1222352 – F22 beta - Docker mounts /run on tmpfs

Bug 1222352 - F22 beta - Docker mounts /run on tmpfs

Summary: F22 beta - Docker mounts /run on tmpfs

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	docker
Sub Component:
Version:	22
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	Lokesh Mandvekar
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:	AcceptedFreezeException
Depends On:
Blocks:	F22FinalFreezeException
TreeView+	depends on / blocked

Reported:	2015-05-18 00:12 UTC by Dusty Mabe
Modified:	2015-06-02 18:46 UTC (History)
CC List:	13 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-06-02 18:46:14 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
Example run with output. (3.41 KB, text/plain) 2015-05-18 00:12 UTC, Dusty Mabe	no flags	Details
View All

Description Dusty Mabe 2015-05-18 00:12:46 UTC

Created attachment 1026522 [details]
Example run with output.

Description of problem:

The version of Docker in the Fedora 22 repos mounts /run on tmpfs inside the containers. This means that directories that are needed don't exist and cause some applications to fail on startup. A great example of this is the fact that httpd won't start because /run/httpd/ doesn't exist.

Version-Release number of selected component (if applicable):

-bash-4.3# rpm -q docker
docker-1.5.0-25.git5ebfacd.fc22.x86_64
-bash-4.3# rpm-ostree status -p
============================================================
    DEFAULT ON BOOT
----------------------------------------
  version    22.71      
  timestamp  2015-05-17 11:55:08
  id         f45a7408d2c94ac3786932408abf59690a25423f82b3935cf3404a8eae49b8c9.0
  osname     fedora-atomic
  refspec    fedora-atomic:fedora-atomic/f22/x86_64/docker-host
============================================================
  * NON-DEFAULT ROLLBACK TARGET
----------------------------------------
  version    22.66      
  timestamp  2015-05-12 18:53:06
  id         cd414cba85cc98d4f9174037e1a8457b72a2810d90318e1c225233de830bd71f.0
  osname     fedora-atomic
  refspec    fedora-atomic:fedora-atomic/f22/x86_64/docker-host
============================================================


How reproducible:

Always

Steps to Reproduce:
1. Start atomic
2. Start container
3. docker run --rm -it fedora:21 bash
bash-4.3# cat /proc/mounts | grep run
tmpfs /run tmpfs rw,seclabel,nosuid,nodev,noexec,relatime,size=65536k,mode=755 0 0

See attachment for a more thorough example.


Actual results:
/run is mounted on tmpfs

Expected results:
/run to not be mounted over top of

Comment 1 Dusty Mabe 2015-05-18 00:14:52 UTC

There is a new version of docker in testing that seems to alleviate this issue:

https://admin.fedoraproject.org/updates/FEDORA-2015-7836/docker-1.6.0-3.git9d26a07.fc22?_csrf_token=983cc3108828b687120fb1371d9135857591629c

Please test and give karma.

Comment 2 Fedora Blocker Bugs Application 2015-05-18 00:20:40 UTC

Proposed as a Freeze Exception for 22-final by Fedora user dustymabe using the blocker tracking app because:

 With docker-1.5.0-25.git5ebfacd.fc22.x86_64 starting apache containers won't work since /run/ gets mounted over top of and httpd needs /run/httpd/ to exist to start. This is a pretty large issue for Atomic, where the whole goal of the product (at least for now) is to run containers.

Comment 3 Daniel Walsh 2015-05-18 12:34:46 UTC

We are attempting to run docker containers with /run as tmpfs but the code is supposed to grab the underlying /run directory and copy it onto the tmpfs, so that /run/httpd on the image should show up as /run/httpd in the container.

We have a bug on docker save  which we are working to fix.

Comment 4 Petr Schindler 2015-05-18 17:22:00 UTC

Discussed at today's blocker review meeting [1]. 

This bug was accepted as freeze exception: Getting a fix in for docker would be great since it ships on the Server media.

[1] http://meetbot.fedoraproject.org/fedora-blocker-review/2015-05-18

Comment 5 Daniel Walsh 2015-05-18 17:24:53 UTC

Can someone as a bug.  docker-1.6 should be in F22.

Comment 6 Kamil Páral 2015-05-25 10:25:45 UTC

(In reply to Daniel Walsh from comment #5)
> Can someone as a bug.  docker-1.6 should be in F22.

Not sure what you wanted to say.

Should this be mentioned in the CommonBugs, or is it fixed yet (by docker 1.6)?

Comment 7 Daniel Walsh 2015-06-02 18:04:53 UTC

Lokesh we need a new build of docker-1.6.2 in f22.

Comment 8 Dusty Mabe 2015-06-02 18:11:30 UTC

(In reply to Daniel Walsh from comment #7)
> Lokesh we need a new build of docker-1.6.2 in f22.

I think for this bug docker-1.6.0-3.git9d26a07.fc22 took care of it.

Note You need to log in before you can comment on or make changes to this bug.