Bug 1284191 - virt-builder cgroup error when running docker
Summary: virt-builder cgroup error when running docker
Keywords:
Status: NEW
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libguestfs
Version: unspecified
Hardware: Unspecified
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Richard W.M. Jones
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2015-11-21 19:11 UTC by James (purpleidea)
Modified: 2018-07-18 14:45 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)

Description James (purpleidea) 2015-11-21 19:11:16 UTC
Description of problem:
cgroup problem in virt-builder environment.

Version-Release number of selected component (if applicable):
F21 virt-builder, but probably also the version in git master or in F23.
$ virt-builder --version
virt-builder 1.28.12

How reproducible:
100%

Steps to Reproduce:
1. run `docker pull ...` in a virt-builder environment as done here: 
https://github.com/purpleidea/vagrant-builder/blob/master/v7/files/docker.sh#L15
2. See failure message shown below

Actual results:
Fail.

Expected results:
Awesomeness!

Additional info:
Please note, this used to work, but probably regressed because of a change requiring that mount in a newer version of docker, but unfortunately virt-builder users feel the pain.

time="2015-11-21T12:51:43-05:00" level=warning msg="please use 'docker daemon' instead." 
time="2015-11-21T12:51:43.384694060-05:00" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)" 
time="2015-11-21T12:51:43.403900633-05:00" level=warning msg="Udev sync is not supported. This will lead to unexpected behavior, data loss and errors. For more information, see https://docs.docker.com/reference/commandline/cli/#daemon-storage-driver-option" 
time="2015-11-21T12:51:43.504197080-05:00" level=error msg="WARNING: No --storage-opt dm.thinpooldev specified, using loopback; this configuration is strongly discouraged for production use" 
Using default tag: latest
time="2015-11-21T12:51:56.521250376-05:00" level=warning msg="Docker could not enable SELinux on the host system" 
time="2015-11-21T12:51:56.529571967-05:00" level=info msg="Option DefaultDriver: bridge" 
time="2015-11-21T12:51:56.529653783-05:00" level=info msg="Option DefaultNetwork: bridge" 
time="2015-11-21T12:51:56.536095303-05:00" level=warning msg="Running modprobe bridge nf_nat br_netfilter failed with message: , error: exit status 1" 
time="2015-11-21T12:51:56.699976588-05:00" level=warning msg="Your kernel does not support cgroup memory limit: mountpoint for memory not found" 
time="2015-11-21T12:51:56.700151423-05:00" level=warning msg="mountpoint for cpu not found" 
time="2015-11-21T12:51:56.713013770-05:00" level=fatal msg="Error starting daemon: Devices cgroup isn't mounted" 
Post http:///var/run/docker.sock/v1.20/images/create?fromImage=centos%3Alatest: read unix /var/run/docker.sock: connection reset by peer.
* Are you trying to connect to a TLS-enabled daemon without TLS?
* Is your docker daemon up and running?
v

Comment 1 Richard W.M. Jones 2015-11-24 11:06:15 UTC
I suspect this is caused by:

https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358

That's a fairly unnecessary memory optimization.  Does removing
that line fix the problem?

Comment 2 James (purpleidea) 2015-11-24 16:33:40 UTC
(In reply to Richard W.M. Jones from comment #1)
> I suspect this is caused by:
> 
> https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358
> 
> That's a fairly unnecessary memory optimization.  Does removing
> that line fix the problem?

Doh! I don't have the env setup to test this right now, but it looks like a likely suspect. Thanks for pointing it out. I'm vaguely on vacation this week, but if nobody gets to it I'll try and give this a whirl in some spare time next week and send a patch.

Cheers,
James

Comment 3 Pino Toscano 2015-11-25 17:13:33 UTC
(In reply to Richard W.M. Jones from comment #1)
> I suspect this is caused by:
> 
> https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358
> 
> That's a fairly unnecessary memory optimization.  Does removing
> that line fix the problem?

Yes and no: it removes the aforementioned error line, but then it fails on something related:

time="2015-11-25T12:11:03.881009725-05:00" level=fatal msg="Error starting daemon: Devices cgroup isn't mounted" 

Sounds like the docker daemon expects much more things (like cgroups) set up just like systemd does.

Comment 4 James (purpleidea) 2015-12-01 05:03:51 UTC
I opened this in case it helps work around the docker issue:
https://github.com/docker/docker/issues/18323


Note You need to log in before you can comment on or make changes to this bug.