V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
coolair
V2EX  ›  Docker

CentOS 8 运行 Docker in Docker 失败,如何解决?

  •  
  •   coolair · 2022-02-24 17:10:58 +08:00 · 1589 次点击
    这是一个创建于 1007 天前的主题,其中的信息可能已经有所发展或是发生改变。

    最小化安装系统,使用 https://download.docker.com/linux/centos/docker-ce.repo 安装了 docker-ce docker-ce-cli containerd.io ,关闭了 firewalld 、selinux ,重启了 docker:

    docker run --privileged -d --name dind-test docker:dind
    

    日志如下:

     Generating RSA private key, 4096 bit long modulus (2 primes)
     ..............................................................................................++++
     ...............................................................................................................................................................................................................................................................................................................++++
     e is 65537 (0x010001)
     Generating RSA private key, 4096 bit long modulus (2 primes)
     .....................................................................................................................................................++++
     ....................................................++++
     e is 65537 (0x010001)
     Signature ok
     subject=CN = docker:dind server
     Getting CA Private Key
     /certs/server/cert.pem: OK
     Generating RSA private key, 4096 bit long modulus (2 primes)
     ..............................................................................................................................................................................................................................................................................................................................................................++++
     ................................++++
     e is 65537 (0x010001)
     Signature ok
     subject=CN = docker:dind client
     Getting CA Private Key
     /certs/client/cert.pem: OK
     time="2022-02-24T07:23:34.760594256Z" level=info msg="Starting up"
     time="2022-02-24T07:23:34.763695780Z" level=warning msg="could not change group /var/run/docker.sock to docker: group docker not found"
     time="2022-02-24T07:23:34.765710334Z" level=info msg="libcontainerd: started new containerd process" pid=79
     time="2022-02-24T07:23:34.765786276Z" level=info msg="parsed scheme: \"unix\"" module=grpc
     time="2022-02-24T07:23:34.765809168Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
     time="2022-02-24T07:23:34.765974707Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock  <nil> 0 <nil>}] <nil> <nil>}" module=grpc
     time="2022-02-24T07:23:34.766035328Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
     time="2022-02-24T07:23:34.790274621Z" level=info msg="starting containerd" revision=7b11cfaabd73bb80907dd23182b9347b4245eb5d version=v1.4.12
     time="2022-02-24T07:23:34.828556147Z" level=info msg="loading plugin \"io.containerd.content.v1.content\"..." type=io.containerd.content.v1
     time="2022-02-24T07:23:34.828841242Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.aufs\"..." type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.839186454Z" level=info msg="skip loading plugin \"io.containerd.snapshotter.v1.aufs\"..." error="aufs is not supported (modprobe aufs failed: exit status 1 \"ip: can't find device 'aufs'\\nmodprobe: can't change directory to '/lib/modules': No such file or directory\\n\"): skip plugin" type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.839455354Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.btrfs\"..." type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.840184092Z" level=info msg="skip loading plugin \"io.containerd.snapshotter.v1.btrfs\"..." error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs (xfs) must be a btrfs filesystem to be used with the btrfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.840249560Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.devmapper\"..." type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.840343274Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.devmapper" error="devmapper not configured"
     time="2022-02-24T07:23:34.840391034Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.native\"..." type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.840589611Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.overlayfs\"..." type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.841204096Z" level=info msg="loading plugin \"io.containerd.snapshotter.v1.zfs\"..." type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.841575997Z" level=info msg="skip loading plugin \"io.containerd.snapshotter.v1.zfs\"..." error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter: skip plugin" type=io.containerd.snapshotter.v1
     time="2022-02-24T07:23:34.841690890Z" level=info msg="loading plugin \"io.containerd.metadata.v1.bolt\"..." type=io.containerd.metadata.v1
     time="2022-02-24T07:23:34.841778714Z" level=warning msg="could not use snapshotter devmapper in metadata plugin" error="devmapper not configured"
     time="2022-02-24T07:23:34.841815889Z" level=info msg="metadata content store policy set" policy=shared
     time="2022-02-24T07:23:34.890892709Z" level=info msg="loading plugin \"io.containerd.differ.v1.walking\"..." type=io.containerd.differ.v1
     time="2022-02-24T07:23:34.891002672Z" level=info msg="loading plugin \"io.containerd.gc.v1.scheduler\"..." type=io.containerd.gc.v1
     time="2022-02-24T07:23:34.891149173Z" level=info msg="loading plugin \"io.containerd.service.v1.introspection-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891285080Z" level=info msg="loading plugin \"io.containerd.service.v1.containers-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891337250Z" level=info msg="loading plugin \"io.containerd.service.v1.content-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891381619Z" level=info msg="loading plugin \"io.containerd.service.v1.diff-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891426999Z" level=info msg="loading plugin \"io.containerd.service.v1.images-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891476952Z" level=info msg="loading plugin \"io.containerd.service.v1.leases-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891551223Z" level=info msg="loading plugin \"io.containerd.service.v1.namespaces-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891624866Z" level=info msg="loading plugin \"io.containerd.service.v1.snapshots-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.891677202Z" level=info msg="loading plugin \"io.containerd.runtime.v1.linux\"..." type=io.containerd.runtime.v1
     time="2022-02-24T07:23:34.892160041Z" level=info msg="loading plugin \"io.containerd.runtime.v2.task\"..." type=io.containerd.runtime.v2
     time="2022-02-24T07:23:34.892678088Z" level=info msg="loading plugin \"io.containerd.monitor.v1.cgroups\"..." type=io.containerd.monitor.v1
     time="2022-02-24T07:23:34.893531281Z" level=info msg="loading plugin \"io.containerd.service.v1.tasks-service\"..." type=io.containerd.service.v1
     time="2022-02-24T07:23:34.893697433Z" level=info msg="loading plugin \"io.containerd.internal.v1.restart\"..." type=io.containerd.internal.v1
     time="2022-02-24T07:23:34.893824075Z" level=info msg="loading plugin \"io.containerd.grpc.v1.containers\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.893955169Z" level=info msg="loading plugin \"io.containerd.grpc.v1.content\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.893986203Z" level=info msg="loading plugin \"io.containerd.grpc.v1.diff\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894035779Z" level=info msg="loading plugin \"io.containerd.grpc.v1.events\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894124767Z" level=info msg="loading plugin \"io.containerd.grpc.v1.healthcheck\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894208021Z" level=info msg="loading plugin \"io.containerd.grpc.v1.images\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894267863Z" level=info msg="loading plugin \"io.containerd.grpc.v1.leases\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894323113Z" level=info msg="loading plugin \"io.containerd.grpc.v1.namespaces\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894377043Z" level=info msg="loading plugin \"io.containerd.internal.v1.opt\"..." type=io.containerd.internal.v1
     time="2022-02-24T07:23:34.894828889Z" level=info msg="loading plugin \"io.containerd.grpc.v1.snapshots\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894887081Z" level=info msg="loading plugin \"io.containerd.grpc.v1.tasks\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894949989Z" level=info msg="loading plugin \"io.containerd.grpc.v1.version\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.894996324Z" level=info msg="loading plugin \"io.containerd.grpc.v1.introspection\"..." type=io.containerd.grpc.v1
     time="2022-02-24T07:23:34.895529028Z" level=info msg=serving... address=/var/run/docker/containerd/containerd-debug.sock
     time="2022-02-24T07:23:34.895804150Z" level=info msg=serving... address=/var/run/docker/containerd/containerd.sock.ttrpc
     time="2022-02-24T07:23:34.896113274Z" level=info msg=serving... address=/var/run/docker/containerd/containerd.sock
     time="2022-02-24T07:23:34.896170862Z" level=info msg="containerd successfully booted in 0.112697s"
     time="2022-02-24T07:23:34.907970487Z" level=info msg="parsed scheme: \"unix\"" module=grpc
     time="2022-02-24T07:23:34.908043720Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
     time="2022-02-24T07:23:34.908129918Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock  <nil> 0 <nil>}] <nil> <nil>}" module=grpc
     time="2022-02-24T07:23:34.908168076Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
     time="2022-02-24T07:23:34.911090189Z" level=info msg="parsed scheme: \"unix\"" module=grpc
     time="2022-02-24T07:23:34.911135671Z" level=info msg="scheme \"unix\" not registered, fallback to default scheme" module=grpc
     time="2022-02-24T07:23:34.911176202Z" level=info msg="ccResolverWrapper: sending update to cc: {[{unix:///var/run/docker/containerd/containerd.sock  <nil> 0 <nil>}] <nil> <nil>}" module=grpc
     time="2022-02-24T07:23:34.911213930Z" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
     time="2022-02-24T07:23:35.083473908Z" level=warning msg="Your kernel does not support cgroup blkio weight"
     time="2022-02-24T07:23:35.083515595Z" level=warning msg="Your kernel does not support cgroup blkio weight_device"
     time="2022-02-24T07:23:35.084239564Z" level=info msg="Loading containers: start."
     time="2022-02-24T07:23:35.101032861Z" level=warning msg="Running modprobe bridge br_netfilter failed with message: ip: can't find device 'bridge'\nbridge                204800  1 br_netfilter\nstp                    16384  1 bridge\nllc                    16384  2 bridge,stp\nip: can't find device 'br_netfilter'\nbr_netfilter           24576  0 \nbridge                204800  1 br_netfilter\nmodprobe: can't change directory to '/lib/modules': No such file or directory\n, error: exit status 1"
     time="2022-02-24T07:23:35.103391649Z" level=warning msg="Running iptables --wait -t nat -L -n failed with message: `modprobe: can't change directory to '/lib/modules': No such file or directory\niptables v1.8.7 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?)\nPerhaps iptables or your kernel needs to be upgraded.`, error: exit status 3"
     time="2022-02-24T07:23:35.151747586Z" level=info msg="stopping event stream following graceful shutdown" error="<nil>" module=libcontainerd namespace=moby
     time="2022-02-24T07:23:35.152208810Z" level=info msg="stopping event stream following graceful shutdown" error="context canceled" module=libcontainerd namespace=plugins.moby
     time="2022-02-24T07:23:35.152217865Z" level=info msg="stopping healthcheck following graceful shutdown" module=libcontainerd
     time="2022-02-24T07:23:36.153093848Z" level=warning msg="grpc: addrConn.createTransport failed to connect to {unix:///var/run/docker/containerd/containerd.sock  <nil> 0 <nil>}. Err :connection error: desc = \"transport: Error while dialing dial unix:///var/run/docker/containerd/containerd.sock: timeout\". Reconnecting..." module=grpc
     failed to start daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain DOCKER: iptables failed: iptables -t nat -N DOCKER: modprobe: can't change directory to '/lib/modules': No such file or directory
     iptables v1.8.7 (legacy): can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
     Perhaps iptables or your kernel needs to be upgraded.
      (exit status 3)
    

    在 CentOS 7 上没有问题,有朋友知道怎么解决吗?

    5 条回复    2022-11-05 14:15:28 +08:00
    YaakovZiv
        1
    YaakovZiv  
       2022-02-24 17:29:41 +08:00
    看楼主报错里有“Perhaps iptables or your kernel needs to be upgraded.”
    这东西还有内核或者 iptables 版本限制吗,不会是要求必须用 iptables 吧
    ch2
        2
    ch2  
       2022-02-24 18:11:09 +08:00
    docker run --name dind-test -d --privileged --net=host -v /tmp:/tmp -v /lib/modules/:/lib/modules/ docker:dind
    你需要把宿主机里的 /tmp 和 /lib/modules 也挂载到 dind 实例中
    wd
        3
    wd  
       2022-02-24 18:35:41 +08:00 via iPhone
    可以试试看 kanico
    julyclyde
        4
    julyclyde  
       2022-02-25 11:13:34 +08:00
    那你运行的时候把 net 模式改一下试试?
    mengdodo
        5
    mengdodo  
       2022-11-05 14:15:28 +08:00
    所以,解决方案是什么
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   5893 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 26ms · UTC 03:03 · PVG 11:03 · LAX 19:03 · JFK 22:03
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.