1331781 – Duplicate mount point error when using --tmpfs on a mountpoint which is already defined in Dockerfile as VOLUME

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1331781 - Duplicate mount point error when using --tmpfs on a mountpoint which is already defined in Dockerfile as VOLUME

Summary: Duplicate mount point error when using --tmpfs on a mountpoint which is alrea...

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	docker-latest
Sub Component:
Version:	7.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Antonio Murdaca
QA Contact:	atomic-bugs@redhat.com
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-04-29 13:39 UTC by Jan Pazdziora
Modified:	2016-08-04 13:46 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-08-04 13:46:13 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2016:1447	0	normal	SHIPPED_LIVE	docker-latest bug fix and enhancement fix update	2016-08-05 19:35:10 UTC

Description Jan Pazdziora 2016-04-29 13:39:30 UTC

Description of problem:

Systemd in container needs /run to be a separate volume or it complains

# docker run --rm -ti -v /sys/fs/cgroup:/sys/fs/cgroup:ro rhel7 /usr/sbin/init
Failed to mount tmpfs at /run: Operation not permitted
[!!!!!!] Failed to mount API filesystems, freezing.

So in my FreeIPA server Dockerfiles I do

VOLUME /run

to minimize the number of options that users have to pass docker run (avoid having to specify -v /run).

This works but with Docker 1.10, it'd be good to be able to use --tmpfs for that volume.

Version-Release number of selected component (if applicable):

docker-common-1.9.1-38.el7.x86_64
docker-latest-1.10.3-19.el7.x86_64

How reproducible:

Deterministic.

Steps to Reproduce:
1. Have Dockerfile:

FROM rhel7
VOLUME /run

2. Built image with docker build -t test-tmpfs .
3. Run docker run --rm -ti test-tmpfs true, see it pass.
4. Run docker run --rm -ti --tmpfs /run test-tmpfs true.

Actual results:

docker: Error response from daemon: Cannot start container 4086ca4dc1a375346d28a12ab34c45448f898614b21c6960f42008fa76e19639: Duplicate mount point '/run'.

Expected results:

No error, Docker just using tmpfs for the /run volume.

Additional info:

This is primarily compatibility and upgrade issue. Since it does not seem to be possible to specify the TMPFS in Dockerfile, it needs to be specified as docker run parameter. But it's not available with docker 1.9-, so it has to be optional. It be good if people on docker 1.10+ could take the advantage of --tmpfs, and people with older dockers could just keep using the built-in VOLUME /run definition.

Comment 2 Antonio Murdaca 2016-06-03 20:42:48 UTC

I'm going to reproduce and probably report upstream as well.

Comment 3 Antonio Murdaca 2016-06-04 16:52:11 UTC

can reproduce with 1.12-dev also - I'm going to work on this with upstream since I think --tmpfs should be handled the same as bind mounts (Dan correct me if I'm wrong)

assuming "test" has been built with "VOLUME /run":

docker run --rm -v /tmp:/run test true <--- this pass
docker run --rm --tmpfs /run test true <--- this should pass as well

I think the behavior should be the same

Comment 4 Daniel Walsh 2016-06-05 19:02:30 UTC

I agree.

Comment 5 Antonio Murdaca 2016-06-05 19:16:51 UTC

Alright, I'm already working on it

Comment 6 Antonio Murdaca 2016-06-06 10:13:53 UTC

Discussion and PR upstream: https://github.com/docker/docker/pull/23301

Comment 8 Luwen Su 2016-06-12 14:09:21 UTC

Still in error with docker-latest-1.10.3-40.el7.x86_64:
# docker-latest run --rm -ti --tmpfs /run test-tmpfs true
docker: Error response from daemon: Cannot start container 4db05f807cafb33fa027792b8be72d241c020536c9e22220d0d8e310c6c33229: Duplicate mount point '/run'.

do we need a new build to include it?

Comment 9 Antonio Murdaca 2016-06-12 14:20:18 UTC

This should not have been in modified state - still working on this with upstream

Comment 10 Daniel Walsh 2016-06-13 15:16:11 UTC

It should be removed from the errata then...

Comment 11 Lokesh Mandvekar 2016-06-13 15:27:25 UTC

alright, i'll remove it

Comment 13 Antonio Murdaca 2016-06-15 17:15:29 UTC

merged upstream :) Dan, will be going to carry a patch for this in 1.10.3?

Comment 14 Daniel Walsh 2016-06-15 18:32:35 UTC

Yes we should carry a patch.

Comment 18 Luwen Su 2016-07-25 09:09:14 UTC

In docker-latest-1.10.3-46.el7.8.x86_64,
steps per comment#8, move to verified.

#docker-latest run --rm -ti --tmpfs /run test-tmpfs true
# echo $?
0

Comment 20 errata-xmlrpc 2016-08-04 13:46:13 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-1447.html

Note You need to log in before you can comment on or make changes to this bug.