docker-rockylinux8-ansible icon indicating copy to clipboard operation
docker-rockylinux8-ansible copied to clipboard

Published 20 hours ago verified publisher icon geerlingguy

Removing cgroup mount

Open Lileso opened this issue 2 years ago • 4 comments

With newer versions of containerd mounting cgroup seems to cause the error: Failed to connect to bus: No such file or directory After removing this mount I was able to use systemd inside of my container

Tested on:

system containerd version docker version
Kubuntu 22.04 containerd.io: 1.6.7-1 docker-ce: 5:20.10.17 (with root)

command run:

docker run --privileged docker-rockylinux8-ansible:latest

molecule yml

platforms:
  - name: test-one
    image: docker-rockylinux8-ansible
    command: ${MOLECULE_DOCKER_COMMAND: - ""}
    privileged: true
    pre_build_image: true

Lileso avatar Aug 19 '22 10:08 Lileso

Interesting, I normally run this on Ubuntu 20.04 or on macOS with Docker Desktop and haven't had the issue, so I'm wondering if this change would break anything in those older environments.

geerlingguy avatar Aug 19 '22 19:08 geerlingguy

That's a good point!

Unfortunately I don't have anything less than 22.04 currently setup for testing. I'll try and get something setup on Sunday and will let you know

Lileso avatar Aug 19 '22 19:08 Lileso

Hi @geerlingguy

System containerd version docker version
Ubuntu 20.04 1.6.7 5:20.10.17

I created a Ubuntu 20.04 VM and did a bit of testing, First I attempted to run my fork of the docker image (sudo docker run -d --name geerling-test docker-rockylinux8-ansible: image This produced the error "Failed to connect to bus: Host is down" like I had previously seen with Kubuntu 22.04 which removing the mount had fixed.

For my next test I ran the same forked docker image but this time it was with the volume mounted in the command line (sudo docker run -d --name geerling-test --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro docker-rockylinux8-ansible): image This again produced the same error "Failed to connect to bus: Host is down"

And last test was the the latest image that you've made (sudo docker run -d --name geerling-test --volume=/sys/fs/cgroup:/sys/fs/cgroup:ro geerlingguy/docker-rockylinux8-ansible:latest): image Which also produced this error again.

Obviously I've got something wrong with my VM but I'm struggling to see more. If you get a chance could you please find out what your current docker and containerd versions are so that I can test against those?

Lileso avatar Aug 21 '22 15:08 Lileso

@Lileso

If you are using molecule, try the following: Make sure you have molecule-docker v2.1.0 installed and set cgroupns_mode: host and the volume to /sys/fs/cgroup:/sys/fs/cgroup:rw:

platforms:
  - name: instance
    image: "geerlingguy/docker-${MOLECULE_DISTRO:-rockylinux8}-ansible:latest"
    command: ${MOLECULE_DOCKER_COMMAND:-""}
    volumes:
      - /sys/fs/cgroup:/sys/fs/cgroup:rw
    cgroupns_mode: host
    privileged: true
    pre_build_image: true

I had the same error with Docker Desktop 4.12.0 until I made these changes.

kevincoakley avatar Oct 18 '22 20:10 kevincoakley