Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Container does not work on linux rootless #49

Open
Fgruntjes opened this issue May 31, 2022 · 5 comments
Open

Container does not work on linux rootless #49

Fgruntjes opened this issue May 31, 2022 · 5 comments
Assignees
@qoomon
Labels
bug help wanted

Comments

@Fgruntjes
Copy link

Fgruntjes commented May 31, 2022
edited

The container does not work on rootless docker with linux. It tries to connect to the gateway ip just fine but somehow this ip leads no where. My knowledge of slirp4netns is simply not enough to figure it out.

I have been using the DOCKER_HOST variable with the public ip of the host os as a workaround.

Daemon logs:

/user.slice/user-1000.slice/user@1000.service/app.slice/docker.service
             ├─  3114 rootlesskit --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin --copy->
             ├─  3147 /proc/self/exe --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --port-driver=builtin --co>
             ├─  3173 slirp4netns --mtu 65520 -r 3 --enable-sandbox --enable-seccomp 3147 tap0
             ├─  3181 dockerd
             ├─  3237 containerd --config /run/user/1000/docker/containerd/containerd.toml --log-level info
             ├─178725 /usr/bin/rootlesskit-docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 8025 -container-ip 172.20.0.3 -container-port 8025
             ├─178731 docker-proxy -container-ip 172.20.0.3 -container-port 8025 -host-ip 127.0.0.1 -host-port 8025 -proto tcp
             ├─178740 /usr/bin/rootlesskit-docker-proxy -proto tcp -host-ip :: -host-port 8025 -container-ip 172.20.0.3 -container-port 8025
             ├─178746 docker-proxy -container-ip 172.20.0.3 -container-port 8025 -host-ip ::1 -host-port 8025 -proto tcp

Docker info

Client:
 Context:    default
 Debug Mode: false
 Plugins:
  app: Docker App (Docker Inc., v0.9.1-beta3)
  buildx: Docker Buildx (Docker Inc., v0.8.1-docker)
  compose: Docker Compose (Docker Inc., v2.2.3)
  scan: Docker Scan (Docker Inc., v0.17.0)

Server:
 Containers: 18
  Running: 6
  Paused: 0
  Stopped: 12
 Images: 154
 Server Version: 20.10.14
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: false
  userxattr: true
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 io.containerd.runtime.v1.linux nvidia runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 3df54a852345ae127d1fa3092b95168e4a88e2f8
 runc version: v1.0.3-0-gf46b6ba
 init version: de40ad0
 Security Options:
  seccomp
   Profile: default
  rootless
  cgroupns
 Kernel Version: 5.17.5-76051705-generic
 Operating System: Pop!_OS 22.04 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 16
 Total Memory: 62.51GiB
 Name: pop-os
 ID: XXXXXXXXXXXXXXXXXXXX
 Docker Root Dir: /home/freek/.local/share/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No cpu cfs quota support
WARNING: No cpu cfs period support
WARNING: No cpu shares support
WARNING: No cpuset support
WARNING: No io.weight support
WARNING: No io.weight (per device) support
WARNING: No io.max (rbps) support
WARNING: No io.max (wbps) support
WARNING: No io.max (riops) support
WARNING: No io.max (wiops) support
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
@qoomon qoomon self-assigned this May 31, 2022
@qoomon qoomon added the bug label May 31, 2022
@qoomon
Copy link
Owner

qoomon commented May 31, 2022
edited

seems to be related to moby/moby#41904 and moby/moby#43116

I looks like there is no workaround so far 😟

@SunSDSE
Copy link

SunSDSE commented Aug 4, 2022

Better yet... Is there some documentation that would allow us to reinstall a previous build of Docker that works? My Docker Swarm is down hard since I attempted to upgrade to the latest release.

@qoomon
Copy link
Owner

qoomon commented Aug 4, 2022

Sorry I have no idea :-(

@tschallacka
Copy link

I had the same issue. The solution is thankfully relatively simple, but also involves the user needing to edit their ~/.bash_profile or ~/.bashrc file

In your ~/.bashrc or ~/.bash_profile add the following line. This is to make the bash specific value available to the docker engine.

export HOSTNAME=$HOSTNAME

Then in your docker-compose.yml add:

    environment:
      - DOCKER_HOST=${HOSTNAME}

of if you can't edit the bash file, have the execute command be

DOCKER_HOST=$HOSTNAME docker-compose up

@DmitriiMukhin
Copy link

DmitriiMukhin commented Oct 12, 2023
edited

You can use another workaround - use 'hostname' tool.

    environment:
      - DOCKER_HOST=$(hostname -f)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@qoomon qoomon

Labels
bug help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@Fgruntjes @qoomon @tschallacka @SunSDSE @DmitriiMukhin