Unable to start docker service on nix vagrant VM

EdPrado4 commented 5 years ago

Issue description

Hello, I'm trying to run docker inside a vagrant nix machine, but i'm not able to start docker service. I already enable virtualisation on configuration.nix file, created docker user and group, but I still get the Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?. message. When I try to run systemctl status docker I get Unit docker.service could not be found.. Is there any solution to this problem? many thanks in advance.

Steps to reproduce

Start docker nix shell: nix-shell -p docker

Test docker: docker run hello-world

Technical details

Please run nix-shell -p nix-info --run "nix-info -m" and paste the results.

system: "i686-linux"
host os: Linux 4.14.78, NixOS, 18.03.133352.19fc6daa537 (Impala)
multi-user?: yes
sandbox: no
version: nix-env (Nix) 2.0.4
channels(root): "nixos-18.03.133352.19fc6daa537"
channels(vagrant): ""
nixpkgs: /nix/var/nix/profiles/per-user/root/channels/nixos/nixpkgs

Ma27 commented 5 years ago

With nix-shell -p docker you don't "start" docker, you simply install the package into a simple environment in your user environment, but the docker daemon is not running.

May I ask which box you're running on Vagrant? If it's actually NixOS, you can add virtualisation.docker.enable= true to your NixOS configuration :)

Feel free to ping me if you need further assistance.

EdPrado4 commented 5 years ago

I'm currently running a vagrant nixbox (nixos/nixos-18.03-i686) machine. I already added that line on my configuration.nix (among others) without any luck I just can't track what it's wrong with my docker config, my configuration.nix looks like this:

{ config, pkgs, ... }:

{
  imports =
    [ # Include the results of the hardware scan.
      ./hardware-configuration.nix
      ./vagrant.nix
    ];

  # Use the GRUB 2 boot loader.
  boot.loader.grub.enable = true;
  boot.loader.grub.version = 2;
  boot.loader.grub.device = "/dev/sda";

  # remove the fsck that runs at startup. It will always fail to run, stopping
  # your boot until you press *. 
  boot.initrd.checkJournalingFS = false;

  # Services to enable:

  # Enable the OpenSSH daemon.
  services.openssh.enable = true;

  # Enable DBus
  services.dbus.enable    = true;

  # Replace nptd by timesyncd
  services.timesyncd.enable = true;

  # Enable guest additions.
  virtualisation.virtualbox.guest.enable = true;
  virtualisation.docker.enable = true;
  virtualisation.docker.liveRestore = false;

  # Packages for Vagrant
  environment.systemPackages = with pkgs; [
    findutils
    gnumake
    iputils
    jq
    nettools
    netcat
    nfs-utils
    rsync
  ];

  # Creates a "vagrant" users with password-less sudo access
  users = {
    extraGroups = [ { name = "vagrant"; } { name = "vboxsf"; } { name = "docker"; } ];
    extraUsers  = [
      # Try to avoid ask password
      { name = "root"; password = "vagrant"; }
      {
        description     = "Vagrant User";
        name            = "vagrant";
        group           = "vagrant";
        extraGroups     = [ "users" "vboxsf" "wheel" "docker" ];
        password        = "vagrant";
        home            = "/home/vagrant";
        createHome      = true;
        useDefaultShell = true;
        openssh.authorizedKeys.keys = [
          "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
        ];
      }
    ];
  };

  security.sudo.configFile =
    ''
      Defaults:root,%wheel env_keep+=LOCALE_ARCHIVE
      Defaults:root,%wheel env_keep+=NIX_PATH
      Defaults:root,%wheel env_keep+=TERMINFO_DIRS
      Defaults env_keep+=SSH_AUTH_SOCK
      Defaults lecture = never
      root   ALL=(ALL) SETENV: ALL
      %wheel ALL=(ALL) NOPASSWD: ALL, SETENV: ALL
    '';

      virtualisation.docker.enable = true;
      users.users.<myuser>.extraGroups = [ "docker" ];

}

Many thanks in advance

Ma27 commented 5 years ago

so... with enabled dockerd and your user being part of the docker group the most obvious causes can be excluded :+1:

So, the nixbox is the one from here, right? https://github.com/nix-community/nixbox

I'll see if I have sufficient time on one of the next weekends to have a closer look at this, then we'll see how we proceed ok? :)

jokogr commented 5 years ago

Might be related to #50170

Could you post the output of systemctl status docker.service?

EdPrado4 commented 5 years ago

so... with enabled dockerd and your user being part of the docker group the most obvious causes can be excluded

So, the nixbox is the one from here, right? https://github.com/nix-community/nixbox

I'll see if I have sufficient time on one of the next weekends to have a closer look at this, then we'll see how we proceed ok? :)

Thank you very much. Indeed i'm using nixos/nixos-18.03-i686 machine, my dockerd service apparently works but throws some warnings:

[nix-shell:~]$ sudo dockerd
INFO[2018-11-13T13:54:32.536125755Z] libcontainerd: started new docker-containerd process  pid=3129
INFO[2018-11-13T13:54:32.536973008Z] parsed scheme: "unix"                         module=grpc
INFO[2018-11-13T13:54:32.537555903Z] scheme "unix" not registered, fallback to default scheme  module=grpc
INFO[2018-11-13T13:54:32.538067869Z] ccResolverWrapper: sending new addresses to cc: [{unix:///var/run/docker/containerd/docker-containerd.sock 0  <nil>}]  module=grpc
INFO[2018-11-13T13:54:32.538527787Z] ClientConn switching balancer to "pick_first"  module=grpc
INFO[2018-11-13T13:54:32.538987816Z] pickfirstBalancer: HandleSubConnStateChange: 0x1522b7b0, CONNECTING  module=grpc
INFO[0000] starting containerd                           revision=.m version=v1.0.2
INFO[0000] loading plugin "io.containerd.content.v1.content"...  type=io.containerd.content.v1
INFO[0000] loading plugin "io.containerd.snapshotter.v1.btrfs"...  type=io.containerd.snapshotter.v1
WARN[0000] failed to load plugin io.containerd.snapshotter.v1.btrfs  error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
INFO[0000] loading plugin "io.containerd.snapshotter.v1.aufs"...  type=io.containerd.snapshotter.v1
WARN[0000] failed to load plugin io.containerd.snapshotter.v1.aufs  error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found in directory /run/current-system/kernel-modules/lib/modules/4.14.78\n": exit status 1"
INFO[0000] loading plugin "io.containerd.snapshotter.v1.native"...  type=io.containerd.snapshotter.v1
INFO[0000] loading plugin "io.containerd.snapshotter.v1.overlayfs"...  type=io.containerd.snapshotter.v1
INFO[0000] loading plugin "io.containerd.snapshotter.v1.zfs"...  type=io.containerd.snapshotter.v1
WARN[0000] failed to load plugin io.containerd.snapshotter.v1.zfs  error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
INFO[0000] loading plugin "io.containerd.metadata.v1.bolt"...  type=io.containerd.metadata.v1
WARN[0000] could not use snapshotter aufs in metadata plugin  error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found in directory /run/current-system/kernel-modules/lib/modules/4.14.78\n": exit status 1"
WARN[0000] could not use snapshotter zfs in metadata plugin  error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
WARN[0000] could not use snapshotter btrfs in metadata plugin  error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
INFO[0000] loading plugin "io.containerd.differ.v1.walking"...  type=io.containerd.differ.v1
INFO[0000] loading plugin "io.containerd.gc.v1.scheduler"...  type=io.containerd.gc.v1
INFO[0000] loading plugin "io.containerd.service.v1.containers-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.service.v1.content-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.service.v1.diff-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.service.v1.images-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.service.v1.leases-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.service.v1.namespaces-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.service.v1.snapshots-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.monitor.v1.cgroups"...  type=io.containerd.monitor.v1
INFO[0000] loading plugin "io.containerd.runtime.v1.linux"...  type=io.containerd.runtime.v1
INFO[0000] loading plugin "io.containerd.service.v1.tasks-service"...  type=io.containerd.service.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.containers"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.content"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.diff"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.events"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.healthcheck"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.images"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.leases"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.namespaces"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.snapshots"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.tasks"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.version"...  type=io.containerd.grpc.v1
INFO[0000] loading plugin "io.containerd.grpc.v1.introspection"...  type=io.containerd.grpc.v1
INFO[0000] serving...                                    address="/var/run/docker/containerd/docker-containerd-debug.sock"
INFO[0000] serving...                                    address="/var/run/docker/containerd/docker-containerd.sock"
INFO[0000] containerd successfully booted in 0.018054s  
INFO[2018-11-13T13:54:32.572883441Z] pickfirstBalancer: HandleSubConnStateChange: 0x1522b7b0, READY  module=grpc
INFO[2018-11-13T13:54:32.574572173Z] parsed scheme: "unix"                         module=grpc
INFO[2018-11-13T13:54:32.574594446Z] scheme "unix" not registered, fallback to default scheme  module=grpc
INFO[2018-11-13T13:54:32.574636550Z] ccResolverWrapper: sending new addresses to cc: [{unix:///var/run/docker/containerd/docker-containerd.sock 0  <nil>}]  module=grpc
INFO[2018-11-13T13:54:32.574647968Z] ClientConn switching balancer to "pick_first"  module=grpc
INFO[2018-11-13T13:54:32.574673146Z] pickfirstBalancer: HandleSubConnStateChange: 0x1522bde0, CONNECTING  module=grpc
INFO[2018-11-13T13:54:32.574840908Z] pickfirstBalancer: HandleSubConnStateChange: 0x1522bde0, READY  module=grpc
INFO[2018-11-13T13:54:32.578322148Z] [graphdriver] using prior storage driver: overlay2 
INFO[2018-11-13T13:54:32.582353318Z] Graph migration to content-addressability took 0.00 seconds 
WARN[2018-11-13T13:54:32.583653553Z] Your kernel does not support cgroup rt period 
WARN[2018-11-13T13:54:32.584854236Z] Your kernel does not support cgroup rt runtime 
INFO[2018-11-13T13:54:32.587233712Z] parsed scheme: "unix"                         module=grpc
INFO[2018-11-13T13:54:32.588175287Z] scheme "unix" not registered, fallback to default scheme  module=grpc
INFO[2018-11-13T13:54:32.589567397Z] ccResolverWrapper: sending new addresses to cc: [{unix:///var/run/docker/containerd/docker-containerd.sock 0  <nil>}]  module=grpc
INFO[2018-11-13T13:54:32.590517786Z] ClientConn switching balancer to "pick_first"  module=grpc
INFO[2018-11-13T13:54:32.591075252Z] pickfirstBalancer: HandleSubConnStateChange: 0x1533a970, CONNECTING  module=grpc
INFO[2018-11-13T13:54:32.592166176Z] pickfirstBalancer: HandleSubConnStateChange: 0x1533a970, READY  module=grpc
INFO[2018-11-13T13:54:32.592888327Z] Loading containers: start.                   
INFO[2018-11-13T13:54:32.797701018Z] Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address 
INFO[2018-11-13T13:54:32.877057961Z] Loading containers: done.                    
WARN[2018-11-13T13:54:32.902162964Z] failed to retrieve docker-runc version: unknown output format: runc version 1.0.0-rc5+dev
spec: 1.0.0

INFO[2018-11-13T13:54:32.905779248Z] Docker daemon                                 commit=e68fc7a215d7133c34aa18e3b72b4a21fd0c6136 graphdriver(s)=overlay2 version=18.06.1-ce
INFO[2018-11-13T13:54:32.912157575Z] Daemon has completed initialization          
INFO[2018-11-13T13:54:32.942552036Z] API listen on /var/run/docker.sock

Thank you for all your support

EdPrado4 commented 5 years ago

Might be related to #50170

Could you post the output of systemctl status docker.service?

Helllo @jokogr , sure this is what I get:

[nix-shell:~]$ systemctl status docker.service
Unit docker.service could not be found.

If I try with sudo I get the same output, however, when I run sudo dockerd it recognizes the command, getting the above mentioned result.

stale[bot] commented 4 years ago

Thank you for your contributions.

This has been automatically marked as stale because it has had no activity for 180 days.

If this is still important to you, we ask that you leave a comment below. Your comment can be as simple as "still important to me". This lets people see that at least one person still cares about this. Someone will have to do this at most twice a year if there is no other activity.

Here are suggestions that might help resolve this more quickly:

Search for maintainers and people that previously touched the related code and @ mention them in a comment.
Ask on the NixOS Discourse.
Ask on the #nixos channel on irc.freenode.net.

NixOS / nixpkgs