Solved how do I get the docker daemon running in 12.1

decuser

decuser

I have been running a docker scm-manager instance in Linux Mint 19.3 for the last several months and would like to migrate it over to FreeBSD 12.1.

Here's what I thought would work:
pkg install docker docker-machine docker-compose
docker run -d -v /zfs/scm:/var/lib/scm -p 8080:8080 --restart always scmmanager/scm-manager:2.0.0

Result:
docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.

So, I did the logical thing to try and kick off the daemon:
sysrc -f /etc/rc.conf docker_enable="YES"
service docker start

Result:
docker does not exist in /etc/rc.d or the local startup
directories (/usr/local/etc/rc.d), or is not executable

I wrote the package maintainer, but figured I'd check here as well. Anybody using docker and know how to get the service running in FreeBSD 12.1?
 
You can only run Docker on FreeBSD talking to something else. I've used docker-machine to launch a VM in VirtualBox and docker would talk to that.

Docker, itself, doesn't run on FreeBSD. At least not yet but I would suspect not any time soon unless someone puts a lot of work into it.
 
Ah. That helps make sense of some of the online posts I've seen. They weren't real clear about why they were doing it that way, so I didn't understand. I thought they just had some special use case for running vm's. Thanks for clearing it up for me.
 
decuser said:
Ah. That helps make sense of some of the online posts I've seen. They weren't real clear about why they were doing it that way, so I didn't understand. I thought they just had some special use case for running vm's. Thanks for clearing it up for me.
Click to expand...

+decuser I would be willing to help you set up scm-manager using Focker. Interested?
 
+sadaszewski Sure. I was able to get it installed natively (as a daemon running the java process) with Sebastian Sdorra's help, but if I can do it with Focker and learn something in the process, I'm up for it.
 
decuser said:
+sadaszewski Sure. I was able to get it installed natively (as a daemon running the java process) with Sebastian Sdorra's help, but if I can do it with Focker and learn something in the process, I'm up for it.
Click to expand...

Hi decuser, Please take a look at https://github.com/sadaszewski/focker/tree/master/example/scm-manager

I have prepared and tested a Focker build running scm-manager in a jail. It is the default setup with scmadmin:scmadmin credentials. Please let me know if this helps and if you manage to run it.

Best regards, -- S.
 
Here's part of the result of focker compose build ./focker-compose.yml:
...
Running: jail -c host.hostname=6cb6a02 persist=1 mount.devfs=1 interface=lo1 ip4.addr=127.0.1.0 path=/focker/images/6cb6a02 command /bin/sh -c pw user mod nobody -d /scm-manager && mkdir -p /scm-manager/.scm && chown -R nobody:nobody /scm-manager && chown -R nobody:nobody /opt/scm-server
mounts: []
pw: WARNING: home `/scm-manager' does not exist
...
File "/usr/local/lib/python3.7/shutil.py", line 120, in copyfile
with open(src, 'rb') as fsrc:
FileNotFoundError: [Errno 2] No such file or directory: '/etc/jail.conf'

It seems fatal :).

Will
 
I was able to get past the pw: WARNING by mkdir /scm-manager, but have no solution to the FileNotFoundError. I've never used jails (or at least not in the last 5 years), do I need to do some administration of jails before using flocker?

And, supposing, we get past the /etc/jail.conf issue, what I really want is for my scm files to be in /zfs/scm a zfs filesystem in my zfs pool zfs.

In the script, it looks like this might suffice:
- run:
- pw user mod nobody -d /zfs/scm
- mkdir -p /zfs/scm
- chown -R nobody:nobody /zfs/scm
- chown -R nobody:nobody /opt/scm-server

and in composition:
mounts:
scm-manager: /zfs/scm

Not sure what the point of the pw user mod nobody is (why does it need to be modified)?

Will
 
decuser said:
I was able to get past the pw: WARNING by mkdir /scm-manager, but have no solution to the FileNotFoundError. I've never used jails (or at least not in the last 5 years), do I need to do some administration of jails before using flocker?
Click to expand...
You can touch /etc/jail.conf but to be honest I have just recently updated Focker to address this very issue of non-existent /etc/jail.conf so you may as well just try to pull a newer version of Focker.

And, supposing, we get past the /etc/jail.conf issue, what I really want is for my scm files to be in /zfs/scm a zfs filesystem in my zfs pool zfs.

In the script, it looks like this might suffice:
- run:
- pw user mod nobody -d /zfs/scm
- mkdir -p /zfs/scm
- chown -R nobody:nobody /zfs/scm
- chown -R nobody:nobody /opt/scm-server

and in composition:
mounts:
scm-manager: /zfs/scm
Click to expand...

In the Fockerfile no changes are needed. In composition you need to write:

Code: 
mounts:
    /zfs/scm: /scm-manager/.scm

Not sure what the point of the pw user mod nobody is (why does it need to be modified)?

Will
Click to expand...

AFAIK, scm-manager uses the .scm directory in current user's home directory as the directory it stores all of its data. Presuming that you want to run the scm-server daemon as user nobody you need to change user nobody's home directory accordingly. And then as you can see in the composition you just nullfs-mount your host /zfs/scm to /scm-manager/.scm in the jail where /scm-manager is the directory we changed home directory of user nobody to. Does it help?
 
sadaszewski said:
Presuming that you want to run the scm-server daemon as user nobody you need to change user nobody's home directory accordingly.
Click to expand...
Other daemons depend on that nobody account, best not to change it as this might adversely affect other software. I would suggest creating a specific user for this.
 
SirDice said:
Other daemons depend on that nobody account, best not to change it as this might adversely affect other software. I would suggest creating a specific user for this.
Click to expand...

Thanks for posting this caution. I was thinking messing with nobody might not be all that safe. I'll try with a new user.
 
sadaszewski said:
You can touch /etc/jail.conf but to be honest I have just recently updated Focker to address this very issue of non-existent /etc/jail.conf so you may as well just try to pull a newer version of Focker.



In the Fockerfile no changes are needed. In composition you need to write:

Code: 
mounts:
    /zfs/scm: /scm-manager/.scm



AFAIK, scm-manager uses the .scm directory in current user's home directory as the directory it stores all of its data. Presuming that you want to run the scm-server daemon as user nobody you need to change user nobody's home directory accordingly. And then as you can see in the composition you just nullfs-mount your host /zfs/scm to /scm-manager/.scm in the jail where /scm-manager is the directory we changed home directory of user nobody to. Does it help?
Click to expand...
 
It looks like you already switched to creating a user - scm-manager. I am now able to run the scm-manager app, but it gets a permission error on startup (the app doesn't have permission to scm-manager/.scm (/zfs/scm on the host). I'm sure I'm not understanding things here because it seems that the focker file is setting up users and such inside the jail whereas the permissions problem is with the host (what user perms do I need to set on /zfs/scm?).
 
decuser said:
It looks like you already switched to creating a user - scm-manager. I am now able to run the scm-manager app, but it gets a permission error on startup (the app doesn't have permission to scm-manager/.scm (/zfs/scm on the host). I'm sure I'm not understanding things here because it seems that the focker file is setting up users and such inside the jail whereas the permissions problem is with the host (what user perms do I need to set on /zfs/scm?).
Click to expand...
You would need to chown -R 65532:65532 /zfs/scm. Following SirDice's suggestion I have switched to a dedicated user inside of the jail (username: scm-manager) with fixed UID of 65532. Once this is done I believe you need to restart the jail by running focker jail stop scm-manager followed by focker jail start scm-manager.
 
OK. I just tried again, from scratch. Now I am getting this message:
Bootstrapping pkg from pkg+http://pkg0.tuk.freebsd.org/FreeBSD:12:amd64/quarterly, please wait...
pkg: Error fetching http://pkg0.tuk.freebsd.org/FreeBSD:12:amd64/quarterly/Latest/pkg.txz: No address record
Consider changing PACKAGESITE or installing it from ports: 'ports-mgmt/pkg'.

It's greek to me, but looks like maybe an issue with the pkg site or a configuration setting in focker (but I couldn't fine PACKAGESITE in the fockerfile or composition.
 
'No address record' is a common error message, it means DNS resolving isn't working.
 
That's what I thought, too, but host, in the same session, worked:

host pkg0.tuk.freebsd.org
pkg0.tuk.freebsd.org has address 204.15.11.114
pkg0.tuk.freebsd.org has IPv6 address 2620:11c:5001:1118:1337::3
pkg0.tuk.freebsd.org mail is handled by 0 .

and pkg update also works.
 
On second thought, it wasn't "the same session"! I put a run: host pkg0.tuk.freebsd.org command in my Fockerfile and got a timeout... So, I went and uninstalled focker and while I was uninstalling, it occurred to me that I was installing it on a different machine than when I took down the original note and the nic was a different chipset, so, re0 became em0 and I reran.

Et voila - it works!
 
Just to summarize:

In order to use Focker to install scm-manager, just follow https://github.com/sadaszewski/focker/tree/master/example/scm-manager and make the appropriate customizations. In my case, I wanted scm-manager to live in /zfs/scm, a zfs filesystem that I keep on a separate mirror. I made two customizations:

1. On the host, user 65532 needs to own scm-manager's files:
Code: 
chown -R 65532:65532 /zfs/scm
or, better yet
Code: 
pw user add -n scm-manager -u 65532 -d /zfs/scm -c "scm-manager account"
chown -R scm-manager:scm-manager /zfs/scm

2. The mount in the focker-compose.yml file needs to reflect the scm-manager home directory on the host:
Code: 
vi example/scm-manager/focker-compose.yml
change:
    mounts:
      scm-manager: /scm-manager/.scm
to:
mounts:
      /zfs/scm: /scm-manager/.scm

If your nic isn't em0, change em0 to whatever nic ifconfig shows in the edits to pf.conf:
Code: 
echo "rdr on em0 proto tcp from any to (em0) port 8080 -> 127.0.55.1 port 8080" >>/etc/pf.conf
echo "nat on em0 from (lo1:network) -> (em0)" >>/etc/pf.conf

That should do it.
 
You must log in or register to reply here.
Back
Top