docker-root-xhyve
docker-root-xhyve copied to clipboard
ailispaw
Upgrading Docker?
I probably am not understanding something, but how do you upgrade Docker itself?
Since I saw https://github.com/ailispaw/docker-root/pull/29/commits (I know that commit is from docker-root and not docker-root-xhyve) I thought that it might be already done when doing a make upgrade.
After doing this the docker-root version upgraded from 1.2.11 to 1.3.10 but Docker is still at 1.9.1.
DockerRoot has Docker v1.9.1 as default, but you can switch between Docker versions as you like. Cf. ) https://github.com/ailispaw/docker-root#features
[docker@docker-root ~]$ sudo /etc/init.d/docker restart latest
Sorry didn't see that, worked great with the exception that appears that containers don't come back working from a reboot.
@if-kenn What kind of containers don't come back? docker-root-xhyve has changed from v1.2.11 to v1.3.10 and DockerRoot has changed as well. And also there is a big difference between Docker v1.9.1 and v1.11.0.
Note: make upgrade updates only docker-root.iso, but docker-root-data.img.
You may need to update docker-root-data.img, too.
Sorry for the inconvenience.
https://github.com/ailispaw/docker-root-xhyve/issues/6#issuecomment-155240883 It's time to consider Case 3.
The latest /var/lib/docker-root/start.sh is;
[docker@docker-root ~]$ cat /var/lib/docker-root/start.sh
#!/bin/sh
NFS_ROOT=$(cat /proc/cmdline | sed -n 's/^.*docker-root.nfsroot="\([^"]\+\)".*$/\1/p')
SHARED_FOLDER=$(cat /proc/cmdline | sed -n 's/^.*docker-root.shared_folder="\([^"]\+\)".*$/\1/p')
: ${SHARED_FOLDER:="${NFS_ROOT}"}
VIRTFS_UNAME=$(cat /proc/cmdline | sed -n 's/^.*docker-root.virtfs_uname=\([^ ]\+\).*$/\1/p')
GW_IP=$(ip route get 8.8.8.8 | awk 'NR==1 {print $3}')
if [ -n "${SHARED_FOLDER}" ]; then
MOUNT_POINT=${SHARED_FOLDER}
if mountpoint -q "${MOUNT_POINT}"; then
umount "${MOUNT_POINT}"
fi
mkdir -p "${MOUNT_POINT}"
if [ -n "${VIRTFS_UNAME}" ]; then
mount -t 9p -o version=9p2000,trans=virtio,access=any,uname=${VIRTFS_UNAME},dfltuid=$(id -u docker),dfltgid=$(id -g docker) host "${MOUNT_POINT}"
fi
if ! mountpoint -q "${MOUNT_POINT}"; then
if [ -n "${GW_IP}" ]; then
mount "${GW_IP}:${MOUNT_POINT}" "${MOUNT_POINT}" -o rw,async,noatime,rsize=32768,wsize=32768,nolock,vers=3,udp,actimeo=1
fi
fi
fi
if ! grep -q sntp /etc/cron/crontabs/root; then
if [ -n "${GW_IP}" ]; then
echo '*/5 * * * * /usr/bin/sntp -4sSc' "${GW_IP}" >> /etc/cron/crontabs/root
fi
fi
@if-kenn I add some instructions to upgrade start.sh in the docker-root-data.img.
This will fix some errors related to volumes on migration, but others might be caused by Docker.
Thanks.
Note: Don't use --restart=always with NFS mount volume in -v option, because NFS mount may start after Docker daemon runs in parallel.
Any idea why the contents of /var/lib/docker-root/start.sh after make upgrade is:
#!/bin/sh
NFS_ROOT=$(cat /proc/cmdline | sed -n 's/^.*docker-root.nfsroot="\([^"]\+\)".*$/\1/p')
: ${NFS_ROOT:="/Users"}
MOUNT_POINT=${NFS_ROOT}
GW_IP=$(ip route get 8.8.8.8 | awk 'NR==1 {print $3}')
if [ -n "${GW_IP}" ]; then
mkdir -p "${MOUNT_POINT}"
umount "${MOUNT_POINT}"
mount "${GW_IP}:${NFS_ROOT}" "${MOUNT_POINT}" -o rw,async,noatime,rsize=32768,wsize=32768,nolock,vers=3
fi
That's docker-root-data.img v1.1.2 which came with docker-root-xhyve v1.2.11. https://github.com/ailispaw/docker-root-xhyve/releases/tag/v1.1.2
So you have not updated docker-root-data.img util now,
because make upgrade doesn't update the data volume.
I updated the instruction for upgrade. https://github.com/ailispaw/docker-root-xhyve#upgrading-dockerroot
Sorry for this inconvenience.
Trying to figure out why my Mac is no longer allowing docker to mount via NFS. Explicitly running this in Docker Root:
mount 192.168.64.1:/Users/kenn /Users/kenn -o rw,async,noatime,rsize=32768,wsize=32768,nolock,vers=3,udp,actimeo=1
I get:
mount: mounting 192.168.64.1:/Users/kenn on /Users/kenn failed: Connection timed out
Just followed the upgrade instructions exactly again and then make halt and make up. Still no luck. Here is the contents /etc/exports:
"/Users/kenn" -network 192.168.64.0 -mask 255.255.255.0 -alldirs -mapall=501:20
[docker@docker-root ~]$ ls -l /var/lib/docker-root/start.sh
-rwxr-xr-x 1 root root 1127 Apr 22 00:16 /var/lib/docker-root/start.sh*
[docker@docker-root ~]$ md5sum /var/lib/docker-root/start.sh
a88917a05c47121610edc41e484f7937 /var/lib/docker-root/start.sh
Hmm. That looks good... Do you use any security preference in Mac OSX? And nfsd in your Mac OSX is running?
On Mac the firewall is off, and:
sudo /sbin/nfsd status
nfsd service is enabled
nfsd is running (pid 1781, 8 threads)
On Docker Root:
[docker@docker-root ~]$ sudo /var/lib/docker-root/start.sh
mount: mounting 192.168.64.1:/Users/kenn on /Users/kenn failed: Connection timed out
Please remove ,udp,actimeo=1 at the mount line in start.sh.
I'm still investigating.
I can mount it in both cases (with/without ,udp,actimeo=1), but it might be a workaround for you.
If you are interested in virtfs like new Docker for Mac,
you can try a patched version of xhyve and the virtfs branch without NFS.
https://github.com/ailispaw/docker-root-xhyve/tree/virtfs
https://github.com/ailispaw/docker-root-xhyve/tree/virtfs#installing-xhyve
https://github.com/ailispaw/docker-root-xhyve/tree/virtfs#setting-up-dockerroot-images-and-tools
Things are looking like they are working now and I have my whole stack back.
I think there are 2 things at play here:
-
Junos Pulse(VPN software application) might be getting in the way ofnfsdrunning properly -
,udp,actimeo=1is getting in the way of mounting
Thank you. We might add into our stack utils some "in your face" messaging like checking for Junos Pulse running with a UI dialog box (liberally taken from http://apple.stackexchange.com/questions/82432/applescript-dialog-bash-alias-function):
dialog() {
osascript -e 'on run args
try
tell app "SystemUIServer" to display dialog (item 1 of args)
end
activate app (path to frontmost application as text)
end' "$1"
}
It's still unstable here without Junos Pulse. I think it depends on ,udp,actimeo=1 only.
I'm investigating it is caused by udp, actimeo=1 or both.
From my experience, when Junos Pulse was running, it did not seem to work well with sudo nfsd stop and sudo nfsd start on the Mac side. the mount was effecting on the DockerRoot side.
I discovered this since I was trying to NFS mount my Mac on itself without xhyve/DockerRoot running at all. It would get in a weird state where it would say it was running, but timeout on the mount. I could then run Junos Pulse afterwards without issue. I am not a fan of what a lot of common VPN software does...
Not to mention that just taking out the ,udp,actimeo=1 by itself did not fix things for me.
I see. It's an another problem not related to xhyve/DockerRoot , isn't it?
One more strange here. Once it is successful without ,udp,actimeo=1, it's successful with them for a while as well. Then after a while, the problem happens again.
Yes, external but effecting proper running of xhyve/DockerRoot. It also made it much harder to find the ,udp,actimeo=1 issue!
It seems caused by udp, not actimeo=1.
That's good, because we need actimeo=1 for proper syncing between host and VM.
@if-kenn OK. I will put your workaround/warning about Junos Pulse in README or Wiki.
Please make some statement about it and open a PR.
And also I will revert mount options as well. Thanks.
Update start.sh and released the data image v2.1.2.
https://github.com/ailispaw/docker-root-xhyve/releases/tag/v2.1.2