1362623 – Cannot run containers with docker

Bug 1362623 - Cannot run containers with docker

Summary: Cannot run containers with docker

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	docker
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	---
Assignee:	Antonio Murdaca
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-08-02 16:55 UTC by Lukas Slebodnik
Modified:	2016-10-22 11:10 UTC (History)
CC List:	15 users (show)
Fixed In Version:	docker-1.12.0-6.gitad4812e.fc26.x86_64.rpm
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2016-08-05 07:48:04 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Lukas Slebodnik 2016-08-02 16:55:17 UTC

Description of problem:
I tried to run docker containers on fedora rawhide but it failed

[root@host sbin]# systemctl status -n0 docker docker-containerd.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-08-02 18:28:38 CEST; 1min 34s ago
     Docs: http://docs.docker.com
 Main PID: 26512 (dockerd)
    Tasks: 15
   CGroup: /system.slice/docker.service
           └─26512 dockerd --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald -s btrfs

● docker-containerd.service - Containerd Standalone OCI Container Daemon
   Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service; disabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-08-02 18:28:38 CEST; 1min 35s ago
     Docs: https://containerd.tools/
 Main PID: 26510 (docker-containe)
    Tasks: 10
   CGroup: /system.slice/docker-containerd.service
           └─26510 /usr/libexec/docker/docker-containerd --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true

[root@host sbin]# docker run --rm fedora:23 cat /etc/os-release
docker: Error response from daemon: containerd-shim not installed on system.

I tried to change arguments for service docker-containerd but it didn't help
even tough there is correct argument "--runtime" for docker-containerd

[root@host sbin]# mkdir /etc/systemd/system/docker-containerd.service.d/

[root@host sbin]# edit /etc/systemd/system/docker-containerd.service.d/temp.conf

[root@host sbin]# systemctl daemon-reload 

[root@host sbin]# systemctl cat docker-containerd
# /usr/lib/systemd/system/docker-containerd.service
[Unit]
Description=Containerd Standalone OCI Container Daemon
Documentation=https://containerd.tools/
After=network.target

[Service]
ExecStart=/usr/libexec/docker/docker-containerd --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true
TasksMax=infinity
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity

[Install]
WantedBy=multi-user.target

# /etc/systemd/system/docker-containerd.service.d/temp.conf
[Service]
# Uncomment *both* of the following lines to enable debug logging
# to go to journald instead of /var/log/sssd. You will need to
# run 'systemctl daemon-reload' and then restart the SSSD service
# for this to take effect
ExecStart=
ExecStart=/usr/libexec/docker/docker-containerd --shim /usr/libexec/docker/docker-containerd-shim --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true

[root@host sbin]# docker run --rm fedora:23 cat /etc/os-release
docker: Error response from daemon: shim error: docker-runc not installed on system.




Version-Release number of selected component (if applicable):
docker-1.12.0-3.gitad4812e.fc26


How reproducible:
Deterministic


Steps to Reproduce:
1. Install docker on fedora-rawhide
2. run a docker container
   docker run --rm fedora:23 cat /etc/os-release

Actual results:
Error code is returned:
 docker: Error response from daemon: containerd-shim not installed on system.



Expected results:
NAME=Fedora
VERSION="23 (Twenty Three)"
ID=fedora
VERSION_ID=23
PRETTY_NAME="Fedora 23 (Twenty Three)"
ANSI_COLOR="0;34"
CPE_NAME="cpe:/o:fedoraproject:fedora:23"
HOME_URL="https://fedoraproject.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=23
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=23
PRIVACY_POLICY_URL=https://fedoraproject.org/wiki/Legal:PrivacyPolicy



Additional info:
Services are running with unconfined_service SELinux context
[
root@host sbin]# ps auxfZ | grep docke[r]
system_u:system_r:unconfined_service_t:s0 root 9259 0.0  0.0 569288 9724 ?     Ssl  18:45   0:00 /usr/libexec/docker/docker-containerd --shim /usr/libexec/docker/docker-containerd-shim --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true
system_u:system_r:unconfined_service_t:s0 root 9291 0.3  0.2 798456 45944 ?    Ssl  18:45   0:01 dockerd --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald -s btrfs

Comment 1 Antonio Murdaca 2016-08-03 11:43:45 UTC

Fixed into http://koji.fedoraproject.org/koji/taskinfo?taskID=15117495 - should be available in dnf soon(ish)

We were basically installing `docker-containerd-shim` outside $PATH - moved `docker-containerd-shim` under `%{_bindir}` to fix this.

Comment 2 Lukas Slebodnik 2016-08-03 11:53:09 UTC

I'm sorry it still does not work
and daemons are still running with wrong SELinux context



[root@host ~]# rpm -qa 'docker*'
docker-1.12.0-4.gitad4812e.fc26.x86_64
docker-v1.10-migrator-1.12.0-4.gitad4812e.fc26.x86_64
docker-selinux-1.12.0-4.gitad4812e.fc26.x86_64

[root@host ~]# systemctl restart docker docker-containerd.service

[root@host ~]# docker run -ti --rm fedora:23 bash
docker: Error response from daemon: fork/exec /usr/libexec/docker/docker-containerd-shim: no such file or directory.

[root@host ~]# ps auxfZ | grep docke[r]
system_u:system_r:unconfined_service_t:s0 root 1417 0.0  0.0 290752 9192 ?     Ssl  13:49   0:00 /usr/libexec/docker/docker-containerd --shim /usr/libexec/docker/docker-containerd-shim --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true
system_u:system_r:unconfined_service_t:s0 root 1455 0.6  0.2 732152 45208 ?    Ssl  13:49   0:00 dockerd --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald -s btrfs --insecure-registry brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888

Comment 3 Antonio Murdaca 2016-08-03 12:02:37 UTC

(In reply to Lukas Slebodnik from comment #2)
> I'm sorry it still does not work
> and daemons are still running with wrong SELinux context
> 
> 
> 
> [root@host ~]# rpm -qa 'docker*'
> docker-1.12.0-4.gitad4812e.fc26.x86_64
> docker-v1.10-migrator-1.12.0-4.gitad4812e.fc26.x86_64
> docker-selinux-1.12.0-4.gitad4812e.fc26.x86_64
> 
> [root@host ~]# systemctl restart docker docker-containerd.service
> 
> [root@host ~]# docker run -ti --rm fedora:23 bash
> docker: Error response from daemon: fork/exec
> /usr/libexec/docker/docker-containerd-shim: no such file or directory.
> 
> [root@host ~]# ps auxfZ | grep docke[r]
> system_u:system_r:unconfined_service_t:s0 root 1417 0.0  0.0 290752 9192 ?  
> Ssl  13:49   0:00 /usr/libexec/docker/docker-containerd --shim
> /usr/libexec/docker/docker-containerd-shim --listen

where did you get "--shim /usr/libexec/docker/docker-containerd-shim"? 
did you add it? can you remove it and re-try?

> unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc
> --runtime-args --systemd-cgroup=true
> system_u:system_r:unconfined_service_t:s0 root 1455 0.6  0.2 732152 45208 ? 
> Ssl  13:49   0:00 dockerd --containerd /run/containerd.sock --exec-opt
> native.cgroupdriver=systemd --selinux-enabled --log-driver=journald -s btrfs
> --insecure-registry brew-pulp-docker01.web.prod.ext.phx2.redhat.com:8888

Comment 4 Antonio Murdaca 2016-08-03 12:12:27 UTC

Alright, figured it out, I've added --shim to docker-containerd.service and put the binary back under libexec. Rebuilding here http://koji.fedoraproject.org/koji/taskinfo?taskID=15118191

Please open another BZ for the selinux labels issue.

Comment 5 Lukas Slebodnik 2016-08-03 13:49:18 UTC

I'm sorry but it still does not work

sh# rpm -qa "docker*"
docker-1.12.0-5.gitad4812e.fc26.x86_64
docker-v1.10-migrator-1.12.0-5.gitad4812e.fc26.x86_64
docker-selinux-1.12.0-5.gitad4812e.fc26.x86_64

sh# systemctl restart docker.service docker-containerd.service
 
sh# systemctl status -n0 docker.service docker-containerd.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-08-03 15:45:46 CEST; 11s ago
     Docs: http://docs.docker.com
 Main PID: 2672 (dockerd)
    Tasks: 14
   CGroup: /system.slice/docker.service
           └─2672 dockerd --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald -s btrfs

● docker-containerd.service - Containerd Standalone OCI Container Daemon
   Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2016-08-03 15:45:46 CEST; 12s ago
     Docs: https://containerd.tools/
 Main PID: 2638 (docker-containe)
    Tasks: 11
   CGroup: /system.slice/docker-containerd.service
           └─2638 /usr/libexec/docker/docker-containerd --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true --shim /usr/libexec/docker/docker-containerd-shim

sh# systemctl cat docker.service docker-containerd.service | cat
# /usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target docker-containerd.service
Wants=docker-storage-setup.service
Requires=docker-containerd.service

[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
Environment=DOCKER_HTTP_HOST_COMPAT=1
ExecStart=/usr/bin/docker daemon \
          --containerd /run/containerd.sock \
          --exec-opt native.cgroupdriver=systemd \
          $OPTIONS \
          $DOCKER_STORAGE_OPTIONS \
          $DOCKER_NETWORK_OPTIONS \
          $INSECURE_REGISTRY
ExecReload=/bin/kill -s HUP $MAINPID
TasksMax=infinity
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
TimeoutStartSec=0
Restart=on-abnormal

[Install]
WantedBy=multi-user.target

# /usr/lib/systemd/system/docker-containerd.service
[Unit]
Description=Containerd Standalone OCI Container Daemon
Documentation=https://containerd.tools/
After=network.target

[Service]
ExecStart=/usr/libexec/docker/docker-containerd --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true --shim /usr/libexec/docker/docker-containerd-shim
TasksMax=infinity
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity

[Install]
WantedBy=multi-user.target

sh# docker run -ti --rm fedora:23 bash
docker: Error response from daemon: shim error: docker-runc not installed on system.

Comment 6 Antonio Murdaca 2016-08-03 14:03:05 UTC

Alright, this is now related to docker-runc which is basically the same issue as with containerd-shim. Going to rebuild again, thanks for testing.

Comment 7 Lukas Slebodnik 2016-08-03 15:03:16 UTC

BTW, I know that description was TL;DR but it was written there :-)

Comment 8 Antonio Murdaca 2016-08-03 18:14:01 UTC

Tested and fixed into this new build http://koji.fedoraproject.org/koji/taskinfo?taskID=15123002

There's another bug with oci-register-machine though. If you encounter it the workaround is to "mv /usr/libexec/oci/oci-register-machine $HOME/oci-register-machine.backup" but we should get it fixed soon. I'll open a BZ as soon as I can repro it.

Comment 9 Antonio Murdaca 2016-08-03 18:21:21 UTC

filed a BZ for oci-register-machine bug https://bugzilla.redhat.com/show_bug.cgi?id=1363862

Comment 10 Lukas Slebodnik 2016-08-04 06:06:21 UTC

Thank you very much; The basic usage works with permissive SELinux BZ1363775

BTW In future, it would be good to avoid pushing untested packages into rawhide.
I am pretty sure you know that docker is critical part of atomic host. And broken docker means unusable rawhide ostree
https://dl.fedoraproject.org/pub/fedora/linux/atomic/rawhide/

I let closing the ticket for you :-)

Comment 11 Lukas Slebodnik 2016-08-04 08:36:31 UTC

Actually there still seems to be an issue with docker-runc.

I tried to start a container which was created on fedora 24 with docker 1.10.3
but it failed.

[root@host sbin]# systemctl restart docker.service docker-containerd.service
[root@host sbin]# setenforce 0
[root@host sbin]# docker start 5279c4f1a2ea
Error response from daemon: shim error: docker-runc not installed on system
Error: failed to start containers: 5279c4f1a2ea

[root@graviton sbin]# systemctl status -n0 docker.service docker-containerd.service
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2016-08-04 10:14:05 CEST; 52s ago
     Docs: http://docs.docker.com
 Main PID: 14944 (dockerd)
    Tasks: 14
   CGroup: /system.slice/docker.service
           └─14944 dockerd --add-runtime docker-runc=/usr/libexec/docker/docker-runc --default-runtime=docker-runc --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd --selinux-enabled --log-driver=journald -s btrfs

● docker-containerd.service - Containerd Standalone OCI Container Daemon
   Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service; disabled; vendor preset: disabled)
   Active: active (running) since Thu 2016-08-04 10:14:04 CEST; 52s ago
     Docs: https://containerd.tools/
 Main PID: 14942 (docker-containe)
    Tasks: 10
   CGroup: /system.slice/docker-containerd.service
           └─14942 /usr/libexec/docker/docker-containerd --listen unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc --runtime-args --systemd-cgroup=true --shim /usr/libexec/docker/docker-containerd-shim


My workaround is to create symbolic link /usr/local/sbin/docker-runc -> /usr/libexec/docker/docker-runc

Comment 12 Antonio Murdaca 2016-08-04 09:27:05 UTC

(In reply to Lukas Slebodnik from comment #11)
> Actually there still seems to be an issue with docker-runc.
> 
> I tried to start a container which was created on fedora 24 with docker
> 1.10.3
> but it failed.
> 
> [root@host sbin]# systemctl restart docker.service docker-containerd.service
> [root@host sbin]# setenforce 0
> [root@host sbin]# docker start 5279c4f1a2ea
> Error response from daemon: shim error: docker-runc not installed on system
> Error: failed to start containers: 5279c4f1a2ea
> 
> [root@graviton sbin]# systemctl status -n0 docker.service
> docker-containerd.service
> ● docker.service - Docker Application Container Engine
>    Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor
> preset: disabled)
>    Active: active (running) since Thu 2016-08-04 10:14:05 CEST; 52s ago
>      Docs: http://docs.docker.com
>  Main PID: 14944 (dockerd)
>     Tasks: 14
>    CGroup: /system.slice/docker.service
>            └─14944 dockerd --add-runtime
> docker-runc=/usr/libexec/docker/docker-runc --default-runtime=docker-runc
> --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd
> --selinux-enabled --log-driver=journald -s btrfs
> 
> ● docker-containerd.service - Containerd Standalone OCI Container Daemon
>    Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service;
> disabled; vendor preset: disabled)
>    Active: active (running) since Thu 2016-08-04 10:14:04 CEST; 52s ago
>      Docs: https://containerd.tools/
>  Main PID: 14942 (docker-containe)
>     Tasks: 10
>    CGroup: /system.slice/docker-containerd.service
>            └─14942 /usr/libexec/docker/docker-containerd --listen
> unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc
> --runtime-args --systemd-cgroup=true --shim
> /usr/libexec/docker/docker-containerd-shim
> 
> 
> My workaround is to create symbolic link /usr/local/sbin/docker-runc ->
> /usr/libexec/docker/docker-runc

This may probably be an issue when upgrading, can you open another BZ? I suspect this is an issue in upstream as well

Comment 13 Daniel Walsh 2016-08-04 09:48:03 UTC

*** Bug 1364016 has been marked as a duplicate of this bug. ***

Comment 14 Lukas Slebodnik 2016-08-04 11:08:30 UTC

(In reply to Antonio Murdaca from comment #12)
> (In reply to Lukas Slebodnik from comment #11)
> > Actually there still seems to be an issue with docker-runc.
> > 
> > I tried to start a container which was created on fedora 24 with docker
> > 1.10.3
> > but it failed.
> > 
> > [root@host sbin]# systemctl restart docker.service docker-containerd.service
> > [root@host sbin]# setenforce 0
> > [root@host sbin]# docker start 5279c4f1a2ea
> > Error response from daemon: shim error: docker-runc not installed on system
> > Error: failed to start containers: 5279c4f1a2ea
> > 
> > [root@graviton sbin]# systemctl status -n0 docker.service
> > docker-containerd.service
> > ● docker.service - Docker Application Container Engine
> >    Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor
> > preset: disabled)
> >    Active: active (running) since Thu 2016-08-04 10:14:05 CEST; 52s ago
> >      Docs: http://docs.docker.com
> >  Main PID: 14944 (dockerd)
> >     Tasks: 14
> >    CGroup: /system.slice/docker.service
> >            └─14944 dockerd --add-runtime
> > docker-runc=/usr/libexec/docker/docker-runc --default-runtime=docker-runc
> > --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd
> > --selinux-enabled --log-driver=journald -s btrfs
> > 
> > ● docker-containerd.service - Containerd Standalone OCI Container Daemon
> >    Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service;
> > disabled; vendor preset: disabled)
> >    Active: active (running) since Thu 2016-08-04 10:14:04 CEST; 52s ago
> >      Docs: https://containerd.tools/
> >  Main PID: 14942 (docker-containe)
> >     Tasks: 10
> >    CGroup: /system.slice/docker-containerd.service
> >            └─14942 /usr/libexec/docker/docker-containerd --listen
> > unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc
> > --runtime-args --systemd-cgroup=true --shim
> > /usr/libexec/docker/docker-containerd-shim
> > 
> > 
> > My workaround is to create symbolic link /usr/local/sbin/docker-runc ->
> > /usr/libexec/docker/docker-runc
> 
> This may probably be an issue when upgrading, can you open another BZ? I
> suspect this is an issue in upstream as well

I will do later. Feel free to close this BZ.

Comment 15 Antonio Murdaca 2016-08-24 07:35:54 UTC

(In reply to Lukas Slebodnik from comment #14)
> (In reply to Antonio Murdaca from comment #12)
> > (In reply to Lukas Slebodnik from comment #11)
> > > Actually there still seems to be an issue with docker-runc.
> > > 
> > > I tried to start a container which was created on fedora 24 with docker
> > > 1.10.3
> > > but it failed.
> > > 
> > > [root@host sbin]# systemctl restart docker.service docker-containerd.service
> > > [root@host sbin]# setenforce 0
> > > [root@host sbin]# docker start 5279c4f1a2ea
> > > Error response from daemon: shim error: docker-runc not installed on system
> > > Error: failed to start containers: 5279c4f1a2ea
> > > 
> > > [root@graviton sbin]# systemctl status -n0 docker.service
> > > docker-containerd.service
> > > ● docker.service - Docker Application Container Engine
> > >    Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor
> > > preset: disabled)
> > >    Active: active (running) since Thu 2016-08-04 10:14:05 CEST; 52s ago
> > >      Docs: http://docs.docker.com
> > >  Main PID: 14944 (dockerd)
> > >     Tasks: 14
> > >    CGroup: /system.slice/docker.service
> > >            └─14944 dockerd --add-runtime
> > > docker-runc=/usr/libexec/docker/docker-runc --default-runtime=docker-runc
> > > --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd
> > > --selinux-enabled --log-driver=journald -s btrfs
> > > 
> > > ● docker-containerd.service - Containerd Standalone OCI Container Daemon
> > >    Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service;
> > > disabled; vendor preset: disabled)
> > >    Active: active (running) since Thu 2016-08-04 10:14:04 CEST; 52s ago
> > >      Docs: https://containerd.tools/
> > >  Main PID: 14942 (docker-containe)
> > >     Tasks: 10
> > >    CGroup: /system.slice/docker-containerd.service
> > >            └─14942 /usr/libexec/docker/docker-containerd --listen
> > > unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc
> > > --runtime-args --systemd-cgroup=true --shim
> > > /usr/libexec/docker/docker-containerd-shim
> > > 
> > > 
> > > My workaround is to create symbolic link /usr/local/sbin/docker-runc ->
> > > /usr/libexec/docker/docker-runc
> > 
> > This may probably be an issue when upgrading, can you open another BZ? I
> > suspect this is an issue in upstream as well
> 
> I will do later. Feel free to close this BZ.

Hey
did you create another BZ to track that issue?

Comment 16 Lukas Slebodnik 2016-08-24 08:58:59 UTC

(In reply to Lukas Slebodnik from comment #14)
> (In reply to Antonio Murdaca from comment #12)
> > (In reply to Lukas Slebodnik from comment #11)
> > > Actually there still seems to be an issue with docker-runc.
> > > 
> > > I tried to start a container which was created on fedora 24 with docker
> > > 1.10.3
> > > but it failed.
> > > 
> > > [root@host sbin]# systemctl restart docker.service docker-containerd.service
> > > [root@host sbin]# setenforce 0
> > > [root@host sbin]# docker start 5279c4f1a2ea
> > > Error response from daemon: shim error: docker-runc not installed on system
> > > Error: failed to start containers: 5279c4f1a2ea
> > > 
> > > [root@graviton sbin]# systemctl status -n0 docker.service
> > > docker-containerd.service
> > > ● docker.service - Docker Application Container Engine
> > >    Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor
> > > preset: disabled)
> > >    Active: active (running) since Thu 2016-08-04 10:14:05 CEST; 52s ago
> > >      Docs: http://docs.docker.com
> > >  Main PID: 14944 (dockerd)
> > >     Tasks: 14
> > >    CGroup: /system.slice/docker.service
> > >            └─14944 dockerd --add-runtime
> > > docker-runc=/usr/libexec/docker/docker-runc --default-runtime=docker-runc
> > > --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd
> > > --selinux-enabled --log-driver=journald -s btrfs
> > > 
> > > ● docker-containerd.service - Containerd Standalone OCI Container Daemon
> > >    Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service;
> > > disabled; vendor preset: disabled)
> > >    Active: active (running) since Thu 2016-08-04 10:14:04 CEST; 52s ago
> > >      Docs: https://containerd.tools/
> > >  Main PID: 14942 (docker-containe)
> > >     Tasks: 10
> > >    CGroup: /system.slice/docker-containerd.service
> > >            └─14942 /usr/libexec/docker/docker-containerd --listen
> > > unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc
> > > --runtime-args --systemd-cgroup=true --shim
> > > /usr/libexec/docker/docker-containerd-shim
> > > 
> > > 
> > > My workaround is to create symbolic link /usr/local/sbin/docker-runc ->
> > > /usr/libexec/docker/docker-runc
> > 
> > This may probably be an issue when upgrading, can you open another BZ? I
> > suspect this is an issue in upstream as well
> 
> I will do later. Feel free to close this BZ.

No because I was not able to reproduce with latest docker-1.12.0-7.gitad4812e.fc26 Therefore I thought it was fixed by something else.

But It stopped to work for me with 1.12.1 That's the reason why I gave negative karma. I will file a new BZ.

Comment 17 Antonio Murdaca 2016-08-24 09:04:40 UTC

(In reply to Lukas Slebodnik from comment #16)
> (In reply to Lukas Slebodnik from comment #14)
> > (In reply to Antonio Murdaca from comment #12)
> > > (In reply to Lukas Slebodnik from comment #11)
> > > > Actually there still seems to be an issue with docker-runc.
> > > > 
> > > > I tried to start a container which was created on fedora 24 with docker
> > > > 1.10.3
> > > > but it failed.
> > > > 
> > > > [root@host sbin]# systemctl restart docker.service docker-containerd.service
> > > > [root@host sbin]# setenforce 0
> > > > [root@host sbin]# docker start 5279c4f1a2ea
> > > > Error response from daemon: shim error: docker-runc not installed on system
> > > > Error: failed to start containers: 5279c4f1a2ea
> > > > 
> > > > [root@graviton sbin]# systemctl status -n0 docker.service
> > > > docker-containerd.service
> > > > ● docker.service - Docker Application Container Engine
> > > >    Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor
> > > > preset: disabled)
> > > >    Active: active (running) since Thu 2016-08-04 10:14:05 CEST; 52s ago
> > > >      Docs: http://docs.docker.com
> > > >  Main PID: 14944 (dockerd)
> > > >     Tasks: 14
> > > >    CGroup: /system.slice/docker.service
> > > >            └─14944 dockerd --add-runtime
> > > > docker-runc=/usr/libexec/docker/docker-runc --default-runtime=docker-runc
> > > > --containerd /run/containerd.sock --exec-opt native.cgroupdriver=systemd
> > > > --selinux-enabled --log-driver=journald -s btrfs
> > > > 
> > > > ● docker-containerd.service - Containerd Standalone OCI Container Daemon
> > > >    Loaded: loaded (/usr/lib/systemd/system/docker-containerd.service;
> > > > disabled; vendor preset: disabled)
> > > >    Active: active (running) since Thu 2016-08-04 10:14:04 CEST; 52s ago
> > > >      Docs: https://containerd.tools/
> > > >  Main PID: 14942 (docker-containe)
> > > >     Tasks: 10
> > > >    CGroup: /system.slice/docker-containerd.service
> > > >            └─14942 /usr/libexec/docker/docker-containerd --listen
> > > > unix:///run/containerd.sock --runtime /usr/libexec/docker/docker-runc
> > > > --runtime-args --systemd-cgroup=true --shim
> > > > /usr/libexec/docker/docker-containerd-shim
> > > > 
> > > > 
> > > > My workaround is to create symbolic link /usr/local/sbin/docker-runc ->
> > > > /usr/libexec/docker/docker-runc
> > > 
> > > This may probably be an issue when upgrading, can you open another BZ? I
> > > suspect this is an issue in upstream as well
> > 
> > I will do later. Feel free to close this BZ.
> 
> No because I was not able to reproduce with latest
> docker-1.12.0-7.gitad4812e.fc26 Therefore I thought it was fixed by
> something else.
> 
> But It stopped to work for me with 1.12.1 That's the reason why I gave
> negative karma. I will file a new BZ.

thanks

Comment 18 Antonio Murdaca 2016-08-26 13:15:34 UTC

FYI since you didn't report another BZ I just tried upgrading from 1.10.3 to 1.12.1 and I cannot see your issue when starting previously created containers. If you still see it pls open a BZ so I can investigate more.

Comment 19 Lukas Slebodnik 2016-10-22 11:10:00 UTC

(In reply to Antonio Murdaca from comment #18)
> FYI since you didn't report another BZ I just tried upgrading from 1.10.3 to
> 1.12.1 and I cannot see your issue when starting previously created
> containers. If you still see it pls open a BZ so I can investigate more.

Here you are https://bugzilla.redhat.com/show_bug.cgi?id=1387831
Sorry for very long delay

Note You need to log in before you can comment on or make changes to this bug.