Bug 1284191 - virt-builder cgroup error when running docker
virt-builder cgroup error when running docker
Status: NEW
Product: Virtualization Tools
Classification: Community
Component: libguestfs (Show other bugs)
unspecified
Unspecified Linux
unspecified Severity unspecified
: ---
: ---
Assigned To: Richard W.M. Jones
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-21 14:11 EST by James (purpleidea)
Modified: 2015-12-01 00:03 EST (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description James (purpleidea) 2015-11-21 14:11:16 EST
Description of problem:
cgroup problem in virt-builder environment.

Version-Release number of selected component (if applicable):
F21 virt-builder, but probably also the version in git master or in F23.
$ virt-builder --version
virt-builder 1.28.12

How reproducible:
100%

Steps to Reproduce:
1. run `docker pull ...` in a virt-builder environment as done here: 
https://github.com/purpleidea/vagrant-builder/blob/master/v7/files/docker.sh#L15
2. See failure message shown below

Actual results:
Fail.

Expected results:
Awesomeness!

Additional info:
Please note, this used to work, but probably regressed because of a change requiring that mount in a newer version of docker, but unfortunately virt-builder users feel the pain.

time="2015-11-21T12:51:43-05:00" level=warning msg="please use 'docker daemon' instead." 
time="2015-11-21T12:51:43.384694060-05:00" level=info msg="Listening for HTTP on unix (/var/run/docker.sock)" 
time="2015-11-21T12:51:43.403900633-05:00" level=warning msg="Udev sync is not supported. This will lead to unexpected behavior, data loss and errors. For more information, see https://docs.docker.com/reference/commandline/cli/#daemon-storage-driver-option" 
time="2015-11-21T12:51:43.504197080-05:00" level=error msg="WARNING: No --storage-opt dm.thinpooldev specified, using loopback; this configuration is strongly discouraged for production use" 
Using default tag: latest
time="2015-11-21T12:51:56.521250376-05:00" level=warning msg="Docker could not enable SELinux on the host system" 
time="2015-11-21T12:51:56.529571967-05:00" level=info msg="Option DefaultDriver: bridge" 
time="2015-11-21T12:51:56.529653783-05:00" level=info msg="Option DefaultNetwork: bridge" 
time="2015-11-21T12:51:56.536095303-05:00" level=warning msg="Running modprobe bridge nf_nat br_netfilter failed with message: , error: exit status 1" 
time="2015-11-21T12:51:56.699976588-05:00" level=warning msg="Your kernel does not support cgroup memory limit: mountpoint for memory not found" 
time="2015-11-21T12:51:56.700151423-05:00" level=warning msg="mountpoint for cpu not found" 
time="2015-11-21T12:51:56.713013770-05:00" level=fatal msg="Error starting daemon: Devices cgroup isn't mounted" 
Post http:///var/run/docker.sock/v1.20/images/create?fromImage=centos%3Alatest: read unix /var/run/docker.sock: connection reset by peer.
* Are you trying to connect to a TLS-enabled daemon without TLS?
* Is your docker daemon up and running?
v
Comment 1 Richard W.M. Jones 2015-11-24 06:06:15 EST
I suspect this is caused by:

https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358

That's a fairly unnecessary memory optimization.  Does removing
that line fix the problem?
Comment 2 James (purpleidea) 2015-11-24 11:33:40 EST
(In reply to Richard W.M. Jones from comment #1)
> I suspect this is caused by:
> 
> https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358
> 
> That's a fairly unnecessary memory optimization.  Does removing
> that line fix the problem?

Doh! I don't have the env setup to test this right now, but it looks like a likely suspect. Thanks for pointing it out. I'm vaguely on vacation this week, but if nobody gets to it I'll try and give this a whirl in some spare time next week and send a patch.

Cheers,
James
Comment 3 Pino Toscano 2015-11-25 12:13:33 EST
(In reply to Richard W.M. Jones from comment #1)
> I suspect this is caused by:
> 
> https://github.com/libguestfs/libguestfs/blob/master/src/launch.c#L358
> 
> That's a fairly unnecessary memory optimization.  Does removing
> that line fix the problem?

Yes and no: it removes the aforementioned error line, but then it fails on something related:

time="2015-11-25T12:11:03.881009725-05:00" level=fatal msg="Error starting daemon: Devices cgroup isn't mounted" 

Sounds like the docker daemon expects much more things (like cgroups) set up just like systemd does.
Comment 4 James (purpleidea) 2015-12-01 00:03:51 EST
I opened this in case it helps work around the docker issue:
https://github.com/docker/docker/issues/18323

Note You need to log in before you can comment on or make changes to this bug.