Re: Where is docker.cfg file in rocko? #yocto #meta-virtualization
|
Bruce Ashfield
On Wed, Jan 5, 2022 at 4:46 AM <thitgahamtonghop@...> wrote: > > [Edited Message Follows] > > Hi, > So I am having problem running docker image. When I run command: docker run hello-world, this is the output: > > docker: Error response from daemon: failed to create endpoint elastic_hypatia on network bridge: failed to add the host (vethf9c4250) <=> sandbox (vethc439d7e) pair interfaces: operation not supported. > ERRO[0000] error waiting for container: context canceled > > So I suspect that the veth module is missing and as checking, I ran the check-config.sh script, and here is what I get > > > info: reading kernel config from /proc/config.gz ... > > Generally Necessary: > - check-config.sh: line 159: [: missing `]' > check-config.sh: line 160: /sys/fs/cgroup/memory: Is a directory > cgroup hierarchy: single mountpoint! [/sys/fs/cgroup/memory] > (see https://github.com/tianon/cgroupfs-mount) > - CONFIG_NAMESPACES: enabled > - CONFIG_NET_NS: enabled > - CONFIG_PID_NS: enabled > - CONFIG_IPC_NS: enabled > - CONFIG_UTS_NS: enabled > - CONFIG_CGROUPS: enabled > - CONFIG_CGROUP_CPUACCT: enabled > - CONFIG_CGROUP_DEVICE: enabled > - CONFIG_CGROUP_FREEZER: enabled > - CONFIG_CGROUP_SCHED: enabled > - CONFIG_CPUSETS: enabled > - CONFIG_MEMCG: enabled > - CONFIG_KEYS: enabled > - CONFIG_VETH: missing > - CONFIG_BRIDGE: enabled (as module) > - CONFIG_BRIDGE_NETFILTER: enabled (as module) > - CONFIG_NF_NAT_IPV4: enabled (as module) > - CONFIG_IP_NF_FILTER: enabled (as module) > - CONFIG_IP_NF_TARGET_MASQUERADE: missing > - CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: missing > - CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module) > - CONFIG_NETFILTER_XT_MATCH_IPVS: missing > - CONFIG_IP_NF_NAT: missing > - CONFIG_NF_NAT: enabled (as module) > - CONFIG_NF_NAT_NEEDED: enabled > - CONFIG_POSIX_MQUEUE: enabled > - CONFIG_DEVPTS_MULTIPLE_INSTANCES: missing > > Optional Features: > - CONFIG_USER_NS: enabled > - CONFIG_SECCOMP: enabled > - CONFIG_CGROUP_PIDS: missing > - CONFIG_MEMCG_SWAP: enabled > - CONFIG_MEMCG_SWAP_ENABLED: enabled > (cgroup swap accounting is currently enabled) > - CONFIG_LEGACY_VSYSCALL_EMULATE: enabled > - CONFIG_MEMCG_KMEM: enabled > - CONFIG_BLK_CGROUP: enabled > - CONFIG_BLK_DEV_THROTTLING: missing > - CONFIG_IOSCHED_CFQ: enabled > - CONFIG_CFQ_GROUP_IOSCHED: missing > - CONFIG_CGROUP_PERF: missing > - CONFIG_CGROUP_HUGETLB: missing > - CONFIG_NET_CLS_CGROUP: enabled > - CONFIG_CGROUP_NET_PRIO: missing > - CONFIG_CFS_BANDWIDTH: missing > - CONFIG_FAIR_GROUP_SCHED: enabled > - CONFIG_RT_GROUP_SCHED: enabled > - CONFIG_IP_VS: missing > - CONFIG_IP_VS_NFCT: missing > - CONFIG_IP_VS_RR: missing > - CONFIG_EXT3_FS: enabled > - CONFIG_EXT3_FS_XATTR: missing > - CONFIG_EXT3_FS_POSIX_ACL: enabled > - CONFIG_EXT3_FS_SECURITY: enabled > (enable these ext3 configs if you are using ext3 as backing filesystem) > - CONFIG_EXT4_FS: enabled > - CONFIG_EXT4_FS_POSIX_ACL: enabled > - CONFIG_EXT4_FS_SECURITY: enabled > - Network Drivers: > - "overlay": > - CONFIG_VXLAN: missing > Optional (for encrypted networks): > - CONFIG_CRYPTO: enabled > - CONFIG_CRYPTO_AEAD: enabled > - CONFIG_CRYPTO_GCM: enabled (as module) > - CONFIG_CRYPTO_SEQIV: enabled (as module) > - CONFIG_CRYPTO_GHASH: enabled (as module) > - CONFIG_XFRM: enabled > - CONFIG_XFRM_USER: enabled (as module) > - CONFIG_XFRM_ALGO: enabled > - CONFIG_INET_ESP: enabled (as module) > - CONFIG_INET_XFRM_MODE_TRANSPORT: enabled > - "ipvlan": > - CONFIG_IPVLAN: missing > - "macvlan": > - CONFIG_MACVLAN: missing > - CONFIG_DUMMY: enabled (as module) > - "ftp,tftp client in container": > - CONFIG_NF_NAT_FTP: enabled (as module) > - CONFIG_NF_CONNTRACK_FTP: enabled (as module) > - CONFIG_NF_NAT_TFTP: enabled (as module) > - CONFIG_NF_CONNTRACK_TFTP: enabled (as module) > - Storage Drivers: > - "aufs": > - CONFIG_AUFS_FS: enabled > - "btrfs": > - CONFIG_BTRFS_FS: enabled > - CONFIG_BTRFS_FS_POSIX_ACL: enabled > - "devicemapper": > - CONFIG_BLK_DEV_DM: enabled > - CONFIG_DM_THIN_PROVISIONING: missing > - "overlay": > - CONFIG_OVERLAY_FS: missing > - "zfs": > - /dev/zfs: missing > - zfs command: missing > - zpool command: missing > > Limits: > - /proc/sys/kernel/keys/root_maxkeys: 1000000 > > Even running modprobe veth showing that veth is not there: > > modprobe: FATAL: Module veth not found in directory /lib/modules/4.4.113-yocto-standard > > And here is the output of lxc-checkconfig > > --- Namespaces --- > Namespaces: enabled > Utsname namespace: enabled > Ipc namespace: enabled > Pid namespace: enabled > User namespace: enabled > Network namespace: enabled > Multiple /dev/pts instances: missing > > --- Control groups --- > Cgroup: enabled > Cgroup clone_children flag: enabled > Cgroup device: enabled > Cgroup sched: enabled > Cgroup cpu account: enabled > Cgroup memory controller: enabled > Cgroup cpuset: enabled > > --- Misc --- > Veth pair device: missing > Macvlan: missing > Vlan: enabled > Bridges: enabled > Advanced netfilter: enabled > CONFIG_NF_NAT_IPV4: enabled > CONFIG_NF_NAT_IPV6: missing > CONFIG_IP_NF_TARGET_MASQUERADE: missing > CONFIG_IP6_NF_TARGET_MASQUERADE: missing > CONFIG_NETFILTER_XT_TARGET_CHECKSUM: missing > FUSE (for use with lxcfs): enabled > > --- Checkpoint/Restore --- > checkpoint restore: missing > CONFIG_FHANDLE: enabled > CONFIG_EVENTFD: enabled > CONFIG_EPOLL: enabled > CONFIG_UNIX_DIAG: missing > CONFIG_INET_DIAG: enabled > CONFIG_PACKET_DIAG: missing > CONFIG_NETLINK_DIAG: missing > File capabilities: enabled > > Note : Before booting a new kernel, you can check its configuration > usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig > > After going around the internet, I found out that somebody had the same issue with me: https://marc.info/?l=openembedded-devel&m=154773496216135&w=2, and they also think that veth missing is the problem. And as suggestion, I added in my local.conf: > CORE_IMAGE_EXTRA_INSTALL += "kernel-modules docker" > But they also mentioned the actual solution is : > > I found the issue. The veth kernel parameter was not enabled. Once I added > CONFIG_VETH=y to my docker.cfg file, I was able to successfully run a > docker container in my openembedded OS > > So where could I do the same? I've used the rocko version and it doesn't have the linux/docker.cfg file? Or could I can create one by myself? > > P/S: > I found in meta-virtualization/recipes-kernel/linux/linux-yocto/ the file docker.cfg, but there is no option as CONFIG_VETH, but in the file lxc.cfg, it exists and already 'y'. I don't really know what needed to actually used this. Why the veth module is not appeared? > Correct. Similar fragments did exist in the rocko timeframe, but if you are looking for docker support .. a newer (and supported) release is highly recommended. Using the fragments depends on your kernel provider. If it is linux yocto, then there is a .inc file in the layer that is enabled whenever virtualization is in the DISTRO_FEATURES. That .inc file adds the fragments to the linux-yocto SRC_URI, and the options will be enabled (https://git.yoctoproject.org/meta-virtualization/tree/recipes-kernel/linux/linux-yocto_virtualization.inc?h=rocko) If your kernel provider is linux-yocto based (i.e. it supports fragments), then you could individually add the fragments via KERNEL_FEATURES (check the yocto docs for details). And finally, if you do have CONFIG_VETH enabled as a module (versus built in), you'd also need to make sure the specific kernel module package is installed to your image, or all modules are installed (via the kernel-modules package that you have mentioned above). Bruce > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
|
|
|