Update docker in production to something more recent #1
Comments
|
Sorry about that. We are planning to update pre-instlaled Docker version very soon. Meanwhile, you can install 1.6.2 binary as part of the build by adding the following steps to circle.yml [You may need to remove docker from the Let me know how it goes. |
|
Not much luck, if I do just that I end up with this problem. If I add sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.6.2-circleci'
sudo chmod 0755 /usr/bin/docker
sudo docker -d
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 14.7M 100 14.7M 0 0 28.6M 0 --:--:-- --:--:-- --:--:-- 29.0M
INFO[0000] +job init_networkdriver()
INFO[0000] +job serveapi(unix:///var/run/docker.sock)
INFO[0000] Listening for HTTP on unix (/var/run/docker.sock)
WARN[0000] Running modprobe bridge nf_nat failed with message: , error: exit status 1
INFO[0000] -job init_networkdriver() = OK (0)
WARN[0000] mountpoint for memory not found
FATA[0000] Shutting down daemon due to errors: Error loading docker apparmor profile: exit status 243 (Warning from profile docker-default (docker) ptrace rules not enforced
Warning from profile docker-default (docker) signal rules not enforced
Warning from profile docker-default (docker) mount rules not enforced
Unable to open /sys/kernel/security/apparmor/.replace - Permission denied
/sbin/apparmor_parser: Unable to replace "docker-default". Permission denied; attempted to load a profile while confined?
Warning failed to create cache: docker
sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.6.2-circleci'
sudo chmod 0755 /usr/bin/docker
sudo docker -d
returned exit code 1
Action failed: sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.6.2-circleci'
sudo chmod 0755 /usr/bin/docker
) sudo docker -d |
|
Though. That's strange. It seems the error is also with downloading / replacing the docker? When I ran this for the first time it didn't argue: sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.6.2-circleci'
sudo chmod 0755 /usr/bin/docker
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 14.7M 100 14.7M 0 0 29.9M 0 --:--:-- --:--:-- --:--:-- 30.4M |
|
I believe docker will already be auto-started as part of the apt-get/deb install - so you don't need to invoke it directly yourself. Also, in CircleCI, we only support btrfs storage and lxc execution engine; so the command is |
|
Did the trick: machine:
pre:
- |
sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.6.2-circleci'
sudo chmod 0755 /usr/bin/docker
sudo start docker |
|
Thanks! I'll keep it in mind next I time I suggest it! Let us know how else we can help! |
|
Sadly updating it didn't help. I think it's the lxc execution engine you've mentioned. I'm trying to debug the container with Assume there's no workaround for that? Is there any other way? |
|
I'm afraid that |
|
That is perfect, thanks so much for pointing this out! I can attach in the same way as with
|
|
I need a more recent version too (to specify an alternate Dockerfile). This ticket helped me with setting it up. The image building is different from our development situation vs our online environments, mostly mounting local paths at runtime vs embedding artifacts in the images. Docker 1.6 offer the features we currently need. Our circle.yml starts like this: machine:
pre:
- |
test $(docker --version | awk '{ print $3 }' | head -c3) != "1.6" && {
sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.6.2-circleci';
sudo chmod 0755 /usr/bin/docker;
sudo start docker;
}
# Restore this once docker >1.6.2 is available.
# services:
# - dockerBuilds start failing once 1.6.x becomes available on Circle, in which we restore the |
|
@Dynom fwiw - you can change it to make it work every after >1.6.2 becomes available (planned for the next few days) machine:
pre:
- |
test $(docker --version | awk '{ print $3 }' | head -c3) != "1.6" && {
sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.6.2-circleci';
sudo chmod 0755 /usr/bin/docker;
}
- sudo service docker start
# Restore this once docker >1.6.2 is available.
# services:
# - docker |
|
Hi @notnoopci, Thanks for the comment! I want it to fail because then I know when I can cleanup my |
|
At voila, Circle supports Docker 1.6 now! Fixing my Circle file (-; |
Experiencing this issue: circleci/docker#1
|
Just pushed a docker 1.8.1 version - and could use someone testing it first. To enable it you can run with: machine:
pre:
- |
sudo curl -L -o /usr/bin/docker 'http://s3-external-1.amazonaws.com/circle-downloads/docker-1.8.1-circleci'
sudo chmod 0755 /usr/bin/docker
sudo service docker start(but without |
|
I can confirm that this solves an issue I was having with |
|
I can't get docker-compose to start with this version in conjunction with docker-compose 1.4.0 Traceback (most recent call last): |
|
I can confirm this also works for me using docker-compose 1.3.3 |
|
Spoke too soon: |
|
Having the same issue. |
|
Hi @notnoopci When using this version (Docker version 1.8.1-circleci, build 076fb94) |
|
I'm having the same issue with docker-1.8.1-circleci and docker-compose 1.4.0. I can get the default circle-ci docker bin (v 1.6.1) and docker-compose 1.3.3 to work, but not the latest combination. @gitu I believe that is 'ok' behavior here. There is a note somewhere in the circle-ci docker documentation about lxc not being allowed to delete intermediate containers... but that shouldn't prevent a successful build |
TL;DR: check for IsExist(err) after a failed MkdirAll() is both
redundant and wrong -- so two reasons to remove it.
Quoting MkdirAll documentation:
> MkdirAll creates a directory named path, along with any necessary
> parents, and returns nil, or else returns an error. If path
> is already a directory, MkdirAll does nothing and returns nil.
This means two things:
1. If a directory to be created already exists, no error is returned.
2. If the error returned is IsExist (EEXIST), it means there exists
a non-directory with the same name as MkdirAll need to use for
directory. Example: we want to MkdirAll("a/b"), but file "a"
(or "a/b") already exists, so MkdirAll fails.
The above is a theory, based on quoted documentation and my UNIX
knowledge.
3. In practice, though, current MkdirAll implementation [1] returns
ENOTDIR in most of cases described in #2, with the exception when
there is a race between MkdirAll and someone else creating the
last component of MkdirAll argument as a file. In this very case
MkdirAll() will indeed return EEXIST.
Because of #1, IsExist check after MkdirAll is not needed.
Because of #2 and #3, ignoring IsExist error is just plain wrong,
as directory we require is not created. It's cleaner to report
the error now.
Note this error is all over the tree, I guess due to copy-paste,
or trying to follow the same usage pattern as for Mkdir(),
or some not quite correct examples on the Internet.
[v2: a separate aufs commit is merged into this one]
[1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go
Signed-off-by: Kir Kolyshkin <[email protected]>
|
Is v1.9.0 ready? |
|
@kimh 👍 |
Not sure if this is the right place to ask, I've contacted the support on this recent, but it went silent. Please consider updating docker to something more recent. Circle right now runs 1.4.1, the most recent version is 1.6.2 which is light years ahead.
The text was updated successfully, but these errors were encountered: