Open IevgenVovk opened 4 years ago
I recall there were udev rules that were added way in the past (for devicemapper at the time); https://github.com/moby/moby/pull/2983, but I don't think those are still included, and would likely have to be updated, or a different approach as you describe. Is x-gvfs-hide
specific for KDE? I'd be a bit cautious with adding options that are very specific to the environment.
/cc @tianon
Heh, the udev rules added there are still included in the repo, and in downstream distro packages: https://github.com/moby/moby/blob/7ae5222c72cc2aac42225df8f62c2f71a1813ab4/contrib/udev/80-docker.rules
(not sure if they're still included in the Docker-published packages)
As for x-gvfs-hide
being KDE-specific; if anything it's GNOME-specific and KDE happens to read/use it too (gvfs
is technically a GNOME thing, but it's reasonably standardized these days, in my experience).
In other words, yeah, I think it would be pretty reasonable for Docker to apply this to rootfs mounts, although I am curious why it doesn't come up more often (ie, what are other display managers doing differently to hide the Docker mounts)?
I don't think udev rules are shipped with Docker packages (at least in Ubuntu):
apt-file list docker-ce
docker-ce: /etc/default/docker
docker-ce: /etc/init.d/docker
docker-ce: /etc/init/docker.conf
docker-ce: /lib/systemd/system/docker.service
docker-ce: /lib/systemd/system/docker.socket
docker-ce: /usr/bin/docker-init
docker-ce: /usr/bin/docker-proxy
docker-ce: /usr/bin/dockerd
docker-ce: /usr/share/doc/docker-ce/README.md
docker-ce: /usr/share/doc/docker-ce/changelog.Debian.gz
apt-file list docker-ce-cli
docker-ce-cli: /usr/bin/docker
docker-ce-cli: /usr/libexec/docker/cli-plugins/docker-app
docker-ce-cli: /usr/libexec/docker/cli-plugins/docker-buildx
docker-ce-cli: /usr/share/bash-completion/completions/docker
docker-ce-cli: /usr/share/doc/docker-ce-cli/changelog.Debian.gz
docker-ce-cli: /usr/share/fish/vendor_completions.d/docker.fish
...
(Clearly unrelated /usr/share/man/ entries suppressed)
I've tried manually adding them and restarting udev, but this didn't help (also tried replacing "/var/lib/docker/*"
with "/media/data/docker/*"
). Am not sure if a full reboot is required to apply them; if so, can try it later, as the machine is now in use.
I've same issue.
I'm using kubuntu 20.04. I tried to add https://github.com/moby/moby/blob/7ae5222c72cc2aac42225df8f62c2f71a1813ab4/contrib/udev/80-docker.rules in /etc/udev/rules.d
but it's not working.
I am curious why it doesn't come up more often (ie, what are other display managers doing differently to hide the Docker mounts)?
As I understand it was ok for KDE. It stop working after this fix https://phabricator.kde.org/D22080 which allow to add overlay fs in Dolphin file manager. One more thread related to this issue.
Following the thread linked by @dmvslv:
solid-hardware5 list
udi = '/org/kde/fstab'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/7da333276364f9d119028db21847141988decd8567a5e8bd241779e96e4dccd8/merged'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/5cf89946bd6472d9791888db9a4118383c23b8fcf05d1962367cbf383b68d1ef/merged'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/b68d0c59567d2c8c577b1b55aee1792b7db86eb95cea8ce101392c4058897c8c/merged'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/97f27433aee03359b9afebf89b907f60b96e125c1078b75a5eb135d612932de1/merged'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/fac298fe2ce931af6a44b28d617987950411df118d09495627957f969acf8f9f/merged'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/08f0724e7b747d21dad70eeb26dabe3aa6a4a31a2a8666a5201a2247c2f7d47a/merged'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/718bda7c52051b735d9ff331a86a87171fee095690128a6c6b5d0aeba19fc9a2/merged'
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/6f80955eed645e2e872a3a1e637ad126b40d473ecffbe4409691f0bdf7ce4393/merged'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:15.1/i2c_designware.1/i2c-1/i2c-DLL06E4:01/0018:06CB:7A13.0001/input/input13'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:15.1/i2c_designware.1/i2c-1/i2c-DLL06E4:01/0018:06CB:7A13.0001/input/input13/event8'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:15.1/i2c_designware.1/i2c-1/i2c-DLL06E4:01/0018:06CB:7A13.0001/input/input13/mouse0'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:15.1/i2c_designware.1/i2c-1/i2c-DLL06E4:01/0018:06CB:7A13.0001/input/input14'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:15.1/i2c_designware.1/i2c-1/i2c-DLL06E4:01/0018:06CB:7A13.0001/input/input14/event9'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:15.1/i2c_designware.1/i2c-1/i2c-DLL06E4:01/0018:06CB:7A13.0001/input/input14/mouse1'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1c.0/0000:02:00.0/net/wlp2s0'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/hwC0D0'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/hwC0D2'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/pcmC0D0c'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/pcmC0D0p'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/pcmC0D10p'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/pcmC0D3p'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/pcmC0D7p'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/pcmC0D8p'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/pcmC0D9p'
udi = '/org/kde/solid/udev/sys/devices/pci0000:00/0000:00:1f.3/sound/card0/controlC0'
udi = '/org/kde/solid/udev/sys/devices/platform/serial8250/tty/ttyS0'
udi = '/org/kde/solid/udev/sys/devices/platform/serial8250/tty/ttyS1'
udi = '/org/kde/solid/udev/sys/devices/platform/serial8250/tty/ttyS2'
udi = '/org/kde/solid/udev/sys/devices/platform/serial8250/tty/ttyS3'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu0'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu1'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu2'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu3'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu4'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu5'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu6'
udi = '/org/kde/solid/udev/sys/devices/system/cpu/cpu7'
udi = '/org/kde/solid/udev/sys/devices/virtual/input/input35/event19'
udi = '/org/kde/solid/udev/sys/devices/virtual/input/input35/mouse2'
udi = '/org/kde/solid/udev/sys/devices/virtual/misc/uhid/0005:046D:B023.0005/input/input32'
udi = '/org/kde/solid/udev/sys/devices/virtual/misc/uhid/0005:046D:B023.0005/input/input32/event20'
udi = '/org/kde/solid/udev/sys/devices/virtual/misc/uhid/0005:046D:B023.0005/input/input32/mouse3'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-052ac8a5a965'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-09722d8ff285'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-17441e0ab94a'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-380f5236d6ca'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-4de11b8c4723'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-9a3b649224b1'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-9b33d4733457'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-a8268e336c52'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-c1abc059a354'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-cc78f835ff43'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-d6ad604d680b'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/br-dceec219c738'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/docker0'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/lo'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/veth0b5f749'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/veth3a168c8'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/veth5b4c0db'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/veth81d2f2d'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/vetha2d0258'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/vethb49dbdc'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/vethea924ec'
udi = '/org/kde/solid/udev/sys/devices/virtual/net/vethf5cc398'
udi = '/org/kde/solid/udev/sys/devices/virtual/sound/timer'
udi = '/org/freedesktop/UDisks2/block_devices/nvme0n1p2'
udi = '/org/freedesktop/UDisks2/block_devices/loop0'
udi = '/org/freedesktop/UDisks2/block_devices/nvme0n1'
udi = '/org/freedesktop/UDisks2/block_devices/loop6'
udi = '/org/freedesktop/UDisks2/block_devices/loop7'
udi = '/org/freedesktop/UDisks2/block_devices/nvme0n1p3'
udi = '/org/freedesktop/UDisks2/block_devices/loop1'
udi = '/org/freedesktop/UDisks2/block_devices/nvme0n1p4'
udi = '/org/freedesktop/UDisks2/block_devices/loop2'
udi = '/org/freedesktop/UDisks2/block_devices/nvme0n1p5'
udi = '/org/freedesktop/UDisks2/block_devices/loop3'
udi = '/org/freedesktop/UDisks2/block_devices/nvme0n1p6'
udi = '/org/freedesktop/UDisks2/block_devices/loop4'
udi = '/org/freedesktop/UDisks2/block_devices/loop5'
udi = '/org/freedesktop/UDisks2/block_devices/nvme0n1p1'
udi = '/org/freedesktop/UDisks2/drives/THNSN5512GPU7_NVMe_TOSHIBA_512GB_46FS10AHT5ZV'
udi = '/org/freedesktop/UPower'
udi = '/org/freedesktop/UPower/devices/line_power_AC'
udi = '/org/freedesktop/UPower/devices/battery_BAT0'
udi = '/org/freedesktop/UPower/devices/mouse_dev_D9_D3_23_91_17_66'
udi = '/org/freedesktop/UPower/devices/battery_hidpp_battery_3'
solid-hardware5 details /org/kde/fstab/overlay/var/lib/docker/overlay2/5cf89946bd6472d9791888db9a4118383c23b8fcf05d1962367cbf383b68d1ef/merged
udi = '/org/kde/fstab/overlay/var/lib/docker/overlay2/5cf89946bd6472d9791888db9a4118383c23b8fcf05d1962367cbf383b68d1ef/merged'
parent = '/org/kde/fstab' (string)
vendor = 'overlay' (string)
product = '/var/lib/docker/overlay2/5cf89946bd6472d9791888db9a4118383c23b8fcf05d1962367cbf383b68d1ef/merged' (string)
description = '/var/lib/docker/overlay2/5cf89946bd6472d9791888db9a4118383c23b8fcf05d1962367cbf383b68d1ef/merged (overlay)' (string)
icon = 'folder' (string)
StorageAccess.accessible = true (bool)
StorageAccess.filePath = '/var/lib/docker/overlay2/5cf89946bd6472d9791888db9a4118383c23b8fcf05d1962367cbf383b68d1ef/merged' (string)
StorageAccess.ignored = false (bool)
According to /u/kbroulik/:
"fstab backend only hides those with
x-gvfs-hide
option set"
Summary: it seems the x-gvfs-hide
option should be set.
Guys any updates or a possible fix??
In my case the udev rules did nothing after creating the file and rebooting, i still see a bunch of entries on Dolphin device listing. Maybe the rules are outdated (last commit to that file was in 2013).
Ubuntu 20.04 (KDE Neon) Docker 19.03.13 (Swarm mode)
~Ok, I would like to precise how things are going.~
~Before placing the UDEV rule, Plasma Desktop
was displaying burst of notifications which said that volume is not reachable or something like that.~
~After applying that UDEV rules file, these notifications are not appearing, Plasma still "freezes", but for significantly reduced period comparing to situation without this UDEV file.~
~I am working using 9 containers in docker-compose and that UDEV file made it more comfortable.~
EDIT: I have removed this UDEV rule, ale seems like something different caused that there are no notifications anymore. I have also learned how UDEV rules work and it is not possible that it would work with newest Docker-CE.
I was jumping around Docker-CE code, and seems that the lowest layers of mounting are using: https://golang.org/pkg/syscall/#Mount https://golang.hotexamples.com/examples/syscall/-/Mount/golang-mount-function-examples.html
I think relevant calls are somewhere there: https://github.com/moby/moby/tree/master/daemon/graphdriver/overlay which calls/references to: https://github.com/moby/sys
NOTE: I am not aware how graphdriver
or just drivers
are working in Docker-CE.
Worth looking part is a flow of /etc/docker/daemon.json
parsing while using devicemapper
because it has storage-opt
flow implemented:
https://docs.docker.com/engine/reference/commandline/dockerd/#options-per-storage-driver
which might be a way to be "a model" for all another Linux storage drivers, to introduce a way, to pass x-gvfs-hide
mounting attribute.
I think "a bottleneck" to introduce that option is https://github.com/moby/sys/blob/master/mount/mounter_linux_test.go
If I understand correctly moby/sys
is "hand-made" middleware/translator between graphdriver
and syscall/Mount
.
I think that is not "trivial" to pass x-gvfs-hide
via config - especially without GoLang IDE.
Maybe hard-coding an option as being Linux specific could be easier.
I have upgraded to kubuntu 20.10 and the problem seems to be gone now.
In my case fresh booting of the newest KDE Neon does not cause freezing Plasma, but with "brute-force-like" test, while doing looped up-sleep-down-sleep in sequence it appears again after a while.
In my case, the desktop seems to freeze due to lots of notification popups. As a (very ugly) workaround, you can disable them, preventing the desktop from freezing:
Any updates on this?
I'm having a similar issue. Any ETA on when this will be fixed?
i bind mount /var/lib/docker to my encrypted /home/docker and dolphin shows TWO entries for every container:
/var/lib/docker /home/docker
this very much wants configuration but LibSolid is quite lacking in documentation.
I'm facing this issue and could not find any workaround either from Docker side (i.e., is there a way to add the x-gfvs-hide option at mount time?) or from KDE (not sure if there is an option to ignore the mounting of these volumes).
I'm really unsure about the motivations from KDE to the patch linked, specially because they sort of ignored situations such ephemeral mounts that should not be remembered as removable media. KDE keeps track of these volumes on two places, one is the ~/.local/share/user-places.xbel file, that remembers these entries (each of them, forever!!!) and the other is the removable media devices seen by KDED in another file under ~/.config. After a few time, it is just crazy full and started to break other stuff like loading the removable media screen.
I'm using KDE from Debian Stable now, so I'm doomed with no updates on this even if fixed by KDE unless I patch it myself (which I may do eventually).
Following up if this ever get fixed by Docker side. Thanks for the attention.
I'm using KDE from Debian Stable now
I can only say, that using:
Docker version 20.10.11, build dea9396
and
Package: plasma-desktop
Version: 4:5.23.4-0xneon+20.04+focal+release+build45
Seems to not cause any troubles, but I can't tell you what have changed and what caused "a fix", and which version of all packages variations/permutations provided the fix.
The issue still persists on my system, following here for updates on a fix.
Starting Docker containers on KDE-enabled systems leads to the desktop (KDE Plasma) being irresponsible while the containers are created or destroyed. The duration of the desktop frozen state increases with the number of containers run and their start up times.
The issues seems be linked to container mount points being discovered by KDE and appearing, e.g., in the KDE-enabled file managers (e.g. Dolphin, Krusader). Discussion in the KDE bug tracker suggested Docker does not mark the containers as not meant as a user-accessible storage, proposing it should make use of
x-gvfs-hidden
option to solve this.Expected behavior
Container start/stop does not freeze the desktop; containers do not appear in the file managers device lists.
Actual behavior
Desktop freezes creation/destruction. Each run container gets a link e.g. in the Dolphin "Devices" list.
Steps to reproduce the behavior
services: ubuntu-test-0: container_name: ubuntu-test-0 image: ubuntu:latest entrypoint: ["sleep", "infinity"] ubuntu-test-1: container_name: ubuntu-test-1 image: ubuntu:latest entrypoint: ["sleep", "infinity"] ubuntu-test-2: container_name: ubuntu-test-2 image: ubuntu:latest entrypoint: ["sleep", "infinity"] ubuntu-test-3: container_name: ubuntu-test-3 image: ubuntu:latest entrypoint: ["sleep", "infinity"] ubuntu-test-4: container_name: ubuntu-test-4 image: ubuntu:latest entrypoint: ["sleep", "infinity"] ubuntu-test-5: container_name: ubuntu-test-5 image: ubuntu:latest entrypoint: ["sleep", "infinity"] ubuntu-test-6: container_name: ubuntu-test-6 image: ubuntu:latest entrypoint: ["sleep", "infinity"]
Client: Docker Engine - Community Version: 19.03.12 API version: 1.40 Go version: go1.13.10 Git commit: 48a66213fe Built: Mon Jun 22 15:45:44 2020 OS/Arch: linux/amd64 Experimental: false
Server: Docker Engine - Community Engine: Version: 19.03.12 API version: 1.40 (minimum version 1.12) Go version: go1.13.10 Git commit: 48a66213fe Built: Mon Jun 22 15:44:15 2020 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.2.13 GitCommit: 7ad184331fa3e55e52b890ea95e65ba581ae3429 runc: Version: 1.0.0-rc10 GitCommit: dc9208a3303feef5b3839f4323d9beb36df0a9dd docker-init: Version: 0.18.0 GitCommit: fec3683
Client: Debug Mode: false
Server: Containers: 11 Running: 0 Paused: 0 Stopped: 11 Images: 1454 Server Version: 19.03.12 Storage Driver: overlay2 Backing Filesystem: extfs Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: 7ad184331fa3e55e52b890ea95e65ba581ae3429 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd init version: fec3683 Security Options: apparmor seccomp Profile: default Kernel Version: 5.4.0-42-generic Operating System: Ubuntu 20.04.1 LTS OSType: linux Architecture: x86_64 CPUs: 8 Total Memory: 15.56GiB Name: Hyperion ID: 2Z7O:HDBF:OEW2:GSCZ:H4BN:7JCI:42MU:2VT2:SNYV:M72R:FPLZ:2NDB Docker Root Dir: /media/data/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false
WARNING: No swap limit support