Description of problem: cgroup problem in virt-builder environment. Version-Release number of selected component (if applicable): F21 virt-builder, but probably also the version in git master or in F23. $ virt-builder --version virt-builder 1.28.12 How reproducible: 100% Steps to Reproduce: 1. run `docker pull ...` in a virt-builder environment as done here: https://github.com/purpleidea/vagrant-builder/blob/master/v7/files/docker.sh#L15 2. See failure message shown below Actual results: Fail. Expected results: Awesomeness! Additional info: Please note, this used to work, but probably regressed because of a change requiring that mount in a newer version of docker, but unfortunately virt-builder users feel the pain. time="2015-11-21T12:51:43-05:00" level=warning msg="please use 'docker daemon' instead." time="2015-11-21T12:51:43.384694060-05:00" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)" time="2015-11-21T12:51:43.403900633-05:00" level=warning msg="Udev sync is not supported. This will lead to unexpected behavior, data loss and errors. For more information, see https://docs.docker.com/reference/commandline/cli/#daemon-storage-driver-option" time="2015-11-21T12:51:43.504197080-05:00" level=error msg="WARNING: No --storage-opt dm.thinpooldev specified, using loopback; this configuration is strongly discouraged for production use" Using default tag: latest time="2015-11-21T12:51:56.521250376-05:00" level=warning msg="Docker could not enable SELinux on the host system" time="2015-11-21T12:51:56.529571967-05:00" level=info msg="Option DefaultDriver: bridge" time="2015-11-21T12:51:56.529653783-05:00" level=info msg="Option DefaultNetwork: bridge" time="2015-11-21T12:51:56.536095303-05:00" level=warning msg="Running modprobe bridge nf_nat br_netfilter failed with message: , error: exit status 1" time="2015-11-21T12:51:56.699976588-05:00" level=warning msg="Your kernel does not support cgroup memory limit: mountpoint for memory not found" time="2015-11-21T12:51:56.700151423-05:00" level=warning msg="mountpoint for cpu not found" time="2015-11-21T12:51:56.713013770-05:00" level=fatal msg="Error starting daemon: Devices cgroup isn't mounted" Post http:///var/run/docker.sock/v1.20/images/create?fromImage=centos%3Alatest: read unix /var/run/docker.sock: connection reset by peer. * Are you trying to connect to a TLS-enabled daemon without TLS? * Is your docker daemon up and running? v
I suspect this is caused by: https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358 That's a fairly unnecessary memory optimization. Does removing that line fix the problem?
(In reply to Richard W.M. Jones from comment #1) > I suspect this is caused by: > > https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358 > > That's a fairly unnecessary memory optimization. Does removing > that line fix the problem? Doh! I don't have the env setup to test this right now, but it looks like a likely suspect. Thanks for pointing it out. I'm vaguely on vacation this week, but if nobody gets to it I'll try and give this a whirl in some spare time next week and send a patch. Cheers, James
(In reply to Richard W.M. Jones from comment #1) > I suspect this is caused by: > > https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358 > > That's a fairly unnecessary memory optimization. Does removing > that line fix the problem? Yes and no: it removes the aforementioned error line, but then it fails on something related: time="2015-11-25T12:11:03.881009725-05:00" level=fatal msg="Error starting daemon: Devices cgroup isn't mounted" Sounds like the docker daemon expects much more things (like cgroups) set up just like systemd does.
I opened this in case it helps work around the docker issue: https://github.com/docker/docker/issues/18323