search

JetBrains / teamcity-docker-agent

TeamCity agent docker image sources
https://hub.docker.com/r/jetbrains/teamcity-agent/
Apache License 2.0
77 stars 64 forks source link

Docker service fails to set ulimit #73

Closed toth-istvan-zoltan closed 2 years ago

toth-istvan-zoltan commented 2 years ago

We experiment with a teamcity installation in a rootless docker environment.

We have almost everything working, but the docker service fails to start inside the agent container.

When I try to start docker service manually, I get the following error:

dock@docker1:/home/dock$ docker exec -it 3bc70e07407b bash
buildagent@3bc70e07407b:/$ sudo service docker start
/etc/init.d/docker: 103: ulimit: error setting limit (Operation not permitted)

I'm thinking about removing the ulimit from /etc/init.d/docker and add it to the docker container with the --ulimit parameter.

Have anyone had this problem before? Any advices and/or opitions about the solution above?

We created the container with "--privileged -e DOCKER_IN_DOCKER=start":

docker run -d --restart always -it -e SERVER_URL="10.173.2.72:8111"  
-v /home/dock/.local/share/teamcity/data/teamcity_agent/conf:/data/teamcity_agent/conf 
-v agent1_volumes:/var/lib/docker 
--privileged -e DOCKER_IN_DOCKER=start 
simplexion/tca11androidsdk

Dockerfile of the agent image:

FROM jetbrains/teamcity-agent:2021.1.2-linux-sudo

ENV ANDROID_HOME /opt/android-sdk-linux

# Download Android SDK into $ANDROID_HOME and unzip it.
# You can find the URL to the current Android SDK version at: https://developer.android.com/studio/index.html

USER root

RUN mkdir -p ${ANDROID_HOME}/cmdline-tools && \
    chown -R buildagent:buildagent ${ANDROID_HOME}

USER buildagent

RUN cd ${ANDROID_HOME}/cmdline-tools && \
    curl -L https://dl.google.com/android/repository/commandlinetools-linux-7583922_latest.zip -o android_tools.zip && \
    unzip android_tools.zip && \
    rm android_tools.zip

ENV PATH ${PATH}:${ANDROID_HOME}/cmdline-tools/cmdline-tools/bin:${ANDROID_HOME}/cmdline-tools:${ANDROID_HOME}/cmdline-tools/bin:${ANDROID_HOME}/platform-tools

# Accept Android SDK licenses

RUN yes | sdkmanager --licenses

RUN sdkmanager 'platform-tools'
RUN sdkmanager 'platforms;android-31'
RUN sdkmanager 'build-tools;31.0.0'
RUN sdkmanager 'extras;google;google_play_services'
RUN sdkmanager 'cmdline-tools;latest'
RUN sdkmanager 'extras;google;market_licensing'
RUN sdkmanager 'patcher;v4'
RUN sdkmanager 'system-images;android-30;google_apis;x86'
RUN sdkmanager 'extras;google;m2repository'
RUN sdkmanager 'extras;android;m2repository'
toth-istvan-zoltan commented 2 years ago

Update:

Commenting out these lines in the /etc/init.d/docker works. I'm not sure that it is a good solution because the comments mention performance issues but it starts docker at least.

    #ulimit -n 1048576

        # Having non-zero limits causes performance problems due to accounting overhead
        # in the kernel. We recommend using cgroups to do container-local accounting.
        #if [ "$BASH" ]; then
        #   ulimit -u unlimited
        #else
        #   ulimit -p unlimited
        #fi