bin/docker-runc: exec format error
ERRO[11934] containerd: deleting container error="fork/exec /usr/bin/docker-runc: exec format error: \"\""
WARN[11935] Couldn't run auplink before unmount /var/lib/docker/aufs/mnt/21647778a50f097d4535246ec5206960dd909f4bb8b0e3d04fdd53a7402fc2de: exec: "auplink": executable file not found in $PATH
shim error: fork/exec /usr/bin/docker-runc: exec format error
Here is the content of my Dockerfile:
FROM debian:jessie
RUN apt-get update
What is the issue? It makes no sens to me.
ll /usr/bin | grep docker
-rwxr-xr-x 1 root root 18471276 Aug 3 22:08 docker*
-rwxr-xr-x 1 root root 9938352 Aug 3 22:08 docker-containerd*
-rwxr-xr-x 1 root root 8941944 Aug 3 22:08 docker-containerd-ctr*
-rwxr-xr-x 1 root root 3824920 Aug 3 22:08 docker-containerd-shim*
-rwxr-xr-x 1 root root 40328816 Aug 3 22:08 dockerd*
-rwxr-xr-x 1 root root 0 Aug 3 22:08 docker-init*
-rwxr-xr-x 1 root root 0 Aug 3 22:08 docker-proxy*
-rwxr-xr-x 1 root root 0 Aug 3 22:08 docker-runc*
-rwxr-xr-x 1 root root 8962864 Aug 3 21:40 docker-volume-local-persist*
Installing from https://docs.docker.com/engine/installation/linux/docker-ce/binaries/
file $(which docker-runc):
/usr/bin/docker-runc: ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.32, BuildID[sha1]=e3d80e183baf26a9d48c3f0435931d42aa1bf340, not stripped
lsb_release -a
Distributor ID: Ubuntu
Description: Ubuntu 17.04
Release: 17.04
Codename: zesty
docker --version
Docker version 17.06.0-ce, build 02c1d87
dockerd --version
Docker version 17.06.0-ce, build 02c1d87
docker-containerd --version
containerd version 0.2.3 commit: cfb82a876ecc11b5ca0977d1733adbe58599088a
docker-containerd-ctr --version
ctr version 0.2.3 commit: cfb82a876ecc11b5ca0977d1733adbe58599088a
docker-init --version
tini version 0.13.0 - git.949e6fa
docker-runc --version
runc version 1.0.0-rc3
commit: 2d41c047c83e09a6d61d464906feb2a2f3c52aa4
spec: 1.0.0-rc5
Is this running on a non-Intel/ARM 64-bit Ubuntu? For example a Raspberry Pi or ARM64 CPU? This error:
shim error: fork/exec /usr/bin/docker-runc: exec format error
Would imply that either (a) the binary install on your machine is corrupted in some way, or (b) you are attempting to run a binary for a different architecture on your system.
Can you post the output of uname -a and file /usr/bin/docker-runc? That might help narrow down the source of your problem.
It looks like something related to aufs FS, What OS Do you use ? and Did you recently updated your machine ?
Update:
For CONFIG_MEMCG_SWAP_ENABLED: missing, CONFIG_RT_GROUP_SCHED: missing and warning: /proc/config.gz does not exist, searching other paths for kernel config ...
These are missing kernel configuration and flags, Please make sure you installed linux-image-extra-$(uname -r) linux-image-extra-virtual, First make sure you stopped docker daemon sudo systemctl stop docker and install these packages (contains extra driver that support containers and aufs check docker docs https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu):
sudo apt-get install \
linux-image-extra-$(uname -r) \
linux-image-extra-virtual
And update your grub GRUB_CMDLINE_LINUX_DEFAULT add thesecgroup_enable=memory swapaccount=1 to your /etc/default/grubconfiguration file then update your grub sudo update-grub check https://github.com/moby/moby/issues/4250 && https://github.com/moby/moby/pull/4251
For aufs problems there is another solution for modern dockers as docker moved from aufs to overlay and overlay2 is to configure your machine and apply overlay but make sure you backed up your docker images and containers as this fix might make you lose them check Unable to start Docker Service in Ubuntu 16.04