2

Docker in Fedora 39

 3 weeks ago
source link: https://www.lorenzobettini.it/2024/04/docker-in-fedora-39/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Docker in Fedora 39

I haven’t been using Fedora for a few years but wanted to try it again (Fedora 39). In the past, I had a few problems with Docker in Fedora (see Fixing Docker problems in Fedora). Things are slightly improved, while others haven’t changed. For sure, I gave up using the official Docker command in Fedora: I’m using “moby-engine” instead of “docker-ce” and also “docker-compose“. In the past, Moby was mostly working out of the box, while Docker CE required a few tweaks. I don’t think it’s worthwhile insisting on tweaking it, so I’ll go straight with Moby.

This is a docker-compose file that gave me troubles in the past in Fedora:

services:
    image: mysql:5.7
    environment:
      - MYSQL_ROOT_PASSWORD=somewordpress
      - MYSQL_DATABASE=wordpress
      - MYSQL_USER=wordpress
      - MYSQL_PASSWORD=wordpress
    expose:
      - 3306
      - 33060

Save it to “docker-compose.yaml” and run “docker-compose up,” and it works fine! (In the past, with Docker CE, this used to hang and eat all the memory).

Concerning the Testcontainers library, I’ll use this example project (taken from my TDD book): https://github.com/LorenzoBettini/it-docker-mongo-example. I run “mvn verify”.

When it comes to using Testcontainers, I get this error:

Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/_ping: dial unix /var/run/docker.sock: connect: permission denied[\n]"
[ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.001 s <<< FAILURE! - in com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT
[ERROR] com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT  Time elapsed: 0.001 s  <<< ERROR!
java.lang.IllegalStateException: Ryuk failed to start
Caused by: com.github.dockerjava.api.exception.NotFoundException:
Status 404: {"message":"No such container: be095fae9fc281a783e46e9787d51907370d8fee4fd24cee8729f71a9904df1f"}

However, the error goes away if I update Testcontainers to a more recent version (previously, I was using 1.16.3):

  <properties>
    <testcontainers.version>1.19.3</testcontainers.version>
  </properties>
    <dependency>
      <groupId>org.testcontainers</groupId>
      <artifactId>testcontainers</artifactId>
      <version>${testcontainers.version}</version>
      <scope>test</scope>
    </dependency>
    <dependency>
      <groupId>org.testcontainers</groupId>
      <artifactId>mongodb</artifactId>
      <version>${testcontainers.version}</version>
      <scope>test</scope>
    </dependency>
    <dependency>
      <groupId>org.testcontainers</groupId>
      <artifactId>junit-jupiter</artifactId>
      <version>${testcontainers.version}</version>
      <scope>test</scope>
    </dependency>

So, that works!

Let’s try now by telling Docker to use another folder (for the images and containers) on another disk.

First, stop Docker

sudo systemctl stop docker

Then, change this file (remember, I’m using “moby-engine”, which uses this file with these contents) “/etc/sysconfig/docker”:

# /etc/sysconfig/docker
# Modify these options if you want to change the way the docker daemon runs
OPTIONS="--selinux-enabled \
  --log-driver=journald \
  --live-restore \
  --default-ulimit nofile=1024:1024 \
  --init-path /usr/libexec/docker/docker-init \
  --userland-proxy-path /usr/libexec/docker/docker-proxy \

I’m adding this last line to point to a directory that mounts a partition on another disk:

# /etc/sysconfig/docker
# Modify these options if you want to change the way the docker daemon runs
OPTIONS="--selinux-enabled \
  --log-driver=journald \
  --live-restore \
  --default-ulimit nofile=1024:1024 \
  --init-path /usr/libexec/docker/docker-init \
  --userland-proxy-path /usr/libexec/docker/docker-proxy \
  --data-root /media/bettini/common/docker \

And let’s reload Docker

sudo systemctl daemon-reload

Now, the “docker-compose.yaml” file above gives this error:

Attaching to docker-compose-mysql_db_1
db_1  | /bin/bash: error while loading shared libraries: /lib64/libc.so.6: cannot apply additional memory protection after relocation: Permission denied
docker-compose-mysql_db_1 exited with code 127

And the Maven project above fails with something like that:

[ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 5.25 s <<< FAILURE! - in com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT
[ERROR] com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT  Time elapsed: 5.25 s  <<< ERROR!
org.testcontainers.containers.ContainerLaunchException: Container startup failed for image mongo:4.4.3
Caused by: org.rnorth.ducttape.RetryCountExceededException: Retry limit hit with exception
Caused by: org.testcontainers.containers.ContainerLaunchException: Could not create/start container

This problem is due to SELinux (that figures!!!) If you temporarily disable SELinux:

sudo setenforce 0

Everything succeeds again!

Thus, Moby in Fedora 39 works out of the box with the default configuration. If you want images and containers in another mounted directory (not handled by Selinux), you must disable SELinux.

Better than nothing! 😉

Like this:

Loading...

Related


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK