-
Notifications
You must be signed in to change notification settings - Fork 86
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Please provide repo for docker-ce on Fedora 32 #955
Comments
It seems this won't happen on time for tomorrow's release. Perhaps the focus has been put on getting cgroupsv2 working? opencontainers/runc#2315 |
Just noticed that Docker container have no internet connectivity after upgrade to Fedora 32. User needs to add docker network interface to trusted firewall zone. I hope official package will keep this in mind and configure firewalld accordingly. |
I have upgraded my Fedora 31 workstation to Fedora 32. Here are some issues I've experienced with Docker (most of them have been reported by other people above, but I'm trying to give some details). 1.) Since Fedora 31 cgroups v2 is enabled by default. To be able to run Docker you need to revert to cgroups v1 by setting a parameter in the kernel cmdline. (Not a bug, just mentioning it for completeness).
2.) There is no Fedora 32 repo for Docker, so updates fail. (I had Docker already installed on Fedora 31).
3.) there's an iptables issue. From inside a Docker container pinging any destination works. However, tcp/udp connections don't work (i.e. the local DNS server set by Docker in the container can only be pinged, but not reached on the DNS service).
As someone mentioned above, adding the Docker interface to the
|
The networking issues appear to be caused by firewalld switching to nftables. The changeset also has some recommendations for solvings this issue which to also appear to amount to making docker0 part of a trusted zone. |
I had this same issue and i wasn't able to ping anything within a container, I've fixed it with : firewall-cmd --get-zone-of-interface=enp1s0
FedoraWorkstation
firewall-cmd --zone=FedoraWorkstation --add-masquerade --permanent
firewall-cmd --reload |
another solution for now is changing the firewalld.conf “FirewallBackend” from nftables to iptables |
Changing FirewallBackend to iptables worked for me on CentOS 8 which defaults to nftables like Fedora 32 does. Docker or libnetwork need to support nftables natively. |
I had trouble connecting to my local Kafka instance after upgrading to Fedora 32. Something with the routing messed up. I could connect to my local webserver, but the webserver could not communicate with Kafka. I've corrected the issue, in two steps:
|
while running docker run with --network=host is also worked for me as I don't want to update those firewalls manually. will wait to hear if this can be reolved soon in latest repos which supports fedora32. |
⬆️ same, and can be achieved in a
under the appropriate |
I don't think that's what you usually want. With |
How are we supposed to install docker on a fresh fedora system? |
I think Fedora doesn't care about Docker any more and they just ship You need to wait until the Docker rpm packages for Fedora 32 are built. Or, you can just install the ones for Fedora 31, which should also work. |
|
Have you managed to make it run containers from a docker-compose file? |
Docker needs to support nftables and cgroups v2. Debian Buster uses nftables backend by default and had problems with docker too. The workaround is basically - 1. tell the kernel to use cgroup v1. 2. set firewalld backend to iptables or disable firewalld. |
I know, I know:
|
yes |
Actually when I ignored the official instructions and just blindly tried The rest is the same old story - cgroups, selinux, user groups, etc... |
How? My google fu is failing me. :/ |
@Frosthage use docker stack: # install
dnf install moby-engine
# remove live-resotore line
vim /etc/sysconfig/docker
# enable and start docker
systemctl enable --now docker
# create one node swarm cluster
docker swarm init
# delpoy
docker stack deploy -c docker-compose.yml redis Tested on clean f32 just right now, for you <3 |
I don't remember any specific docker-compose related hacks. I think all I had to do (F32) was:
And |
In addition to the steps people have listed above, I also had a |
Is there any ETA on an official Fedora 32 repo? |
After reading this and the commentary here I read the following: https://developers.redhat.com/blog/2019/02/21/podman-and-buildah-for-docker-users/ Installed podman and all issues disapeared. Really don't want to be maintaining kernel options - otherwise I'd be running Gentoo again |
Users just wants to run containers, they don't wants to build its own docker executable. Moby is not for end-users. |
Moby allows you to run containers just fine using the exact same commands as those provided by docker-ce. The only problem you might face is SELinux. |
Why not just make new docker release and close this discussion?
As I understand, docker already can work under FC32 without problems.
…On 12.08.2020 14:32, Dr Yann Golanski wrote:
Users just wants to run containers, they don't want to build its own
docker executable. Moby is not for end-users.
Moby allows you to run containers just fine using the exact same
commands as those provided by docker-ce. The only problem you might face
is SELinux.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#955 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAH2MSAJIXWZ6SRD2CQEZZLSAJ4VHANCNFSM4LMPVS5Q>.
|
Though I am not sure someone has already reported this, I succeeded to install Docker CE binary RPMs for Fedora 31 to Fedora 32 by the following commands. It works on the basic use cases on my environment.
|
I think that is because the docker-ce's official RPM repository is not provided from Docker. And Fedora 32 is not mentioned in the official document. After those are fixed, I think we can close this ticket. https://docs.docker.com/engine/install/fedora/
Following the Fedora Magazine's document, we can install |
in case this helps anyone, I've made a quick fork of the Docker install script (the one from |
seems, that fedora 32 is completely new os, so docker is unable to support it officially yet. |
There is NO You can ither download and installfc31 versionshttps://download.docker.com/linux/fedora/31/x86_64/stable/Packages/docker-ce-cli-19.03.12-3.fc31.x86_64.rpm Delete moby if you alredy have
or install from official Fedora 32
|
Yes, I think so. |
moby |
I still need to exec this commands manually after each reboot:
|
Sorry for the long delay; our initial plan was to include Fedora 32 for our upcoming 20.x release, which will include preliminary support for both cgroupsv2 and has changes to automatically reconfigure firewalld for container networking to work. Work on cgroupsv2 in Given the delay, we decided to start shipping containerd 1.3 as an intermediate step with docker 19.03.13 and up, and to build packages for Fedora 32 with the 19.03.13 patch release. Due to the changes in Fedora 32, the install experience is slightly more involved than usual, and currently requires some extra manual steps to be performed, depending on your machine's configuration. We will update our documentation to outline those steps (and possibly add some information to the convenience install script at https://get.docker.com). Here's an example of the installation procedure on a Fedora 32 machine on DigitalOcean: Configure your machine to disable cgroups v2First, make sure that cgroups v2 are disabled (cgroups v2 are not yet supported on containerd 1.3 and lower). This requires a restart of your machine: sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
reboot On the DigitalOcean machines, firewalld is not installed by default: firewall-cmd --help
-bash: firewall-cmd: command not found
systemctl start firewalld
Failed to start firewalld.service: Unit firewalld.service not found. (Interestingly ls -la /etc/firewalld/firewalld.conf
lrwxrwxrwx. 1 root root 23 Apr 22 22:31 /etc/firewalld/firewalld.conf -> firewalld-standard.conf Install dockerThis uses the convenience installation script, but you can also follow the manual install in https://docs.docker.com/engine/install/fedora/#install-using-the-repository curl -fsSL https://get.docker.com -o get-docker.sh
sudo sh get-docker.sh Docker is not automatically started on RPM-based distros, so start docker, and enable it to start automatically on restart: sudo systemctl start docker
sudo systemctl enable docker
# Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /usr/lib/systemd/system/docker.service. Check that docker is running ( sudo docker version
Client: Docker Engine - Community
Version: 19.03.13
API version: 1.40
Go version: go1.13.15
Git commit: 4484c46d9d
Built: Wed Sep 16 17:03:54 2020
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.13
API version: 1.40 (minimum version 1.12)
Go version: go1.13.15
Git commit: 4484c46d9d
Built: Wed Sep 16 17:01:49 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.3.7
GitCommit: 8fba4e9a7d01810a393d5d25a3621dc101981175
runc:
Version: 1.0.0-rc10
GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd
docker-init:
Version: 0.18.0
GitCommit: fec3683
sudo docker info
Client:
Debug Mode: false
Server:
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 19.03.13
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175
runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
init version: fec3683
Security Options:
seccomp
Profile: default
Kernel Version: 5.6.6-300.fc32.x86_64
Operating System: Fedora 32 (Cloud Edition)
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.933GiB
Name: fedora-s-1vcpu-2gb-ams3-01
ID: 4XCZ:2SPK:VLLW:HXXC:RZ22:4YQH:EVE6:NQGU:IFBN:625J:OFBV:YLWJ
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false Run a container and make an internet connection to verify the installation works: sudo docker run --rm alpine sh -c 'wget -q -O- http://docs.docker.com | grep "<title"'
# <title>Docker Documentation | Docker Documentation</title> If your machine has firewalld installedsudo dnf install -y firewalld
sudo systemctl start firewalld
sudo systemctl enable firewalld After installing, firewalld blocks networking for containers: sudo docker run --rm alpine sh -c 'wget -q -O- http://docs.docker.com | grep "<title"'
# wget: bad address 'docs.docker.com' Configure firewalld to add
|
This issue can be closed? |
Yes, I think we can close; feel free to continue the conversation |
thanks @thaJeztah worked like a charm on Fedora Server 32 still had to execute |
@BBQigniter ah, interesting. Could you perhaps open a ticket in https://github.com/moby/moby/issues for that? Wondering if that can/should also be set automatically. Better to have a new ticket for it to track 👍 |
According to this comment: moby/moby#40360 (comment) , the coming Docker version 20 will support cgroups v2. |
We have Fedora 32 nodes now, retire the Fedora 31 testing and replace with 32. Docker isn't supported on Fedora 32. There's a problem with cgroups v2 and you can read all about it at [1]. Drop the install test. Haskell upstream has dropped F32 from the COPR repo as it is now packaged; a new package with the correct dependencies has been pushed but isn't available yet (see the inline github issue), so workaround the missing package. [1] docker/for-linux#955 Change-Id: I025613bee8c0a8513afa90331431d2c18b616464
The Docker-CE Fedora repository is the recommend way to install recommended way. It has many benefits over installing from a package or any other method.
Fedora also releases a new version every six months. The Fedora repository also takes a very long time to become ready after the release of a new version, with many issues being opened after each recent Fedora is release.
Fedora has officially branched Version 32 February 11/2020 and might have a beta release on March 17/2020.
I'm filing this issue to hopefully put this task on the radar, so that there might be a repository set up in time for the Fedora 32 release cycle....
NOTE
Some of us migrate when the beta version is ready so we have to disable the repository and wait for it to be ready
Release Schedule: https://fedorapeople.org/groups/schedule/f-32/f-32-key-tasks.html
Regards.,
The text was updated successfully, but these errors were encountered: