search

docker-library / docker

Docker Official Image packaging for Docker
Apache License 2.0
1.09k stars 568 forks source link

Docker service refuses to restart if daemon.json is created #493

Closed Arelius-D closed 1 month ago

Arelius-D commented 1 month ago

As soon as I put these lines 

{
  "hosts": ["unix:///var/run/docker.sock", "tcp://127.0.0.1:2375"]
}

in /etc/docker/daemon.json (which I had to create running sudo touch /etc/docker/daemon.json) Docker refuses to restart with sudo service docker restart (regardless if sudo systemctl daemon-reload was executed or not)

The output I'm getting when trying to restart Docker service is:

Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xeu docker.service" for details.

Output from systemctl status docker.service:

× docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; preset: enabled)
     Active: failed (Result: exit-code) since Mon 2024-05-13 22:56:10 CEST; 4s ago
   Duration: 6min 3.437s
TriggeredBy: × docker.socket
       Docs: https://docs.docker.com
    Process: 612239 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://127.0.0.1:2375 (code=exited, status=1/FAILURE)
   Main PID: 612239 (code=exited, status=1/FAILURE)
        CPU: 67ms

May 13 22:56:07 Pi5 systemd[1]: Failed to start docker.service - Docker Application Container Engine.
May 13 22:56:10 Pi5 systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
May 13 22:56:10 Pi5 systemd[1]: Stopped docker.service - Docker Application Container Engine.
May 13 22:56:10 Pi5 systemd[1]: docker.service: Start request repeated too quickly.
May 13 22:56:10 Pi5 systemd[1]: docker.service: Failed with result 'exit-code'.
May 13 22:56:10 Pi5 systemd[1]: Failed to start docker.service - Docker Application Container Engine.

and from journalctl -xeu docker.service

░░ Support: https://www.debian.org/support
░░ 
░░ An ExecStart= process belonging to unit docker.service has exited.
░░ 
░░ The process' exit code is 'exited' and its exit status is 1.
May 13 22:56:07 Pi5 systemd[1]: docker.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ The unit docker.service has entered the 'failed' state with result 'exit-code'.
May 13 22:56:07 Pi5 systemd[1]: Failed to start docker.service - Docker Application Container Engine.
░░ Subject: A start job for unit docker.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ A start job for unit docker.service has finished with a failure.
░░ 
░░ The job identifier is 7741 and the job result is failed.
May 13 22:56:10 Pi5 systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
░░ Subject: Automatic restarting of a unit has been scheduled
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ Automatic restarting of the unit docker.service has been scheduled, as the result for
░░ the configured Restart= setting for the unit.
May 13 22:56:10 Pi5 systemd[1]: Stopped docker.service - Docker Application Container Engine.
░░ Subject: A stop job for unit docker.service has finished
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ A stop job for unit docker.service has finished.
░░ 
░░ The job identifier is 7840 and the job result is done.
May 13 22:56:10 Pi5 systemd[1]: docker.service: Start request repeated too quickly.
May 13 22:56:10 Pi5 systemd[1]: docker.service: Failed with result 'exit-code'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ The unit docker.service has entered the 'failed' state with result 'exit-code'.
May 13 22:56:10 Pi5 systemd[1]: Failed to start docker.service - Docker Application Container Engine.
░░ Subject: A start job for unit docker.service has failed
░░ Defined-By: systemd
░░ Support: https://www.debian.org/support
░░ 
░░ A start job for unit docker.service has finished with a failure.
░░ 
░░ The job identifier is 7840 and the job result is failed.

Some clarification: I wanted to setup Docker API properly (to avoid granting direct access to the docker.sock) and this time around, I tried to be causes. (Things went wrong when I was careless).

My sources of information has been Official doc combined with articles link, link for the modification of ´docker.service´. I think trying to compile 3 sources ultimately created some confusion for my novice brain which perhaps have lead me into this very outcome/situation.

sudo cat /lib/systemd/system/docker.service

[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service time-set.target
Wants=network-online.target containerd.service
Requires=docker.socket

[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
#ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock -H tcp://127.0.0.1:2375
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always

# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3

# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s

# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNPROC=infinity
LimitCORE=infinity

# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity

# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes

# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500

[Install]
WantedBy=multi-user.target

I have tried to redo the steps but the outcome remains the same. So I'm in way over my head and here now, I can't tell if this is a bug with Docker or some other kind of issue, eg user error, problem with permissions etc.. so please advise!

whalelines commented 1 month ago

This repository contains the source for the docker Docker Official Image, https://hub.docker.com/_/docker, and is not a general resource for running the Docker daemon.

You can ask for help in the Docker Community Slack. If you are not already a member of the Docker Community Slack, you can use this link to join. You can find more support options at Docker Support.

Regarding this specific issue, I would pay particular attention to this section of the documentation you link to:

Configuring Docker to listen for connections using both the systemd unit file and the daemon.json file causes a conflict that prevents Docker from starting.

It looks like you are doing both and therefore would be seeing the "conflict that prevents Docker from starting."