docker-archive / docker-snap Goto Github PK

In a dockerfile if have to set the LD_LIBRARY_PATH, like:

ENV LD_LIBRARY_PATH /opt/myComponent/lib  #ignored
ENV TestVariable TestDay # visible in container

But in the started container the environment variable isn't set.
How to fix this?

The version in the stable channel is 17.06.2 whilst the version in the Ubuntu repository is 17.12.0. Please consider upgrading the snap package to match the current stable release.

docker snap is missing git binary. Is it planned to add it? Or maybe use some kind of snap extensions if there are any?

The following should work:

$ docker build -t gopass github.com/gopasspw/gopass#master
unable to prepare context: unable to find 'git': exec: "git": executable file not found in $PATH

Hi, I am having a rather annoying issue, while I was messing around in a VM I apparently disconnected through SSH. I happily did sudo snap install docker on my host machine that was running a few development containers. After noticing my mistake I uninstalled the snap package, but it was already too late.

I attempted to remove and reinstall my normal docker install but that didn't helped. Basicly docker can not remove/stop/kill/start containers because permissions issues.

Starting

ERROR: for db  Cannot start service db: mkdir /var/run/docker/libcontainerd/containerd/15cb2e0b612ac94ea3a48a16f94c045dbeb02a90867d106169022459b8576674: file exists

Stopping a new container

Cannot stop container e51a26232f662a497c2523224f811d78ab9b5786d1acff27271a32ea4f6cff59: Cannot kill container e51a26232f662a497c2523224f811d78ab9b5786d1acff27271a32ea4f6cff59: rpc error: code = 7 desc = permission denied

It wouldn't be that bad if I could get 1 container running to get the prepared data of a postgresql container.

As for the issue. It would be nice if the snap package fails to install if an older docker installation has been installed.

Thank you

Maybe there is a way to add command completion for the docker snap? In the actual stable channel i can't see a way to enable it. Thanks for your effort.

In systemd case, we usually modify the /etc/systemd/system/..../docker.service file, such as change ExecStart= line; or create/modify /etc/docker/daemon.json file, but how to do it in this docker snap setup?

I cannot save image to the file.

open .docker_temp_451333355: permission denied

If you need more information to debug the issue, please let me know in comment what else should I provide.

Running sudo docker build -t <image> . in the context of /home/$USER, but getting the following error (where $USER is the actual username):

Error checking context: 'can't stat '/home/$USER''.

Running the following Snap version:

Name        Version       Rev   Developer   Notes
docker      17.03.1-ce-1  120   docker-inc  -

Some more system details:

snap    2.24
snapd   2.24
series  16
kernel  4.4.0-1030-raspi2

Wheh the /etc/docker/daemon.json exists, docker no longer started!

I installed docker from snap, so service docker restart will not work.
I start docker with

sudo snap start docker

The output from journalctl -xe is:

Aug  20 09:08:44 user-TV kernel: aufs aufs_fill_super:912:mount[1404]: no arg
Aug  20 09:08:44 user-TV kernel: overlayfs: missing 'lowerdir'
Aug  20 08:55:29 user-TV audit[644]: AVC apparmor="DENIED" operation="open" profile="snap.docker.dockerd" name="/etc/docker/daemon.json" pid=644 comm="dockerd" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
Aug  20 08:55:29 user-TV docker.dockerd[644]: unable to configure the Docker daemon with file /etc/docker/daemon.json: open /etc/docker/daemon.json: permission denied
Aug  20 08:55:29 user-TV kernel: audit: type=1400 audit(1534726529.513:7216): apparmor="DENIED" operation="open" profile="snap.docker.dockerd" name="/etc/docker/daemon.json" pid=644 comm="dockerd" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
Aug  20 08:55:29 user-TV systemd[1]: snap.docker.dockerd.service: Main process exited, code=exited, status=1/FAILURE

Why it failed with open /etc/docker/daemon.json: permission denied in line 4 even I chmod 777 to it?

The content of the file is:

{
    "experimental": true
}

The docker version is 17.06.2-ce

Goal: setup environments for automated testing of the docker snap on amd64. Both Ubuntu 16.04 and Ubuntu Core 16 are in scope to start with.

While Ubuntu 16.04 is straight-forward to setup for testing purposes in AWS, Ubuntu Core 16 will require some additional work. It appears that Ubuntu Core AWS cloud images were deprecated prior to the Ubuntu Core 16 launch and it is unclear what the path forward is for this use case. Are people running Ubuntu Core 16 in AWS?

It's possible to run Core 16 in a VM using the official cloud image, which is what I am doing today to test with locally. In this mode, as far as I can tell, the vanilla Ubuntu Core 16 image is not configurable at first boot and requires an initial manual setup process.

I failed to get the Ubuntu Core 16 cloud image to use cloud-init, and documentation led me to believe that it was an opt-in feature for custom Core images (https://docs.ubuntu.com/core/en/guides/build-device/image-building). The custom image build process may enable us to generate a cloud-init capable VM image, but porting it to an AMI is a less clear path. This particular use case is relevant because it is possible to modify users and groups through cloud-init, which would have an impact on some of the existing Core-specific quirks.

[x] Ubuntu 16.04 on AWS
[x] Ubuntu Core 16 via qemu
[ ] Ubuntu Core 16 with cloud-init

Goal: define scope of supported devices and setup testing environments for them.

Upstream Docker Community Edition (CE) is released for amd64, armhf (v7), and s390x today with more targets being added over time. Official Debian and RPM packages are published covering the mainstream Linux distributions (https://github.com/docker/docker-ce-packaging). There are also unofficial build scripts for many more architectures. Today the docker snap is released on the following platforms where there is not an official Docker CE package: arm64, ppc64el, and i386.

Note: While snap packages can be deployed on top of traditional Linux distributions, this is considered out of scope.

Devices with "vanilla" Ubuntu Core 16 boot images:

• Raspberry Pi2, Pi3, and CM3. While these are listed with armhf architecture, there are significant differences between the Pi2 and Pi3 hardware, with their own quirks when it comes to supporting docker. It is very likely that the docker snap would require some customization at the Ubuntu Core image maintenance layer to be fully functional. For example, newer versions of docker tend to depend on newer Linux kernel features to function properly which may not be available in the vanilla Core 16 images on these platforms. These are unknown unknowns (to me) at this point. There are also community efforts to provide custom boot images with Docker CE pre-installed. At the time of writing, I couldn't find one with Docker CE 17.06.
• Intel Joule. These amd64 devices were recently discontinued, hence out of scope.
• DragonBoard 410c. These have similar hardware to Pi3, but the Core boot image ships a 64 bit arm64 stack. Supporting arm64 is a goal for Docker, but the upstream CE release is not available yet, hence it should not be considered supported.
• Intel NUC. These are basically amd64 desktop PCs, so the test coverage on amd64 virtual machines should apply.
• Samusing Artik 5 & 10. These are both 32-bit only armhf devices. The Artik 10 had a short run of less than a year and was recently discontinued, being replaced by the Artik 7 which has a more powerful 64-bit processor. The Artik 5 is in the same class as Pi2, so the same caveats apply.
• Generic i386. This could likely run in a VM similarly to the recommended amd64 cloud image, and also will be generic enough to not require additional device-specific testing. Upstream Docker CE does not publish packages for i386, so this should not be supported by the snap.

Other devices:

• Devices running Ubuntu Core 15 and prior -- out of scope due to deprecation.
• Today the docker snap ships for ppc64el, but this architecture is not available in upstream Docker CE and there are no Ubuntu Core boot images to test against. It is not possible to validate this environment without both IBM hardware and a corresponding Ubuntu Core 16 boot image. Until then, we should not support this architecture in the docker snap. Note: Work towards a Docker Enterprise Edition (EE) release for ppc64el is underway, though I don't have a status on a corresponding CE packages.
• Docker CE ships s390x packages, but has the same basic issues as ppc64el.
• Dell is shipping "certified" devices with Ubuntu Core pre-installed (https://certification.ubuntu.com/iot/models/?release=Core%2016&category=Ubuntu%20Core). These appear to be amd64 hardware, but it is unclear if there are any quirks to how these devices are configured that would necessitate further validation.

Hi, I'm using docker to run some GUI apps, such as Chrome or QQ (an IM app), for better isolation, my command is:

    docker run -d --name qq \
        --device /dev/snd \
        -v /tmp/.X11-unix:/tmp/.X11-unix \
        -v $HOME/TencentFiles:/TencentFiles \
        -e DISPLAY=unix$DISPLAY \
        -e XMODIFIERS=@im=$IM \
        -e QT_IM_MODULE=$IM \
        -e GTK_IM_MODULE=$IM \
        -e AUDIO_GID=`getent group audio | cut -d: -f3` \
        -e VIDEO_GID=`getent group video | cut -d: -f3` \
        -e GID=$GID \
        -e UID=$UID \
        bestwu/qq:office

I used this command on docker-ce installed from official apt source, and it works fine. However, when I tried the docker-snap, it's not working anymore. The container is running, however, the app doesn't show on the screen.

I guess the reason is because of the confinement of snap, right? so the /dev/ and /tmp is not accessible from the snap's container:

        --device /dev/snd \
        -v /tmp/.X11-unix:/tmp/.X11-unix \

Then, is there a way to I walkaround the limitation? Thanks

Using docker as installed by the docker snap requires sudo. My expectation is that normal users could use docker without needing sudo. This is the case for both the stable and edge versions of the docker snap.

Here's what I found while using the docker snap from --edge:

fginther@docker-snap-test:~$ sudo snap install --edge docker
docker (edge) 1.13.1-0 from 'docker-inc' installed
fginther@docker-snap-test:~$ snap list
Name    Version   Rev   Developer   Notes
core    16-2      1577  canonical   -
docker  1.13.1-0  84    docker-inc  -

Running docker commands requires sudo to connect to the daemon socket:

fginther@docker-snap-test:~$ docker version
Client:
 Version:      1.13.1
 API version:  1.26
 Go version:   go1.7.4
 Git commit:   -snap-899f8a8
 Built:        Tue Apr 11 12:44:12 2017
 OS/Arch:      linux/amd64
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.26/version: dial unix /var/run/docker.sock: connect: permission denied
fginther@docker-snap-test:~$ docker run hello-world
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.
fginther@docker-snap-test:~$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
78445dd45222: Pull complete 
Digest: sha256:c5515758d4c5e1e838e9cd307f6c6a0d620b5e07e6f927b07d05f6d12a1ac8d7
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://cloud.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

Looking at the permissions of the socket indicated in the error message, /var/run/docker.sock:

fginther@docker-snap-test:~$ ls -l /var/run/docker.sock
srw-rw---- 1 root root 0 Apr 18 12:46 /var/run/docker.sock

Changing the permissions on this socket is enough to allow non-sudo use:

fginther@docker-snap-test:~$ sudo chmod 666 /var/run/docker.sock
fginther@docker-snap-test:~$ ls -l /var/run/docker.sock
srw-rw-rw- 1 root root 0 Apr 18 12:46 /var/run/docker.sock
fginther@docker-snap-test:~$ docker run hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://cloud.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/engine/userguide/

The issue has been previously submitted here:
linuxserver/docker-tautulli#44
but submitter solved it by uninstalling the snap package (which doesn't solve the issue)

today I also run into the same problem using snap package.

Works fine with docker ubuntu artful repo.
Doesn't work if I use snap package.
Please look into this and make them compatible.

We had a customer feedback that it failed to execute docker stop

ubuntu@xenial:~$ docker stop test Error response from daemon: Cannot stop container test: Cannot kill container 44b41739970db05a70a203565b8de4101769aed08121fe0e5a1a816c6efc4572: rpc error: code = 7 desc = permission denied
The full log can be found here.
https://gist.github.com/psftw/15a05d2abc6a757397bb85eac7b72f46

According to The bug reporter's comment
He can reproduce this issue on two different test environments. The common factor across these two that blew up were that they had previously installed docker-ce(docker.io or docker-engine, whatever).
So basically, it's apparmor denied error. This default profile(docker-default) is loaded from deb package installed previously instead of snap inside.
http://paste.ubuntu.com/24596743/

Even if the docker-ce is removed, we probably can still produce this issue as the default profile is loaded in cache by apparmor.

Essentially, docker deb and docker snap don't co-exist. The easy way to fix it manually is to

1. remove docker-ce deb package
2. disable the profile(or a system reboot).
   Then this issue gone away. Meanwhile, we need to provide a way for docker-snap to configure the default profile name to avoid profile conflict.

Note: People only run into this situation when they have both docker deb package and snap package installed on their OS. Hence this issue only exists on Classic as on Ubuntu Core 16 it does not support apt-get or deb packages.

I run a simple set of containers and periodically my instance will fall over.

It's happened three times over the month or so that I've been running docker. The error message I get from snap logs is something like this:

2018-10-04T02:13:28Z docker.dockerd[25141]: time="2018-10-04T02:13:28.412812912Z" level=debug msg="libcontainerd: containerd health check returned error: rpc error: code = 14 desc = grpc: the connection is unavailable"

From my searching, it looks like it's happened to a bunch of people.

A reboot of the computer and a restart of the service does not fix the problem. Each time I've had to remove and reinstall the snap.

The containers I'm running, for reference, are:

• portainer/portainer
• coppit/no-ip
• jacobalberty/unifi:stable
• pducharme/unifi-video-controller

Hi there,
I followed the guide step by step on using docker for the first time on ubuntu core 16
But I came across with this message every time i try to run the containers from the yml

docker.compose up

It gives me ERROR: Couldn't connect to Docker daemon - you might need to run docker-machine start default.

While

sudo docker.compose up

It gives me ERROR: .IOError: [Errno 13] Permission denied: u'./docker-compose.yml'

When running the automated tests, I noticed the following test case failed.

#!/bin/sh
set -e
yml=$(cat <<EOF
  test:
    image: ubuntu
    command: bash
    tty: true
EOF
)
echo "$yml" | docker.compose -f - up -d

Output:

Traceback (most recent call last):
  File "/snap/docker/102/bin/docker-compose", line 11, in <module>
    load_entry_point('docker-compose==1.12.0', 'console_scripts', 'docker-compose')()
  File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/main.py", line 67, in main
    command()
  File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/main.py", line 114, in perform_command
    project = project_from_options('.', options)
  File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/command.py", line 37, in project_from_options
    override_dir=options.get('--project-directory'),
  File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/command.py", line 84, in get_project
    config_details = config.find(project_dir, config_path, environment, override_dir)
  File "/snap/docker/102/lib/python2.7/site-packages/compose/config/config.py", line 240, in find
    os.path.abspath(override_dir),
  File "/snap/docker/102/usr/lib/python2.7/posixpath.py", line 360, in abspath
    if not isabs(path):
  File "/snap/docker/102/usr/lib/python2.7/posixpath.py", line 54, in isabs
    return s.startswith('/')
AttributeError: 'NoneType' object has no attribute 'startswith'

Piping a docker-compose.yaml from stdin to docker.compose doesn't work in 1.12.0 which is the one we're using for docker_17.03.1-ce-1 snapping. It's officially fixed in 1.13.0.
We need to use the latest docker compose to create the next docker snap once the upcoming quarterly release of docker(17.06-ce) is out.

When will the new versions of CE docker in SNAP be available?
for example 18.05.0-ce or higher

https://github.com/docker/docker-ce/releases

👍 😄 😃

I've no idea if this is an issue with the docker snap or the docker image that I'm trying to use, but I'll ask here first. I'm trying to use container expert360/elasticmq. When I run:

docker run -p 9324:9324 expert360/elasticmq

I get this error:

me@moo:~$ docker run -p 9324:9324 expert360/elasticmq
java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory

I don't get this error when docker has been installed using apt. According to the Docker file the docker does use Java https://github.com/expert360/docker-elasticmq/blob/master/Dockerfile but I don't understand why a Java error is being surfaced outside of the container.

I'm on elementaryOS Juno (18.04) but I also tried on Loki and vanilla Ubuntu 18.04 and the error occurs on all three.

Any ideas?

Hi there,

Posted recently about and issue then trying to run docker. #26 After successfully having made my defined containers to run for the first time, it took some time after one of the 2 containers crashed and had to make the sudo docker.compose up once again. But in this occasion an error just keeps coming up every time I'm trying to execute the command:

Cannot start service db: grpc: the connection is unavailable

Being db a service defined on my docker.compose.yml with a connected volume

  db:
    image: mangoraft/mongodb-arm
    command: mongod --smallfiles
    ports:
      - "27017:27017"
    volumes:
      - ./data:/data/db

What I've tried so far:

• Restart the docker snap service
• Tried to update the service
• Removed the /data volume generated by the container

Nothing seems to work.

Thanks beforehand

Given the recent deprecation notice, I feel it would be a good idea to include recommended installation instructions of docker that users should use instead of Snap.

Hello,

First thanks for taking the time to create a snap for docker.
I am using this snap package for a few weeks now and everything was perfect. However today I wanted to play with docker.machine locally and I therefore looked at the docker documentation.
I installed virtualbox on my machine, and then I ran

$ docker.machine create -d virtualbox default

And I got the following error:

Error with pre-create check: "VBoxManage not found. 
Make sure VirtualBox is installed and VBoxManage is in the path"

The problem is, VBoxManage is in my path, however I think that due to the strict confinement policy the snap cannot access this binary (and I guess there is no interfaces created yet for it).

Am I missing something or is it currently not supported?

Steps to reproduce

• Install virtualbox
• Install docker snap
• Try to create a machine using: docker.machine create -d virtualbox default

System info:

Infos:

• snap 2.35.2
• snapd 2.35.2
• series 16
• linuxmint 19
• kernel 4.15.0-36-generic
• docker snap version : beta - 18.06.1-ce (321)