weber-software / diuid Goto Github PK
View Code? Open in Web Editor NEWDocker in UserModeLinux in Docker
License: GNU General Public License v3.0
Docker in UserModeLinux in Docker
License: GNU General Public License v3.0
Hi! Thank you for great solution! You rock!
I'm trying to allow users to use DinD but got an error:
# docker run -it --rm -e DIUID_DOCKERD_FLAGS="--group docker" weberlars/diuid bash
root# useradd -m -G docker penguin && chsh -s /bin/bash penguin && su - penguin
penguin$ docker ps # Got permission denied...
penguin$ stat /var/run/docker.sock
Access: (0600/srw-------) Uid: ( 0/ root) Gid: ( 0/ root)
As you can see --group
flag was ignored and the permission is 0600 root:root
. How can I fix it to 0660 root:docker
?
cc @AkihiroSuda
$ docker run -it --rm --cap-add=SYS_PTRACE -e TMPDIR=/umlshm --tmpfs /umlshm:rw,nosuid,nodev,exec,size=8g weberlars/diuid@sha256:7cb6ae37616dc4466f37aeb73d064e46381db488935fa17c70fc761eb56f1a64 docker info
[ ok ] Starting OpenBSD Secure Shell server: sshd.
waiting for dockerd ........
failed to start uml kernel:
Checking that ptrace can change system call numbers...OK
Checking syscall emulation patch for ptrace...OK
Checking advanced syscall emulation patch for ptrace...OK
$ docker version
Client:
Version: 19.09.0-dev
API version: 1.40
Go version: go1.12.6
Git commit: c9db0fe9
Built: Tue Jul 9 06:59:02 2019
OS/Arch: linux/amd64
Experimental: true
Server:
Engine:
Version: dev
API version: 1.41 (minimum version 1.12)
Go version: go1.12.6
Git commit: fb459f6671
Built: Tue Jul 9 06:57:16 2019
OS/Arch: linux/amd64
Experimental: true
containerd:
Version: v1.2.7
GitCommit: 85f6aa58b8a3170aec9824568f7a31832878b603
runc:
Version: 1.0.0-rc8
GitCommit: 425e105d5a03fabd737a126ad93d62a9eeede87f
docker-init:
Version: 0.18.0
GitCommit: fec3683
$ docker info
...
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 17
Server Version: dev
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: kata runc runnc runsc runsc-kvm crun
Default Runtime: runc
Init Binary: docker-init
containerd version: 85f6aa58b8a3170aec9824568f7a31832878b603
runc version: 425e105d5a03fabd737a126ad93d62a9eeede87f
init version: fec3683
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 5.0.0-20-generic
Operating System: Ubuntu 19.04
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.826GiB
Name: suda-ws01
ID: E2YB:EGZO:6BNW:EPHS:4WFQ:EIDV:ZZ6D:QBZK:6673:CIOR:DLZ6:SI3D
Docker Root Dir: /var/lib/docker
Debug Mode: true
File Descriptors: 22
Goroutines: 41
System Time: 2019-07-09T16:02:18.142609596+09:00
EventsListeners: 0
Username: akihirosuda
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
If I try to start the diuid container all args I pass are completely ignored, for example, if I execute this:
docker run -it weberlars/diuid sh
the container will just exit after waiting for dockerd ....
and the bash is never executed
$ docker run ---rm weberlars/diuid@sha256:d884fc60a64aa0e2cac87fac731199aff7fa21bd9b4b9202da353f0e090ca06c docker run --rm debian:9.9 bash -c "apt-get update && apt-get install -y gcc"
[ ok ] Starting OpenBSD Secure Shell server: sshd.
For better performance, consider mounting a tmpfs on /umlshm like this: `docker run --tmpfs /umlshm:rw,nosuid,nodev,exec,size=8g`
waiting for dockerd .......
Unable to find image 'debian:9.9' locally
9.9: Pulling from library/debian
6f2f362378c5: Pull complete
Digest: sha256:118cf8f3557e1ea766c02f36f05f6ac3e63628427ea8965fb861be904ec35a6f
Status: Downloaded newer image for debian:9.9
Ign:2 http://cdn-fastly.deb.debian.org/debian stretch InRelease
Get:3 http://cdn-fastly.deb.debian.org/debian stretch-updates InRelease [91.0 kB]
...
Get:24 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 libc-dev-bin amd64 2.24-11+deb9u4 [259 kB]
Get:25 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 libc6-dev amd64 2.24-11+deb9u4 [2364 kB]
Get:26 http://cdn-fastly.deb.debian.org/debian stretch/main amd64 manpages-dev all 4.10-2 [2145 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 29.5 MB in 4s (6598 kB/s)
Selecting previously unselected package manpages.
(Reading database ... 6499 files and directories currently installed.)
Preparing to unpack .../00-manpages_4.10-2_all.deb ...
Unpacking manpages (4.10-2) ...
dpkg: error processing archive /tmp/apt-dpkg-install-nRslku/00-manpages_4.10-2_all.deb (--unpack):
unable to install new version of './usr/share/doc/manpages': Invalid cross-device link
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Selecting previously unselected package binutils.
Preparing to unpack .../01-binutils_2.28-5_amd64.deb ...
Unpacking binutils (2.28-5) ...
dpkg: error processing archive /tmp/apt-dpkg-install-nRslku/01-binutils_2.28-5_amd64.deb (--unpack):
unable to install new version of './usr/lib/compat-ld': Invalid cross-device link
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
...
Unpacking manpages-dev (4.10-2) ...
dpkg: error processing archive /tmp/apt-dpkg-install-nRslku/25-manpages-dev_4.10-2_all.deb (--unpack):
unable to install new version of './usr/share/man/man2': Invalid cross-device link
dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
Errors were encountered while processing:
/tmp/apt-dpkg-install-nRslku/00-manpages_4.10-2_all.deb
/tmp/apt-dpkg-install-nRslku/01-binutils_2.28-5_amd64.deb
/tmp/apt-dpkg-install-nRslku/02-libgmp10_2%3a6.1.2+dfsg-1_amd64.deb
/tmp/apt-dpkg-install-nRslku/03-libisl15_0.18-1_amd64.deb
/tmp/apt-dpkg-install-nRslku/04-libmpfr4_3.1.5-1_amd64.deb
/tmp/apt-dpkg-install-nRslku/05-libmpc3_1.0.3-1+b2_amd64.deb
/tmp/apt-dpkg-install-nRslku/07-cpp_4%3a6.3.0-4_amd64.deb
/tmp/apt-dpkg-install-nRslku/19-libgcc-6-dev_6.3.0-18+deb9u1_amd64.deb
/tmp/apt-dpkg-install-nRslku/20-gcc-6_6.3.0-18+deb9u1_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
source: 2c585ab
It seems to sometimes be stuck on this line:
https://github.com/weber-software/diuid/blob/master/entrypoint.sh#L41
as the line under it "waiting for dockerd" never gets shown in the console.
This seems to happen when I rerun the docker container. For example:
# entrypoint.sh does not finish here:
~/Projects/learning/scenarios/src/docker (main*) » docker-compose up docker
Starting docker_docker_1 ... done
Attaching to docker_docker_1
docker_1 | Docker: Docker version 20.10.12, build 459d0df
docker_1 | Kernel: 5.15.0
docker_1 | Rootfs: Debian GNU/Linux 11 (bullseye)
docker_1 |
docker_1 | Configuration: MEM=2G DISK=10G
docker_1 | Starting OpenBSD Secure Shell server: sshd.
docker_1 | For better performance, consider mounting a tmpfs on /umlshm like this: `docker run --tmpfs /umlshm:rw,nosuid,nodev,exec,size=8g`
^CGracefully stopping... (press Ctrl+C again to force)
Stopping docker_docker_1 ...
^CKilling docker_docker_1 ...
^CERROR: Aborting.
-------------------------------------------------
# ... so I remove the volume + container
~/Projects/learning/scenarios/src/docker (main*) » docker-compose rm -v 1 ↵
Going to remove docker_docker_1
Are you sure? [yN] y
Removing docker_docker_1 ... done
-------------------------------------------------
# ... then when it's started up again it works
~/Projects/learning/scenarios/src/docker (main*) » docker-compose up docker
Creating docker_docker_1 ... done
Attaching to docker_docker_1
docker_1 | Docker: Docker version 20.10.12, build 459d0df
docker_1 | Kernel: 5.15.0
docker_1 | Rootfs: Debian GNU/Linux 11 (bullseye)
docker_1 |
docker_1 | Configuration: MEM=2G DISK=10G
docker_1 | Starting OpenBSD Secure Shell server: sshd.
docker_1 | Formatting /persistent/var_lib_docker.img
docker_1 | For better performance, consider mounting a tmpfs on /umlshm like this: `docker run --tmpfs /umlshm:rw,nosuid,nodev,exec,size=8g`
docker_1 | waiting for dockerd ....
docker_1 | Executing "bash"
docker_docker_1 exited with code 0
-------------------------------------------------
# ... but the second time it does not.
~/Projects/learning/scenarios/src/docker (main*) » docker-compose up docker
Starting docker_docker_1 ... done
Attaching to docker_docker_1
docker_1 | Docker: Docker version 20.10.12, build 459d0df
docker_1 | Kernel: 5.15.0
docker_1 | Rootfs: Debian GNU/Linux 11 (bullseye)
docker_1 |
docker_1 | Configuration: MEM=2G DISK=10G
docker_1 | Starting OpenBSD Secure Shell server: sshd.
docker_1 | For better performance, consider mounting a tmpfs on /umlshm like this: `docker run --tmpfs /umlshm:rw,nosuid,nodev,exec,size=8g`
On the non-starting container some logs are:
# cat /tmp/env
DIUID_DOCKERD_FLAGS=""
DIUID_DOCKERD_GROUP="docker"
# cat /tmp/kernel.log
Core dump limits :
soft - NONE
hard - NONE
Checking that ptrace can change system call numbers...OK
Checking syscall emulation patch for ptrace...OK
Checking advanced syscall emulation patch for ptrace...OK
Checking environment variables for a tempdir.../umlshm
Checking if /umlshm is on tmpfs...no
Warning: tempdir /umlshm is not on tmpfs
Checking PROT_EXEC mmap in /umlshm...OK
Adding 1454080 bytes to physical memory to account for exec-shield gap
Linux version 5.15.0 (root@buildkitsandbox) (gcc (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 Fri Jan 7 10:17:39 UTC 2022
Zone ranges:
Normal [mem 0x0000000000000000-0x00000000e0162fff]
Movable zone start for each node
Early memory node ranges
node 0: [mem 0x0000000000000000-0x0000000080162fff]
Initmem setup node 0 [mem 0x0000000000000000-0x0000000080162fff]
Built 1 zonelists, mobility grouping on. Total pages: 516445
Kernel command line: rootfstype=hostfs rw vec0:transport=bess,dst=/run/slirp4netns-bess.sock,depth=128,gro=1 mem=2G init=/init.sh root=98:0 console=tty
Unknown command line parameters: mem=2G
Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes, linear)
Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes, linear)
mem auto-init: stack:off, heap alloc:off, heap free:off
Memory: 2054144K/2098572K available (4340K kernel code, 1154K rwdata, 1196K rodata, 161K init, 179K bss, 44428K reserved, 0K cma-reserved)
NR_IRQS: 64
clocksource: timer: mask: 0xffffffffffffffff max_cycles: 0x1cd42e205, max_idle_ns: 881590404426 ns
Calibrating delay loop... 6660.91 BogoMIPS (lpj=33304576)
pid_max: default: 32768 minimum: 301
Mount-cache hash table entries: 4096 (order: 3, 32768 bytes, linear)
Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes, linear)
Checking that host ptys support output SIGIO...Yes
devtmpfs: initialized
random: get_random_u32 called from bucket_table_alloc.isra.0+0x128/0x153 with crng_init=0
clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 19112604462750000 ns
futex hash table entries: 256 (order: 0, 6144 bytes, linear)
NET: Registered PF_NETLINK/PF_ROUTE protocol family
pps_core: LinuxPPS API ver. 1 registered
pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <[email protected]>
PTP clock support registered
clocksource: Switched to clocksource timer
VFS: Disk quotas dquot_6.6.0
VFS: Dquot-cache hash table entries: 512 (order 0, 4096 bytes)
NET: Registered PF_INET protocol family
IP idents hash table entries: 32768 (order: 6, 262144 bytes, linear)
tcp_listen_portaddr_hash hash table entries: 1024 (order: 2, 16384 bytes, linear)
TCP established hash table entries: 16384 (order: 5, 131072 bytes, linear)
TCP bind hash table entries: 16384 (order: 5, 131072 bytes, linear)
TCP: Hash tables configured (established 16384 bind 16384)
UDP hash table entries: 1024 (order: 3, 32768 bytes, linear)
UDP-Lite hash table entries: 1024 (order: 3, 32768 bytes, linear)
NET: Registered PF_UNIX/PF_LOCAL protocol family
printk: console [stderr0] disabled
mconsole (version 2) initialized on /root/.uml/bPQvo0/mconsole
Checking host MADV_REMOVE support...OK
UML Audio Relay (host dsp = /dev/sound/dsp, host mixer = /dev/sound/mixer)
hwrng: no data available
workingset: timestamp_bits=46 max_order=19 bucket_order=0
io scheduler mq-deadline registered
io scheduler kyber registered
io scheduler bfq registered
loop: module loaded
tun: Universal TUN/TAP device driver, 1.6
PPP generic driver version 2.4.2
xt_time: kernel timezone is -0000
IPVS: Registered protocols ()
IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
IPVS: ipvs loaded.
NET: Registered PF_PACKET protocol family
8021q: 802.1Q VLAN Support v1.8
9pnet: Installing 9P2000 support
Initialized stdio console driver
Console initialized on /dev/tty0
printk: console [tty0] enabled
Initializing software serial port version 1
Choosing a random ethernet address for device vec0
printk: console [mc-1] enabled
Failed to initialize ubd device 0 :Couldn't determine size of device's file
epollctl add err fd 1, Operation not permitted
epollctl add err fd 0, Operation not permitted
VFS: Mounted root (hostfs filesystem) on device 0:13.
devtmpfs: mounted
This architecture does not have kernel memory protection.
Run /init.sh as init process
+ source /tmp/env
++ DIUID_DOCKERD_FLAGS=
++ DIUID_DOCKERD_GROUP=docker
+ mount -t proc proc /proc/
+ mount -t sysfs sys /sys/
+ mount -t cgroup2 none /sys/fs/cgroup
+ mkdir /sys/fs/cgroup/init.tmp
+ echo 1
+ cat /sys/fs/cgroup/cgroup.controllers
cpu io memory pids misc
+ echo '+cpu +io +memory +pids'
+ echo 1
+ rmdir /sys/fs/cgroup/init.tmp
+ mount -t tmpfs none /run
+ mkdir /dev/pts
+ mount -t devpts devpts /dev/pts
+ rm /dev/ptmx
+ ln -s /dev/pts/ptmx /dev/ptmx
+ rngd -r /dev/urandom
random: rngd: uninitialized urandom read (4 bytes read)
random: rngd: uninitialized urandom read (4 bytes read)
+ mkdir -p /var/lib/docker/
random: rngd: uninitialized urandom read (2500 bytes read)
random: crng init done
random: 2 urandom warning(s) missed due to ratelimiting
+ mount -t ext4 /persistent/var_lib_docker.img /var/lib/docker/
loop0: detected capacity change from 0 to 20971520
EXT4-fs (loop0): recovery complete
EXT4-fs (loop0): mounted filesystem with ordered data mode. Opts: (null). Quota mode: none.
+ ip link set dev lo up
+ ip link set dev vec0 up
+ ip addr add 10.0.2.100/24 dev vec0
+ ip route add default via 10.0.2.2
+ ssh -f -N -o StrictHostKeyChecking=no -R/var/run/docker.sock:/var/run/docker.sock -R0.0.0.0:2375:127.0.0.1:2375 -R0.0.0.0:2376:127.0.0.1:2376 10.0.2.2
Warning: remote port forwarding failed for listen path /var/run/docker.sock
+ chmod 0660 /var/run/docker.sock
chmod: cannot access '/var/run/docker.sock': No such file or directory
++ which diuid-docker-proxy
+ PATH=/usr/bin:/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin:/bin:/sbin:.
+ dockerd --userland-proxy-path=/usr/bin/diuid-docker-proxy -H unix:///var/run/docker.sock
INFO[2022-10-24T10:25:16.795237212Z] Starting up
INFO[2022-10-24T10:25:16.812600668Z] libcontainerd: started new containerd process pid=56
INFO[2022-10-24T10:25:16.813172572Z] parsed scheme: "unix" module=grpc
INFO[2022-10-24T10:25:16.813310300Z] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2022-10-24T10:25:16.813460828Z] ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2022-10-24T10:25:16.813596508Z] ClientConn switching balancer to "pick_first" module=grpc
INFO[2022-10-24T10:25:17.162216284Z] starting containerd revision=7b11cfaabd73bb80907dd23182b9347b4245eb5d version=1.4.12
INFO[2022-10-24T10:25:17.236243548Z] loading plugin "io.containerd.content.v1.content"... type=io.containerd.content.v1
INFO[2022-10-24T10:25:17.236773468Z] loading plugin "io.containerd.snapshotter.v1.aufs"... type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.237795420Z] skip loading plugin "io.containerd.snapshotter.v1.aufs"... error="aufs is not supported (modprobe aufs failed: exec: \"modprobe\": executable file not found in $PATH \"\"): skip plugin" type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.237992284Z] loading plugin "io.containerd.snapshotter.v1.btrfs"... type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.238533468Z] skip loading plugin "io.containerd.snapshotter.v1.btrfs"... error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs (ext4) must be a btrfs filesystem to be used with the btrfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.238600028Z] loading plugin "io.containerd.snapshotter.v1.devmapper"... type=io.containerd.snapshotter.v1
WARN[2022-10-24T10:25:17.238924124Z] failed to load plugin io.containerd.snapshotter.v1.devmapper error="devmapper not configured"
INFO[2022-10-24T10:25:17.239025244Z] loading plugin "io.containerd.snapshotter.v1.native"... type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.239264604Z] loading plugin "io.containerd.snapshotter.v1.overlayfs"... type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.240228700Z] loading plugin "io.containerd.snapshotter.v1.zfs"... type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.240650588Z] skip loading plugin "io.containerd.snapshotter.v1.zfs"... error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
INFO[2022-10-24T10:25:17.240718172Z] loading plugin "io.containerd.metadata.v1.bolt"... type=io.containerd.metadata.v1
WARN[2022-10-24T10:25:17.240819292Z] could not use snapshotter devmapper in metadata plugin error="devmapper not configured"
INFO[2022-10-24T10:25:17.240876380Z] metadata content store policy set policy=shared
INFO[2022-10-24T10:25:17.243032668Z] loading plugin "io.containerd.differ.v1.walking"... type=io.containerd.differ.v1
INFO[2022-10-24T10:25:17.243225180Z] loading plugin "io.containerd.gc.v1.scheduler"... type=io.containerd.gc.v1
INFO[2022-10-24T10:25:17.244016732Z] loading plugin "io.containerd.service.v1.introspection-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244180828Z] loading plugin "io.containerd.service.v1.containers-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244254812Z] loading plugin "io.containerd.service.v1.content-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244314716Z] loading plugin "io.containerd.service.v1.diff-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244534108Z] loading plugin "io.containerd.service.v1.images-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244657500Z] loading plugin "io.containerd.service.v1.leases-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244785500Z] loading plugin "io.containerd.service.v1.namespaces-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244906076Z] loading plugin "io.containerd.service.v1.snapshots-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.244970844Z] loading plugin "io.containerd.runtime.v1.linux"... type=io.containerd.runtime.v1
INFO[2022-10-24T10:25:17.245654876Z] loading plugin "io.containerd.runtime.v2.task"... type=io.containerd.runtime.v2
INFO[2022-10-24T10:25:17.246407772Z] loading plugin "io.containerd.monitor.v1.cgroups"... type=io.containerd.monitor.v1
INFO[2022-10-24T10:25:17.248518748Z] loading plugin "io.containerd.service.v1.tasks-service"... type=io.containerd.service.v1
INFO[2022-10-24T10:25:17.248655196Z] loading plugin "io.containerd.internal.v1.restart"... type=io.containerd.internal.v1
INFO[2022-10-24T10:25:17.249348956Z] loading plugin "io.containerd.grpc.v1.containers"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249470044Z] loading plugin "io.containerd.grpc.v1.content"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249588060Z] loading plugin "io.containerd.grpc.v1.diff"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249655644Z] loading plugin "io.containerd.grpc.v1.events"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249715804Z] loading plugin "io.containerd.grpc.v1.healthcheck"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249782108Z] loading plugin "io.containerd.grpc.v1.images"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249843292Z] loading plugin "io.containerd.grpc.v1.leases"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249902428Z] loading plugin "io.containerd.grpc.v1.namespaces"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.249960540Z] loading plugin "io.containerd.internal.v1.opt"... type=io.containerd.internal.v1
INFO[2022-10-24T10:25:17.250168924Z] loading plugin "io.containerd.grpc.v1.snapshots"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.250349404Z] loading plugin "io.containerd.grpc.v1.tasks"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.250439260Z] loading plugin "io.containerd.grpc.v1.version"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.250501980Z] loading plugin "io.containerd.grpc.v1.introspection"... type=io.containerd.grpc.v1
INFO[2022-10-24T10:25:17.254302556Z] serving... address=/var/run/docker/containerd/containerd-debug.sock
INFO[2022-10-24T10:25:17.254658908Z] serving... address=/var/run/docker/containerd/containerd.sock.ttrpc
INFO[2022-10-24T10:25:17.255007836Z] serving... address=/var/run/docker/containerd/containerd.sock
INFO[2022-10-24T10:25:17.255089244Z] containerd successfully booted in 0.097627s
WARN[2022-10-24T10:25:17.304159836Z] unable to modify root key limit, number of containers could be limited by this quota: open /proc/sys/kernel/keys/root_maxkeys: no such file or directory
INFO[2022-10-24T10:25:17.309119836Z] parsed scheme: "unix" module=grpc
INFO[2022-10-24T10:25:17.309181532Z] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2022-10-24T10:25:17.309234780Z] ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2022-10-24T10:25:17.309281372Z] ClientConn switching balancer to "pick_first" module=grpc
INFO[2022-10-24T10:25:17.321136732Z] parsed scheme: "unix" module=grpc
INFO[2022-10-24T10:25:17.321197148Z] scheme "unix" not registered, fallback to default scheme module=grpc
INFO[2022-10-24T10:25:17.321248092Z] ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock <nil> 0 <nil>}] <nil> <nil>} module=grpc
INFO[2022-10-24T10:25:17.321292892Z] ClientConn switching balancer to "pick_first" module=grpc
INFO[2022-10-24T10:25:17.341079900Z] [graphdriver] using prior storage driver: overlay2
WARN[2022-10-24T10:25:17.368008028Z] Unable to find cpuset controller
INFO[2022-10-24T10:25:17.376886620Z] Loading containers: start.
WARN[2022-10-24T10:25:17.379827036Z] Running modprobe bridge br_netfilter failed with message: , error: exec: "modprobe": executable file not found in $PATH
WARN[2022-10-24T10:25:18.129315164Z] Could not load necessary modules for IPSEC rules: protocol not supported
INFO[2022-10-24T10:25:18.134140764Z] failed to read ipv6 net.ipv6.conf.<bridge>.accept_ra bridge=docker0 syspath=/proc/sys/net/ipv6/conf/docker0/accept_ra
INFO[2022-10-24T10:25:18.134286940Z] failed to read ipv6 net.ipv6.conf.<bridge>.accept_ra bridge=docker0 syspath=/proc/sys/net/ipv6/conf/docker0/accept_ra
INFO[2022-10-24T10:25:19.134311260Z] Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address
INFO[2022-10-24T10:25:19.134814300Z] failed to read ipv6 net.ipv6.conf.<bridge>.accept_ra bridge=docker0 syspath=/proc/sys/net/ipv6/conf/docker0/accept_ra
INFO[2022-10-24T10:25:19.848769116Z] Loading containers: done.
INFO[2022-10-24T10:25:20.034106972Z] Docker daemon commit=459d0df graphdriver(s)=overlay2 version=20.10.12
INFO[2022-10-24T10:25:20.035414364Z] Daemon has completed initialization
INFO[2022-10-24T10:25:20.166991708Z] API listen on /var/run/docker.sock
docker-compose exec docker sh
# docker ps
Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?
docker-compose:
version: "3.9"
services:
docker:
image: weberlars/diuid
Hi,
I have launched a diuid container, but it fails to start, and the dots are pilling up for a day now.
[ ok ] Starting OpenBSD Secure Shell server: sshd.
waiting for dockerd .................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
Should there be a timeout after which you consider the start of dockerd should be considered failed?
Best,
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.