docker run hello-world
produces message:
docker: Error response from daemon: Cannot start container b7dddfefa6d35618de34880e5660295d6192dbde035c9f3b3e6ba13d81257364: [9] System error: fork/exec /proc/self/exe: invalid argument.
when executed on CentOS 7.2 and activated user spacenames. Same task works on Ubuntu without problems.
docker version:
Version: 1.10.0
API version: 1.22
Go version: go1.5.3
Git commit: 590d510
Built: Thu Feb 4 18:34:50 2016
OS/Arch: linux/amd64
Server:
Version: 1.10.0
API version: 1.22
Go version: go1.5.3
Git commit: 590d510
Built: Thu Feb 4 18:34:50 2016
OS/Arch: linux/amd6
docker info:
Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 2
Server Version: 1.10.0
Storage Driver: devicemapper
Pool Name: docker-8:6-389546-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: ext4
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 538.1 MB
Data Space Total: 107.4 GB
Data Space Available: 8.871 GB
Metadata Space Used: 1.053 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.146 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/100000.100000/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Either use --storage-opt dm.thinpooldev or use --storage-opt dm.no_warn_on_loop_devices=true to suppress this warning.
Metadata loop file: /var/lib/docker/100000.100000/devicemapper/devicemapper/metadata
Library Version: 1.02.107-RHEL7 (2015-10-14)
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 3.10.0-327.4.5.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 7.635 GiB
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
uname -a:
Linux host.desy.de 3.10.0-327.4.5.el7.x86_64 #1 SMP Mon Jan 25 22:07:14 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Tried both on physical machine and VirtualBox with fresh installed system.
User namespaces were activated in:
/etc/systemd/system/docker.service.d/docker.conf
[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -H fd:// --userns-remap="default"
Server starts normally:
systemctl start docker cat /var/log/messages | grep docker: Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.748378068+01:00" level=info msg="User namespaces: ID ranges will be mapped to subuid/subgid ranges of: dockremap:dockremap" Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.760008372+01:00" level=warning msg="devmapper: Usage of loopback devices is strongly discouraged for production use. Please use--storage-opt dm.thinpooldevor useman docker` to refer to dm.thinpooldev section."
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.811965472+01:00" level=info msg="[graphdriver] using prior storage driver "devicemapper""
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.814671112+01:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.821525089+01:00" level=info msg="Firewalld running: false"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.891543173+01:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.956053903+01:00" level=info msg="Loading containers: start."
Feb 10 16:25:17 it-hpc-fsadm01 docker: ..
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.957847288+01:00" level=info msg="Loading containers: done."
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.957877403+01:00" level=info msg="Daemon has completed initialization"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.957914839+01:00" level=info msg="Docker daemon" commit=590d5108 execdriver=native-0.2 graphdriver=devicemapper version=1.10.0
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.968071552+01:00" level=info msg="API listen on /var/run/docker.sock"
Then comes the problem:
docker run hello-world
cat /var/log/messages | grep docker:
Feb 10 16:28:22 it-hpc-fsadm01 NetworkManager[1263]: (docker0): bridge port vethf5ca51e was attached
Feb 10 16:28:22 it-hpc-fsadm01 NetworkManager[1263]: (vethf5ca51e): enslaved to docker0
Feb 10 16:28:22 it-hpc-fsadm01 kernel: docker0: port 1(vethf5ca51e) entered disabled state
Feb 10 16:28:22 it-hpc-fsadm01 kernel: docker0: port 1(vethf5ca51e) entered disabled state
Feb 10 16:28:22 it-hpc-fsadm01 NetworkManager[1263]: (docker0): failed to detach bridge port vethf5ca51e
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152382944+01:00" level=error msg="error locating sandbox id eee0f455f4be5c7fdebf3c98a711373b13cf1b06820809c004ddae109bad5f96: sandbox eee0f455f4be5c7fdebf3c98a711373b13cf1b06820809c004ddae109bad5f96 not found"
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152486255+01:00" level=warning msg="failed to cleanup ipc mounts:\nfailed to umount /var/lib/docker/100000.100000/containers/c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a/shm: invalid argument\nfailed to umount /var/lib/docker/100000.100000/containers/c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a/mqueue: invalid argument"
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152521902+01:00" level=error msg="Error unmounting container c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a: not mounted"
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152634245+01:00" level=error msg="Handler for POST /v1.22/containers/c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a/start returned error: Cannot start container c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a: [9] System error: fork/exec /proc/self/exe: invalid argument
docker run hello-worldproduces message:
docker: Error response from daemon: Cannot start container b7dddfefa6d35618de34880e5660295d6192dbde035c9f3b3e6ba13d81257364: [9] System error: fork/exec /proc/self/exe: invalid argument.
when executed on CentOS 7.2 and activated user spacenames. Same task works on Ubuntu without problems.
docker version:
Version: 1.10.0
API version: 1.22
Go version: go1.5.3
Git commit: 590d510
Built: Thu Feb 4 18:34:50 2016
OS/Arch: linux/amd64
Server:
Version: 1.10.0
API version: 1.22
Go version: go1.5.3
Git commit: 590d510
Built: Thu Feb 4 18:34:50 2016
OS/Arch: linux/amd6
docker info:
Containers: 2
Running: 0
Paused: 0
Stopped: 2
Images: 2
Server Version: 1.10.0
Storage Driver: devicemapper
Pool Name: docker-8:6-389546-pool
Pool Blocksize: 65.54 kB
Base Device Size: 10.74 GB
Backing Filesystem: ext4
Data file: /dev/loop0
Metadata file: /dev/loop1
Data Space Used: 538.1 MB
Data Space Total: 107.4 GB
Data Space Available: 8.871 GB
Metadata Space Used: 1.053 MB
Metadata Space Total: 2.147 GB
Metadata Space Available: 2.146 GB
Udev Sync Supported: true
Deferred Removal Enabled: false
Deferred Deletion Enabled: false
Deferred Deleted Device Count: 0
Data loop file: /var/lib/docker/100000.100000/devicemapper/devicemapper/data
WARNING: Usage of loopback devices is strongly discouraged for production use. Either use
--storage-opt dm.thinpooldevor use--storage-opt dm.no_warn_on_loop_devices=trueto suppress this warning.Metadata loop file: /var/lib/docker/100000.100000/devicemapper/devicemapper/metadata
Library Version: 1.02.107-RHEL7 (2015-10-14)
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
Volume: local
Network: bridge null host
Kernel Version: 3.10.0-327.4.5.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 7.635 GiB
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
uname -a:
Linux host.desy.de 3.10.0-327.4.5.el7.x86_64 #1 SMP Mon Jan 25 22:07:14 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Tried both on physical machine and VirtualBox with fresh installed system.
User namespaces were activated in:
/etc/systemd/system/docker.service.d/docker.conf
[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -H fd:// --userns-remap="default"
Server starts normally:
systemctlstart docker: Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.748378068+01:00" level=info msg="User namespaces: ID ranges will be mapped to subuid/subgid ranges of: dockremap:dockremap" Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.760008372+01:00" level=warning msg="devmapper: Usage of loopback devices is strongly discouraged for production use. Please use--storage-opt dm.thinpooldevor useman docker` to refer to dm.thinpooldev section."Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.811965472+01:00" level=info msg="[graphdriver] using prior storage driver "devicemapper""
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.814671112+01:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.821525089+01:00" level=info msg="Firewalld running: false"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.891543173+01:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.956053903+01:00" level=info msg="Loading containers: start."
Feb 10 16:25:17 it-hpc-fsadm01 docker: ..
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.957847288+01:00" level=info msg="Loading containers: done."
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.957877403+01:00" level=info msg="Daemon has completed initialization"
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.957914839+01:00" level=info msg="Docker daemon" commit=590d5108 execdriver=native-0.2 graphdriver=devicemapper version=1.10.0
Feb 10 16:25:17 it-hpc-fsadm01 docker: time="2016-02-10T16:25:17.968071552+01:00" level=info msg="API listen on /var/run/docker.sock"
Then comes the problem:
docker run hello-worldcat /var/log/messages | grep docker:Feb 10 16:28:22 it-hpc-fsadm01 NetworkManager[1263]: (docker0): bridge port vethf5ca51e was attached
Feb 10 16:28:22 it-hpc-fsadm01 NetworkManager[1263]: (vethf5ca51e): enslaved to docker0
Feb 10 16:28:22 it-hpc-fsadm01 kernel: docker0: port 1(vethf5ca51e) entered disabled state
Feb 10 16:28:22 it-hpc-fsadm01 kernel: docker0: port 1(vethf5ca51e) entered disabled state
Feb 10 16:28:22 it-hpc-fsadm01 NetworkManager[1263]: (docker0): failed to detach bridge port vethf5ca51e
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152382944+01:00" level=error msg="error locating sandbox id eee0f455f4be5c7fdebf3c98a711373b13cf1b06820809c004ddae109bad5f96: sandbox eee0f455f4be5c7fdebf3c98a711373b13cf1b06820809c004ddae109bad5f96 not found"
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152486255+01:00" level=warning msg="failed to cleanup ipc mounts:\nfailed to umount /var/lib/docker/100000.100000/containers/c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a/shm: invalid argument\nfailed to umount /var/lib/docker/100000.100000/containers/c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a/mqueue: invalid argument"
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152521902+01:00" level=error msg="Error unmounting container c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a: not mounted"
Feb 10 16:28:22 it-hpc-fsadm01 docker: time="2016-02-10T16:28:22.152634245+01:00" level=error msg="Handler for POST /v1.22/containers/c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a/start returned error: Cannot start container c67a2391f2be7f6e82b645f2dcb6cf3f67d2e3bdac15963eefeda31141a9164a: [9] System error: fork/exec /proc/self/exe: invalid argument