docker-archive / docker-snap Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
In a dockerfile if have to set the LD_LIBRARY_PATH, like:
ENV LD_LIBRARY_PATH /opt/myComponent/lib #ignored
ENV TestVariable TestDay # visible in container
But in the started container the environment variable isn't set.
How to fix this?
The version in the stable
channel is 17.06.2
whilst the version in the Ubuntu repository is 17.12.0
. Please consider upgrading the snap package to match the current stable release.
docker snap is missing git binary. Is it planned to add it? Or maybe use some kind of snap extensions if there are any?
The following should work:
$ docker build -t gopass github.com/gopasspw/gopass#master
unable to prepare context: unable to find 'git': exec: "git": executable file not found in $PATH
Hi, I am having a rather annoying issue, while I was messing around in a VM I apparently disconnected through SSH. I happily did sudo snap install docker
on my host machine that was running a few development containers. After noticing my mistake I uninstalled the snap package, but it was already too late.
I attempted to remove and reinstall my normal docker install but that didn't helped. Basicly docker can not remove/stop/kill/start containers because permissions issues.
Starting
ERROR: for db Cannot start service db: mkdir /var/run/docker/libcontainerd/containerd/15cb2e0b612ac94ea3a48a16f94c045dbeb02a90867d106169022459b8576674: file exists
Stopping a new container
Cannot stop container e51a26232f662a497c2523224f811d78ab9b5786d1acff27271a32ea4f6cff59: Cannot kill container e51a26232f662a497c2523224f811d78ab9b5786d1acff27271a32ea4f6cff59: rpc error: code = 7 desc = permission denied
It wouldn't be that bad if I could get 1 container running to get the prepared data of a postgresql container.
As for the issue. It would be nice if the snap package fails to install if an older docker installation has been installed.
Thank you
Maybe there is a way to add command completion for the docker snap? In the actual stable channel i can't see a way to enable it. Thanks for your effort.
In systemd case, we usually modify the /etc/systemd/system/..../docker.service
file, such as change ExecStart=
line; or create/modify /etc/docker/daemon.json
file, but how to do it in this docker snap setup?
I cannot save image to the file.
open .docker_temp_451333355: permission denied
If you need more information to debug the issue, please let me know in comment what else should I provide.
Running sudo docker build -t <image> .
in the context of /home/$USER
, but getting the following error (where $USER
is the actual username):
Error checking context: 'can't stat '/home/$USER''.
Running the following Snap version:
Name Version Rev Developer Notes
docker 17.03.1-ce-1 120 docker-inc -
Some more system details:
snap 2.24
snapd 2.24
series 16
kernel 4.4.0-1030-raspi2
Wheh the /etc/docker/daemon.json exists, docker no longer started!
I installed docker from snap, so service docker restart will not work.
I start docker with
sudo snap start docker
The output from journalctl -xe is:
Aug 20 09:08:44 user-TV kernel: aufs aufs_fill_super:912:mount[1404]: no arg
Aug 20 09:08:44 user-TV kernel: overlayfs: missing 'lowerdir'
Aug 20 08:55:29 user-TV audit[644]: AVC apparmor="DENIED" operation="open" profile="snap.docker.dockerd" name="/etc/docker/daemon.json" pid=644 comm="dockerd" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
Aug 20 08:55:29 user-TV docker.dockerd[644]: unable to configure the Docker daemon with file /etc/docker/daemon.json: open /etc/docker/daemon.json: permission denied
Aug 20 08:55:29 user-TV kernel: audit: type=1400 audit(1534726529.513:7216): apparmor="DENIED" operation="open" profile="snap.docker.dockerd" name="/etc/docker/daemon.json" pid=644 comm="dockerd" requested_mask="r" denied_mask="r" fsuid=0 ouid=1000
Aug 20 08:55:29 user-TV systemd[1]: snap.docker.dockerd.service: Main process exited, code=exited, status=1/FAILURE
Why it failed with open /etc/docker/daemon.json: permission denied in line 4 even I chmod 777 to it?
The content of the file is:
{
"experimental": true
}
The docker version is 17.06.2-ce
Goal: setup environments for automated testing of the docker snap on amd64
. Both Ubuntu 16.04 and Ubuntu Core 16 are in scope to start with.
While Ubuntu 16.04 is straight-forward to setup for testing purposes in AWS, Ubuntu Core 16 will require some additional work. It appears that Ubuntu Core AWS cloud images were deprecated prior to the Ubuntu Core 16 launch and it is unclear what the path forward is for this use case. Are people running Ubuntu Core 16 in AWS?
It's possible to run Core 16 in a VM using the official cloud image, which is what I am doing today to test with locally. In this mode, as far as I can tell, the vanilla Ubuntu Core 16 image is not configurable at first boot and requires an initial manual setup process.
I failed to get the Ubuntu Core 16 cloud image to use cloud-init, and documentation led me to believe that it was an opt-in feature for custom Core images (https://docs.ubuntu.com/core/en/guides/build-device/image-building). The custom image build process may enable us to generate a cloud-init capable VM image, but porting it to an AMI is a less clear path. This particular use case is relevant because it is possible to modify users and groups through cloud-init, which would have an impact on some of the existing Core-specific quirks.
[x] Ubuntu 16.04 on AWS
[x] Ubuntu Core 16 via qemu
[ ] Ubuntu Core 16 with cloud-init
Goal: define scope of supported devices and setup testing environments for them.
Upstream Docker Community Edition (CE) is released for amd64
, armhf
(v7), and s390x
today with more targets being added over time. Official Debian and RPM packages are published covering the mainstream Linux distributions (https://github.com/docker/docker-ce-packaging). There are also unofficial build scripts for many more architectures. Today the docker snap is released on the following platforms where there is not an official Docker CE package: arm64
, ppc64el
, and i386
.
Note: While snap packages can be deployed on top of traditional Linux distributions, this is considered out of scope.
Devices with "vanilla" Ubuntu Core 16 boot images:
armhf
architecture, there are significant differences between the Pi2 and Pi3 hardware, with their own quirks when it comes to supporting docker. It is very likely that the docker snap would require some customization at the Ubuntu Core image maintenance layer to be fully functional. For example, newer versions of docker tend to depend on newer Linux kernel features to function properly which may not be available in the vanilla Core 16 images on these platforms. These are unknown unknowns (to me) at this point. There are also community efforts to provide custom boot images with Docker CE pre-installed. At the time of writing, I couldn't find one with Docker CE 17.06.amd64
devices were recently discontinued, hence out of scope.arm64
stack. Supporting arm64
is a goal for Docker, but the upstream CE release is not available yet, hence it should not be considered supported.amd64
desktop PCs, so the test coverage on amd64
virtual machines should apply.armhf
devices. The Artik 10 had a short run of less than a year and was recently discontinued, being replaced by the Artik 7 which has a more powerful 64-bit processor. The Artik 5 is in the same class as Pi2, so the same caveats apply.i386
. This could likely run in a VM similarly to the recommended amd64
cloud image, and also will be generic enough to not require additional device-specific testing. Upstream Docker CE does not publish packages for i386
, so this should not be supported by the snap.Other devices:
ppc64el
, but this architecture is not available in upstream Docker CE and there are no Ubuntu Core boot images to test against. It is not possible to validate this environment without both IBM hardware and a corresponding Ubuntu Core 16 boot image. Until then, we should not support this architecture in the docker snap. Note: Work towards a Docker Enterprise Edition (EE) release for ppc64el
is underway, though I don't have a status on a corresponding CE packages.s390x
packages, but has the same basic issues as ppc64el
.amd64
hardware, but it is unclear if there are any quirks to how these devices are configured that would necessitate further validation.Hi, I'm using docker to run some GUI apps, such as Chrome or QQ (an IM app), for better isolation, my command is:
docker run -d --name qq \
--device /dev/snd \
-v /tmp/.X11-unix:/tmp/.X11-unix \
-v $HOME/TencentFiles:/TencentFiles \
-e DISPLAY=unix$DISPLAY \
-e XMODIFIERS=@im=$IM \
-e QT_IM_MODULE=$IM \
-e GTK_IM_MODULE=$IM \
-e AUDIO_GID=`getent group audio | cut -d: -f3` \
-e VIDEO_GID=`getent group video | cut -d: -f3` \
-e GID=$GID \
-e UID=$UID \
bestwu/qq:office
I used this command on docker-ce installed from official apt source, and it works fine. However, when I tried the docker-snap, it's not working anymore. The container is running, however, the app doesn't show on the screen.
I guess the reason is because of the confinement of snap, right? so the /dev/
and /tmp
is not accessible from the snap's container:
--device /dev/snd \
-v /tmp/.X11-unix:/tmp/.X11-unix \
Then, is there a way to I walkaround the limitation? Thanks
Using docker as installed by the docker snap requires sudo. My expectation is that normal users could use docker without needing sudo. This is the case for both the stable and edge versions of the docker snap.
Here's what I found while using the docker snap from --edge
:
fginther@docker-snap-test:~$ sudo snap install --edge docker
docker (edge) 1.13.1-0 from 'docker-inc' installed
fginther@docker-snap-test:~$ snap list
Name Version Rev Developer Notes
core 16-2 1577 canonical -
docker 1.13.1-0 84 docker-inc -
Running docker commands requires sudo to connect to the daemon socket:
fginther@docker-snap-test:~$ docker version
Client:
Version: 1.13.1
API version: 1.26
Go version: go1.7.4
Git commit: -snap-899f8a8
Built: Tue Apr 11 12:44:12 2017
OS/Arch: linux/amd64
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/v1.26/version: dial unix /var/run/docker.sock: connect: permission denied
fginther@docker-snap-test:~$ docker run hello-world
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.26/containers/create: dial unix /var/run/docker.sock: connect: permission denied.
See 'docker run --help'.
fginther@docker-snap-test:~$ sudo docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
78445dd45222: Pull complete
Digest: sha256:c5515758d4c5e1e838e9cd307f6c6a0d620b5e07e6f927b07d05f6d12a1ac8d7
Status: Downloaded newer image for hello-world:latest
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://cloud.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/
Looking at the permissions of the socket indicated in the error message, /var/run/docker.sock
:
fginther@docker-snap-test:~$ ls -l /var/run/docker.sock
srw-rw---- 1 root root 0 Apr 18 12:46 /var/run/docker.sock
Changing the permissions on this socket is enough to allow non-sudo use:
fginther@docker-snap-test:~$ sudo chmod 666 /var/run/docker.sock
fginther@docker-snap-test:~$ ls -l /var/run/docker.sock
srw-rw-rw- 1 root root 0 Apr 18 12:46 /var/run/docker.sock
fginther@docker-snap-test:~$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://cloud.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/engine/userguide/
The issue has been previously submitted here:
linuxserver/docker-tautulli#44
but submitter solved it by uninstalling the snap package (which doesn't solve the issue)
today I also run into the same problem using snap package.
Works fine with docker ubuntu artful
repo.
Doesn't work if I use snap package.
Please look into this and make them compatible.
We had a customer feedback that it failed to execute docker stop
ubuntu@xenial:~$ docker stop test Error response from daemon: Cannot stop container test: Cannot kill container 44b41739970db05a70a203565b8de4101769aed08121fe0e5a1a816c6efc4572: rpc error: code = 7 desc = permission denied
The full log can be found here.
https://gist.github.com/psftw/15a05d2abc6a757397bb85eac7b72f46
According to The bug reporter's comment
He can reproduce this issue on two different test environments. The common factor across these two that blew up were that they had previously installed docker-ce(docker.io or docker-engine, whatever).
So basically, it's apparmor denied error. This default profile(docker-default) is loaded from deb package installed previously instead of snap inside.
http://paste.ubuntu.com/24596743/
Even if the docker-ce is removed, we probably can still produce this issue as the default profile is loaded in cache by apparmor.
Essentially, docker deb and docker snap don't co-exist. The easy way to fix it manually is to
Note: People only run into this situation when they have both docker deb package and snap package installed on their OS. Hence this issue only exists on Classic as on Ubuntu Core 16 it does not support apt-get or deb packages.
I run a simple set of containers and periodically my instance will fall over.
It's happened three times over the month or so that I've been running docker. The error message I get from snap logs is something like this:
2018-10-04T02:13:28Z docker.dockerd[25141]: time="2018-10-04T02:13:28.412812912Z" level=debug msg="libcontainerd: containerd health check returned error: rpc error: code = 14 desc = grpc: the connection is unavailable"
From my searching, it looks like it's happened to a bunch of people.
A reboot of the computer and a restart of the service does not fix the problem. Each time I've had to remove and reinstall the snap.
The containers I'm running, for reference, are:
Hi there,
I followed the guide step by step on using docker for the first time on ubuntu core 16
But I came across with this message every time i try to run the containers from the yml
docker.compose up
It gives me ERROR: Couldn't connect to Docker daemon - you might need to run
docker-machine start default.
While
sudo docker.compose up
It gives me ERROR: .IOError: [Errno 13] Permission denied: u'./docker-compose.yml'
When running the automated tests, I noticed the following test case failed.
#!/bin/sh
set -e
yml=$(cat <<EOF
test:
image: ubuntu
command: bash
tty: true
EOF
)
echo "$yml" | docker.compose -f - up -d
Output:
Traceback (most recent call last):
File "/snap/docker/102/bin/docker-compose", line 11, in <module>
load_entry_point('docker-compose==1.12.0', 'console_scripts', 'docker-compose')()
File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/main.py", line 67, in main
command()
File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/main.py", line 114, in perform_command
project = project_from_options('.', options)
File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/command.py", line 37, in project_from_options
override_dir=options.get('--project-directory'),
File "/snap/docker/102/lib/python2.7/site-packages/compose/cli/command.py", line 84, in get_project
config_details = config.find(project_dir, config_path, environment, override_dir)
File "/snap/docker/102/lib/python2.7/site-packages/compose/config/config.py", line 240, in find
os.path.abspath(override_dir),
File "/snap/docker/102/usr/lib/python2.7/posixpath.py", line 360, in abspath
if not isabs(path):
File "/snap/docker/102/usr/lib/python2.7/posixpath.py", line 54, in isabs
return s.startswith('/')
AttributeError: 'NoneType' object has no attribute 'startswith'
Piping a docker-compose.yaml from stdin to docker.compose doesn't work in 1.12.0 which is the one we're using for docker_17.03.1-ce-1 snapping. It's officially fixed in 1.13.0.
We need to use the latest docker compose to create the next docker snap once the upcoming quarterly release of docker(17.06-ce) is out.
When will the new versions of CE docker in SNAP be available?
for example 18.05.0-ce or higher
https://github.com/docker/docker-ce/releases
๐ ๐ ๐
I've no idea if this is an issue with the docker snap or the docker image that I'm trying to use, but I'll ask here first. I'm trying to use container expert360/elasticmq. When I run:
docker run -p 9324:9324 expert360/elasticmq
I get this error:
me@moo:~$ docker run -p 9324:9324 expert360/elasticmq
java: error while loading shared libraries: libjli.so: cannot open shared object file: No such file or directory
I don't get this error when docker has been installed using apt. According to the Docker file the docker does use Java https://github.com/expert360/docker-elasticmq/blob/master/Dockerfile but I don't understand why a Java error is being surfaced outside of the container.
I'm on elementaryOS Juno (18.04) but I also tried on Loki and vanilla Ubuntu 18.04 and the error occurs on all three.
Any ideas?
Hi there,
Posted recently about and issue then trying to run docker. #26 After successfully having made my defined containers to run for the first time, it took some time after one of the 2 containers crashed and had to make the sudo docker.compose up
once again. But in this occasion an error just keeps coming up every time I'm trying to execute the command:
Cannot start service db: grpc: the connection is unavailable
Being db
a service defined on my docker.compose.yml
with a connected volume
db:
image: mangoraft/mongodb-arm
command: mongod --smallfiles
ports:
- "27017:27017"
volumes:
- ./data:/data/db
What I've tried so far:
/data
volume generated by the containerNothing seems to work.
Thanks beforehand
Given the recent deprecation notice, I feel it would be a good idea to include recommended installation instructions of docker that users should use instead of Snap.
Hello,
First thanks for taking the time to create a snap for docker.
I am using this snap package for a few weeks now and everything was perfect. However today I wanted to play with docker.machine
locally and I therefore looked at the docker documentation.
I installed virtualbox on my machine, and then I ran
$ docker.machine create -d virtualbox default
And I got the following error:
Error with pre-create check: "VBoxManage not found.
Make sure VirtualBox is installed and VBoxManage is in the path"
The problem is, VBoxManage
is in my path, however I think that due to the strict confinement policy the snap cannot access this binary (and I guess there is no interfaces created yet for it).
Am I missing something or is it currently not supported?
docker.machine create -d virtualbox default
Infos:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.