[meta-virtualization] RFT/FYI: docker/containerd/runc uprevs pushed to master

Bruce Ashfield bruce.ashfield at gmail.com
Wed Apr 4 05:27:22 PDT 2018 

On Wed, Apr 4, 2018 at 12:57 AM, Shakthi Pradeep (tpradeep)
<tpradeep at cisco.com> wrote:
> Hello Bruce,
>
>
>
> Timing is Perfect !!!
>
>
>
> I am currently trying to get Docker CE to work with Yocto. I could include
> the Docker executable in ISO but when I run it I get some errors.
>
>
>
> When I boot the image looks like Docker service start is failing due to
> missing kernel modules. Please refer attached screenshot and below error
> log.

Do you have a bbappend for your 4.8 kernel that adds the docker configuration
fragments ?

That's the most likely reason for the issues.

I was able to run a whole suite of tests against 4.12, 4.14 and 4.15 so those
kernels + fragments are known to work.

Bruce

>
>
>
> * docker.service - Docker Application Container Engine
>
>    Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor
> preset: enabled)
>
>    Active: failed (Result: exit-code) since Tue 2018-04-03 13:17:51 UTC;
> 17min ago
>
>      Docs: https://docs.docker.com
>
>   Process: 317 ExecStart=/usr/bin/dockerd -H fd:// (code=exited,
> status=1/FAILURE)
>
> Main PID: 317 (code=exited, status=1/FAILURE)
>
>
>
> Apr 03 13:17:51 intel-x86-64 dockerd[317]:
> time="2018-04-03T13:17:51.035178755Z" level=warning msg="Running modprobe
> xt_conntrack failed with message: `modprobe: WARNING: Module xt_conntrack
> not found in directory /lib/modules/4.8.24-WR9.0.0.10_standard`, error: exit
> status 1"
>
> Apr 03 13:17:51 intel-x86-64 dockerd[317]:
> time="2018-04-03T13:17:51.040727372Z" level=info msg="Firewalld running:
> false"
>
> Apr 03 13:17:51 intel-x86-64 dockerd[317]:
> time="2018-04-03T13:17:51.170575344Z" level=warning msg="Could not load
> necessary modules for IPSEC rules: Running modprobe xfrm_user failed with
> message: `modprobe: WARNING: Module xfrm_user not found in directory
> /lib/modules/4.8.24-WR9.0.0.10_standard`, error: exit status 1"
>
> Apr 03 13:17:51 intel-x86-64 dockerd[317]:
> time="2018-04-03T13:17:51.172397913Z" level=info msg="Default bridge
> (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip
> can be used to set a preferred IP address"
>
> Apr 03 13:17:51 intel-x86-64 dockerd[317]: Error starting daemon: Error
> initializing network controller: Error creating default "bridge" network:
> Failed to Setup IP tables: Unable to enable ACCEPT INCOMING rule:  (iptables
> failed: iptables --wait -I FORWARD -o docker0 -m conntrack --ctstate
> RELATED,ESTABLISHED -j ACCEPT: iptables: No chain/target/match by that name.
>
> Apr 03 13:17:51 intel-x86-64 dockerd[317]:  (exit status 1))
>
> Apr 03 13:17:51 intel-x86-64 systemd[1]: docker.service: Main process
> exited, code=exited, status=1/FAILURE
>
> Apr 03 13:17:51 intel-x86-64 systemd[1]: Failed to start Docker Application
> Container Engine.
>
> Apr 03 13:17:51 intel-x86-64 systemd[1]: docker.service: Unit entered failed
> state.
>
> Apr 03 13:17:51 intel-x86-64 systemd[1]: docker.service: Failed with result
> 'exit-code'.
>
>
>
> Regards,
>
> Shakthi
>
>
>
> -----Original Message-----
> From: meta-virtualization-bounces at yoctoproject.org
> [mailto:meta-virtualization-bounces at yoctoproject.org] On Behalf Of Bruce
> Ashfield
> Sent: Wednesday, April 04, 2018 8:44 AM
> To: meta-virtualization at yoctoproject.org
> Subject: [meta-virtualization] RFT/FYI: docker/containerd/runc uprevs pushed
> to master
>
>
>
> Hi all,
>
>
>
> After spending a few days de-tangling the moby/docker/runc/containerd and
> oe-core go infrastructure changes, I was able to run docker/runc/containerd
> through a system/stress test and everything seems to be working.
>
>
>
> There were a few regressions that I worked through, as well as
> build/packaging changes, but I'm no longer seeing any issues and all the
> patches/functionality have been carried forward.
>
>
>
> One thing of note is that the docker and open containers containerd
> split/fork is no longer an issue, so I've modified the default to be the
> opencontainers variant. Similarly, the docker and opencontainers runc are
> very similar. I've kept both variants of both recipes for now, since I'd
> like to track things for a bit longer before declaring the split
> unnecessary.
>
>
>
> Also for those that care, I created a reference docker-ce recipe that tracks
> the docker-ce repo versus the components themselves.  Right now it is
> reference only, since it needs a bit more work, but I wanted to get it out
> there, in case someone really cares about docker-ce (I don't really, but
> someone might!).
>
>
>
> Summary: I just pushed the following changes to master:
>
>
>
>   d7d310ae4113 meta-virt: prefer containerd-opencontainers
>
>   935e3d969ef1 containerd: uprev to v1.0.2
>
>   f5fbfa8ac4db docker-ce: introduce reference recipe/build
>
>   a5074cecf18f docker: uprev to 18.03.0
>
>   e3d960f4fcd9 runc: uprev to 1.0.0-rc5
>
>
>
> If anyone sees regressions, build or architecture issues .. report them to
> me (and the list) and we'll get them fixed up.
>
>
>
> Cheers,
>
>
>
> Bruce
>
>
>
> --
>
> "Thou shalt not follow the NULL pointer, for chaos and madness await thee at
> its end"
>
> --
>
> _______________________________________________
>
> meta-virtualization mailing list
>
> meta-virtualization at yoctoproject.org
>
> https://lists.yoctoproject.org/listinfo/meta-virtualization



-- 
"Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end"

More information about the meta-virtualization mailing list