Docker on raspbian will not run containers - linux

here’s my situation. I’m very inexperienced with any OS that isn’t windows. I’m working on a Raspberry Pi Zero W running Raspbian, with the ultimate goal of running zimdump so I can edit .zim files. A tutorial includes the use of Docker to mount the .zim file as a volume and work within a container. I seemed to have installed Docker with the correct version and architecture, but docker run hello-world doesn’t work as expected. Log from the first time I ran it:
Unable to find image ‘hello-world:latest‘ locally
latest: Pulling from library/hello-world
4ee5c797bcd7: Pull complete
Digest: sha256: [long sha256]
Status: Downloaded newer image for hello-world: latest
And nothing else. I ran it a second time, and nothing printed. The third time, I ran
sudo docker run hello-world -it
which printed more verbosely
docker: Error response from daemon: OCI runtime failed: container_linux.go:349: starting container process caused “exec: \”-it\”: executable file not found in $PATH”: unknown.
I tried an assortment of troubleshooting steps, from users whose situations were only related to mine, but not exactly, and I don’t want to alter anything else behind the scenes that makes this harder for you and me.
Here’s my docker info:
Client:
Debug Mode: false
Server:
Containers: 3
Running: 0
Paused: 0
Stopped: 3
Images: 1
Server Version: 19.03.12
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Init Binary: docker-init
containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.19.66+
Operating System: Raspbian GNU/Linux 10 (buster)
OSType: Linux
Architecture: armv6l
CPUs: 1
Total Memory: 424.8MiB
Name: box.lan
ID: DAJU:334L:G6WP:RARN:REWW:K2LE:CJUK:LCBJ:XDWH:ZX5D:4XRM:BCTM
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1s/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support
WARNING: No cpuset support
I’ve spent 8 hours on this, and all I want to do is remove explicit wikipedia pages from the .zim so we can give this raspberry pi to kids as an offline internet.
You all are the best ☺️

The regular version of hello-world Dock image won't work on a Raspberry Pi zero. Because Raspberry Pi zero uses ARMv6Z instruction sets. Instead of docker run hello-world, you can run:
docker run --name someContainerName arm32v5/hello-world
Notice that this container was built with ARM32v5 instruction set. In theory, any ARM32 version equal to or below v6 should work on a Pi zero.
It took me a whole day to figure out. I've written a blog post on how to get Docker working on a Raspberry Pi 1 and Zero if you want to learn about the detail.

Related

Docker pull fails during extraction with "lchown /usr/bin/sbd no such file or directory"

I've been battling trying to get Docker installed on RHEL7 and, now that I've been able to get it installed, I'm stuck just trying to do a simple docker pull.
I was able to finally get Docker installed using my proposed solution here Issues installing Docker on RHEL 7 Linux Server, but now during the extraction process, I get the following error:
latest: Pulling from [my-repo]
8657e219e309: Pull complete
a8db9e62fad8: Extracting [==================================================>] 3.507 GB/3.507 GB
failed to register layer: ApplyLayer exit status 1 stdout: stderr: lchown /usr/bin/sbd: no such file or directory
Unable to find image '[my-docker-repo]:latest' locally
latest: Pulling from [my-repo]
8657e219e309: Pull complete
a8db9e62fad8: Extracting [==================================================>] 3.507 GB/3.507 GB
docker: failed to register layer: ApplyLayer exit status 1 stdout: stderr: lchown /usr/bin/sbd: no such file or directory.
I'm not sure if this is related to the way I installed docker or if it's actually something else. I only installed docker using the following two commands:
yum install -y https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-selinux-17.03.0.ce-1.el7.centos.noarch.rpm
yum install -y https://download.docker.com/linux/centos/7/x86_64/stable/Packages/docker-ce-17.03.0.ce-1.el7.centos.x86_64.rpm
I can run docker just fine and start the service, so not sure it's the installation that's the issue per se.
The only two issues I've found on the Internet that seems somewhat related to mine are these:
https://github.com/moby/moby/issues/41803
https://github.com/moby/moby/issues/41821
However, neither one of these issues have solutions other than merged pull requests that apparently still aren't fixed in my case.
I've also visited https://docs.docker.com/engine/security/rootless/#prerequisites and verified that the value shows 65,535 in my /etc/subuid and /etc/subgid values.
Still no luck.
Here's the output of my docker info command:
Client:
Context: default
Debug Mode: false
Plugins:
app: Docker App (Docker Inc., v0.9.1-beta3)
buildx: Build with BuildKit (Docker Inc., v0.5.1-docker)
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 20.10.5
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Cgroup Version: 1
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e
runc version: 12644e614e25b05da6fd08a38ffa0cfe1903fdec
init version: de40ad0
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-1160.21.1.el7.x86_64
Operating System: Red Hat Enterprise Linux Server 7.9 (Maipo)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 7.349GiB
Name: d8de679d27f2453
ID: L43V:XEXI:6B6D:A3K4:KCI5:VQB7:MOG4:7TO5:QATR:5PM5:QT2Q:TTN5
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled

standard_init_linux.go:190: exec user process caused "exec format error" The command '/bin/sh -c npm install' returned a non-zero code: 1

I am new to docker and for my learning purpose I followed the official nodejs docker instructons and followed the instructions but it keeps throwing error on the same command.
I tried making images docker on Raspberry Pi to be used as a server. but I have a problem building it to run it
this is Dockerfile me
FROM node:4.3.2
WORKDIR /app
RUN npm install
EXPOSE (80)
CMD ["node", "index.js"]
ERROR
docker build -t hello-world .
Sending build context to Docker daemon 2.212MB
Step 1/5 : FROM node:4.3.2
---> 3538b8c69182
Step 2/5 : WORKDIR /app
---> Using cache
---> 7b8a5c56f23d
Step 3/5 : RUN npm install
---> Running in bbd6026d01d9
standard_init_linux.go:190: exec user process caused "exec format error"
The command '/bin/sh -c npm install' returned a non-zero code: 1
and docker version
Containers: 19
Running: 0
Paused: 0
Stopped: 19
Images: 10
Server Version: 18.06.1-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 468a545b9edcd5932818eb9de8e72413e616e86e
runc version: 69663f0bd4b60df09991c08812a60108003fa340
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 4.14.62-v7+
Operating System: Raspbian GNU/Linux 9 (stretch)
OSType: linux
Architecture: armv7l
CPUs: 4
Total Memory: 976.7MiB
Name: raspi2
ID: MJNK:BGTA:EFDS:B7VD:QZIL:T65S:IJRJ:ZO74:RG6D:BITS:AZNB:LDSC
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No memory limit support
WARNING: No swap limit support
WARNING: No kernel memory limit support
WARNING: No oom kill disable support
WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support
The RUN instruction has two writing forms.
In your case, you have chosen the shell form which RUN statement will be parsed to /bin/sh -c run-statement(npm install here).
Unfortunately, it replies with non-zero error. We all should know, shell script will replies non-zero error when error occurs.
I am not familiar with npm. But still I may see that error is not related with docker now, but shell script itself.
Maybe it’s the syntax or npm version issue which is mentioned by other comment. It is not about docker platform now.
You could just upgrade npm image as comment said above. May this help~

Can't restart docker container: OCI runtime create failed: container with id exist

I'm a new in a Docker, and I've tried to find solution in the google befor ask question - no result.
I decided to learn docker via practical use case - create PostgreSQL container into my VM instance for develop enviroment.
I've been in vacation and didn't check my server several days. Later I tried to connect to my DB, and couldnt - all of my active containers was exited with code 128.
I tried to start again container with DB - docker start django-postgres and got error message - Error response from daemon: OCI runtime create failed: container with id exists: 5c11e724bf52dd1cb6fd10ebda40710385e412981eb269c30071ecc8aac9e805: unknown
Error: failed to start containers: django-postgres
I suspect that somewhere in my system docker keeps some metadata of my container which didn't removed after container was down with code 128, but my knowledge of unix doesn't enough to determine where is it can be. Also, I'm affraid of lost my DB data connected with container.
Some techincal info:
docker version:
Version: 18.03.0-ce
API version: 1.37
Go version: go1.9.4
Git commit: 0520e24
Built: Wed Mar 21 23:10:01 2018
OS/Arch: linux/amd64
Experimental: false
Orchestrator: swarm
docker info
Containers: 9
Running: 2
Paused: 0
Stopped: 7
Images: 5
Server Version: 18.03.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: cfd04396dc68220d1cecbe686a6cc3aa5ce3667c
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
apparmor
seccomp
Profile: default
Kernel Version: 4.4.0-116-generic
Operating System: Ubuntu 16.04.4 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 488.3MiB
ID: NDUH:OH24:4M4L:TR5O:TOIH:ARV4:LNRP:6QNE:WEYW:TMXR:7KNK:ZPDD
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
WARNING: No swap limit support
Does anyone can help my understand my issue and how to fix it without lost data?
N.B. The second container that has been exited with code 128 was OpenVPN. I can't restart it also, but error was differ - cgroups: cannot found cgroup mount destination: unknown
I found solution here (github):
Temp fix is
sudo mkdir /sys/fs/cgroup/systemd
sudo mount -t cgroup -o none,name=systemd cgroup /sys/fs/cgroup/systemd
This fix coudn't helped with Postgres container.
It is possible to list all running and stopped containers using docker ps -a. -a or --all Show all containers (default shows just running).
You can find the volumes attached to your old postgres container using docker inspect <container-id> (Maybe pipe to less and search for volumes)
If you want to recover your data, you can attach it to a new postgres container and recover it. (If it is a root volume change target to /)
docker run --name new-postgres \
--mount source=myoldvol,target=/var/lib/postgresql/data -d postgres
And then you can remove the old one by using docker rm <container-id>.
For more information please see,
docker ps,
docker volumes,
docker rm

Docker sidekiq much slower than native OS

I've been running my application using docker compose for a while now. One of the heaviest parts of the application are the background tasks.
I noticed that most of my background tasks (running with sidekiq) were running much slower than one of my colleagues computer (not using docker).
Using docker, same background task runs in 40 seconds. On native OS it runs in 12 seconds. I tried this myself, on my machine and run it on native OS and I could confirm that it's much faster.
Docker info:
Containers: 14
Running: 4
Paused: 0
Stopped: 10
Images: 42
Server Version: 17.12.0-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 89623f28b87a6004d4b785663257362d1658a729
runc version: b2567b37d7b75eb4cf325b77297b140ea686ce8f
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.60-linuxkit-aufs
Operating System: Docker for Mac
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 7.786GiB
Name: linuxkit-025000000001
ID: CFFM:EFLI:4A5K:XTPG:E27S:KXJT:26SS:ZAPE:ZAFW:3BRM:E6YK:MVAA
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 76
Goroutines: 129
System Time: 2018-02-09T14:13:44.910242335Z
EventsListeners: 3
HTTP Proxy: docker.for.mac.http.internal:3128
HTTPS Proxy: docker.for.mac.http.internal:3129
Registry: https://index.docker.io/v1/
Labels:
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Docker compose:
version: '3.4'
services:
sidekiq-1:
build: .
command: bundle exec sidekiq -c 4 -L log/sidekiq-1.log
tty: true
stdin_open: true
volumes:
- '.:/app'
environment:
- DATABASE_URL=postgres://username#postgres/database
- REDIS_URL=redis://redis:6379
sidekiq-2:
build: .
command: bundle exec sidekiq -c 4 -L log/sidekiq-2.log
tty: true
stdin_open: true
volumes:
- '.:/app'
environment:
- DATABASE_URL=postgres://username#postgres/database
- REDIS_URL=redis://redis:6379
I'm a bit lost in regards to what might be happening.
One of the things I noticed is that even though I have allocated 8 cores to docker, only 4 threads run at the same time on sidekiq and CPU usage using docker stats never goes above 80% for these 2 containers.
Any help appreciated.
Docker for Mac has known performance issues for certain workloads that are filesystem-intensive. See here and here for official info. Mounted volumes with Mac tend to be the worst. I've seen similar performance hits when mounting a mid-sized Django + node project and trying to get the runserver command to be responsive (spoiler, it isn't very in this case, too much fs overhead).
Something you can try, instead of mounting the whole app directory, mount as little as possible. Hard to say how helpful that would be not knowing what the project looks like. You should also be able to increase performance by not using a bind mount; COPY your files in via Dockerfile, then use a named volume to persist them. That puts a little bit of a damper on your development workflow, but I think it would significantly speed up the sidekiq performance.

docker run hello-world still fails, permission denied

I'm trying to run docker but it still fails. Here is what i get
root#c1170137:~# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c04b14da8d14: Extracting 974 B/974 B
docker: failed to register layer: ApplyLayer exit status 1 stdout: stderr: permission denied.
See 'docker run --help'.
kernel: 4.4.16-1-pve
i'm using debian jessie
Distributor ID: Debian
Description: Debian GNU/Linux 8.5 (jessie)
Release: 8.5
Codename: jessie
Edit:
daemon.log
http://hastebin.com/qinufacuto.coffee
docker info
root#c1177124:~# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.12.1
Storage Driver: vfs
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: host bridge null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options:
Kernel Version: 4.4.16-1-pve
Operating System: Debian GNU/Linux 8 (jessie)
OSType: linux
Architecture: x86_64
CPUs: 32
Total Memory: 2 GiB
Name: c1177124
ID: 4YUJ:OL2E:WLJC:23WJ:5HRW:LRY3:QHKC:MKXO:JDWO:VWOQ:JMWN:V52W
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
By the way, the problem could be caused by the kernel.
Thank you for any idea or solution
Use lxc.apparmor.profile: unconfined
Just put at the end of an /etc/pve/lxc/ID.conf file and restart your LXC container.
Using lxc.aa_profile: unconfined is deprecated as was renamed.
If you don't care about security or trust your docker containers:
Edit the configuration file of your lxc container on the host in /etc/pve/lxc/ID.conf by adding lxc.aa_profile: unconfined at the end of the file.
Remove apparmor: apt-get remove apparmor --purge
Iam Solved this problem with execute this command on Host:
lxc config set your-lxc-name security.nesting true
lxc config set your-lxc-name security.privileged true
I had the same error. In my case it was due to McAfee antivirus. I removed it and then pull successfully. McAffe was blocking the /etc/passwd folder and Docker could not pull images.
Here people had the same exact problem:
https://github.com/moby/moby/issues/37817

Resources