Univention Bugzilla – Bug 44006
docker volumes don't work for docker apps installed with 4.1
Last modified: 2017-04-04 18:28:59 CEST
UCS 4.1 with dudle -> update to 4.2 -> univention-app shell dudle ls /var/lib/univention-appcenter/apps/dudle/data -> ls /var/lib/univention-appcenter/apps/dudle/data about.cgi check.cgi css delete_poll.rb favicon.ico invite_participants.rb participate.rb timestring.rb access_control.rb classic.css customize.cgi dudle.rb hash.rb locale pollhead.rb vcs_bzr.rb atom.rb config_defaults.rb customize.rb edit_columns.rb history.rb log.rb poll.rb vcs_git.rb authorization_required.cgi config.rb date_locale.rb error.cgi html.rb not_found.cgi print.css vcs_test.rb charset.rb config_sample.rb default.css extensions index.cgi overview.rb timepollhead.rb -> touch /var/lib/univention-appcenter/apps/dudle/data/test1.txt -> univention-app shell dudle ls /var/lib/univention-appcenter/apps/dudle/data See attachments for docker inspect. What is strange though, if i create a new container with a volume, it works and docker inspect says "Mounts": [ { "Source": "/var/tmp/test", "Destination": "/tmp", "Mode": "", "RW": true, "Propagation": "rprivate" } ], For apps installed with 4.1 this "Mounts" section is empty "Mounts": [], New apps have a /var/lib/docker/containers/$ID/config.v2.json with the "Mounts" section "MountPoints":{"/tmp":{"Source":"/var/tmp/t Old apps have config.json and config.v2.json. config.json has the "old" Volumes statements, but MountPoints in config.v2.json is empty. So it seems that the new the docker version has a different config format and config file (config.v2.json) and the settings from old config.json are not migrated to new file (at least not completly).
Created attachment 8603 [details] dudle-inspect-4.1-txt
Created attachment 8604 [details] dudle-inspect-4.2.txt
Created attachment 8605 [details] new-container-4.2.txt
Maybe we need https://docs.docker.com/engine/migration/
This has been reported to but ignored by upstream: https://github.com/docker/docker/issues/20079 https://github.com/docker/docker/issues/20412 I've adjusted univention-docker to run a migration script during update in postinst: /usr/lib/univention-docker/scripts/migrate_container_MountPoints_to_v2_config It requires that the config.v2.json files have been created by docker, otherwise it complains (per container). For that the postinst starts the docker daemon manually once without init system. The script can be re-run (only makes sense when docker is stopped). Changelog adjusted.
In postinst: /usr/bin/dockerd -H unix:///var/run/docker.sock $DOCKER_OPTS & while ! docker ps >/dev/null 2>&1; do sleep 1; done; That's not possible during upgrades from 4.1 to 4.2 and leads to infinite waiting (without any indication why): INFO[0000] libcontainerd: new containerd process, pid: 21482 WARN[0000] containerd: low RLIMIT_NOFILE changing to max current=1024 max=4096 INFO[0001] [graphdriver] using prior storage driver "overlay" INFO[0001] Graph migration to content-addressability took 0.00 seconds WARN[0001] Your kernel does not support cgroup memory limit WARN[0001] Unable to find cpu cgroup in mounts WARN[0001] Unable to find blkio cgroup in mounts WARN[0001] Unable to find cpuset cgroup in mounts WARN[0001] mountpoint for pids not found FATA[0001] Error starting daemon: Devices cgroup isn't mounted Please check kernel version or something. If the running dockerd is necessary for the upgrade maybe do it in a join script and abort with old kernel, so after a reboot it can be rerun.
This also stalls the installation from the 4.2-RC DVD indefinitely!
cgroupfs-mount update was required first and the docker.io package doesn't specify the version. > If the running dockerd is necessary for the upgrade It's required shortly for migration of the containers.
/var/lib/dpkg/info/univention-docker.postinst: > /usr/bin/dockerd -H unix:///var/run/docker.sock $DOCKER_OPTS & > while ! docker ps >/dev/null 2>&1; do > sleep 1; > done; My upgrade is stuck in an endless look since hours... >WARN[0000] containerd: low RLIMIT_NOFILE changing to max current=1024 max=4096 >INFO[0001] Graph migration to content-addressability took 0.01 seconds >WARN[0001] Your kernel does not support cgroup memory limit >WARN[0001] Unable to find cpu cgroup in mounts >WARN[0001] Unable to find blkio cgroup in mounts >WARN[0001] Unable to find cpuset cgroup in mounts >WARN[0001] mountpoint for pids not found >FATA[0001] Error starting daemon: Devices cgroup isn't mounted uname -r # 4.1.0-ucs207-amd64 cgroupfs-mount mountpoint /sys/fs/cgroup # /sys/fs/cgroup is a mountpoint
r78186 | * Bug #44006: Depend on cgroupfs-mount (>= 1.1) r78169 | Bug #44006 r78167 | * Bug #44006: Depend on docker.io >= 1.12 and check if config.v2.json r78165 | * Bug #44006: Start docker daemon manually w/o init system to make r78163 | * Bug #44006: migrate container volume config to config.v2.json Package: univention-docker Version: 2.0.0-9A~4.2.0.201703231147 Branch: ucs_4.2-0
(In reply to Philipp Hahn from comment #9) > /var/lib/dpkg/info/univention-docker.postinst: > > /usr/bin/dockerd -H unix:///var/run/docker.sock $DOCKER_OPTS & > > while ! docker ps >/dev/null 2>&1; do > > sleep 1; > > done; Nevertheless: this is an endless loop if `docker ps` never succeeds. Please add a timeout of 10min PS: No need for ';' at EOL
yes, please add a timeout
I assume that Comment 10 means that Comment 9 has been fixed? I've added a timeout of 300 seconds. Due to popular demand I've moved the code from postinst to postup. Core dumps due to decorative semicolons are not expected. I've announced UCS 4.2 to the test mirror.
OK - RO Volumes OK - RW Volumes OK - multiple container
UCS 4.2 has been released: https://docs.software-univention.de/release-notes-4.2-0-en.html https://docs.software-univention.de/release-notes-4.2-0-de.html If this error occurs again, please use "Clone This Bug".