search

docker / for-mac

Bug reports for Docker Desktop for Mac
https://www.docker.com/products/docker#/mac
2.43k stars 118 forks source link

Containers stuck in the "Created" state #7290

Open lukewis opened 4 months ago

lukewis commented 4 months ago

Description

This issue happens intermittently, but several times per day. When running docker compose up some containers will get stuck in the "Created" state indefinitely. The only way to get out of this state is to reboot the machine or exit docker desktop and restart it (using the "Restart" command from the menu just hangs indefinitely also).

The diagnostics check seems confused about whether the linux vm is running or not. Early in the log it says that the vm is running

"vmPaused":false,"vmRunning":true,"vmStopped":false

But then later on it declares that the vm has not started

foo@MBP16 ~ % /Applications/Docker.app/Contents/MacOS/com.docker.diagnose check
Starting diagnostics

[2024-05-22T19:04:31.022003000Z][com.docker.diagnose.ipc][I] e072415e-diagnose -> <HOME>/Library/Containers/com.docker.docker/Data/backend.sock BackendAPI
[2024-05-22T19:04:31.022372000Z][com.docker.diagnose.ipc][I] (5b755fdd) e072415e-diagnose C->S BackendAPI POST /idle/make-busy
[2024-05-22T19:04:31.023121000Z][com.docker.diagnose.ipc][I] (5b755fdd) e072415e-diagnose C<-S cae19501-BackendAPI POST /idle/make-busy (735.578µs): 0xc0001394e0
[2024-05-22T19:04:32.023366000Z][com.docker.diagnose.ipc][I] (68fcf893) e072415e-diagnose C->S BackendAPI GET /idle
[2024-05-22T19:04:32.024295000Z][com.docker.diagnose.ipc][I] (68fcf893) e072415e-diagnose C<-S cae19501-BackendAPI GET /idle (822.585µs): {"apisInFlight":{"/v1.45/containers/30c38d292127/stats":14,"/v1.45/containers/30c38d292127642379cfcab1355826100bc069e2e2925748acc51395cdda981e/start":1},"booted":true,"busyReason":["35 container(s)","in-flight APIs: map[/v1.45/containers/30c38d292127/stats:14 /v1.45/containers/30c38d292127642379cfcab1355826100bc069e2e2925748acc51395cdda981e/start:1]","timed activities: map[/idle/make-busy:28.99913062s]"],"containers":35,"idle":"bool","kubernetesEnabled":false,"reduced":false,"services":0,"timedActivities":{"/idle/make-busy":"float64"},"vmPaused":false,"vmRunning":true,"vmStopped":false,"windowsContainers":false}
[PASS] DD0027: is there available disk space on the host?
[PASS] DD0028: is there available VM disk space?
[PASS] DD0018: does the host support virtualization?
[PASS] DD0001: is the application running?
[FAIL] DD0017: can a VM be started? vm has not started: vm has not started
[FAIL] DD0016: is the LinuxKit VM running? prereq failed: can a VM be started?
[FAIL] DD0004: is the Docker engine running? prereq failed: is the LinuxKit VM running?
[PASS] DD0015: are the binary symlinks installed?
[FAIL] DD0031: does the Docker API work? prereq failed: is the Docker engine running?
[PASS] DD0013: is the $PATH ok?
[FAIL] DD0003: is the Docker CLI working? prereq failed: is the Docker engine running?
[FAIL] DD0038: is the connection to Docker working? prereq failed: is the Docker engine running?
[FAIL] DD0014: are the backend processes running? prereq failed: is the LinuxKit VM running?
[FAIL] DD0007: is the backend responding? prereq failed: are the backend processes running?
[FAIL] DD0009: is the vpnkit API responding? prereq failed: are the backend processes running?
[FAIL] DD0010: is the Docker API proxy responding? prereq failed: are the backend processes running?
[FAIL] DD0030: is the image access management authorized? prereq failed: is the Docker engine running?
[PASS] DD0033: does the host have Internet access?
[PASS] DD0018: does the host support virtualization?
[PASS] DD0001: is the application running?
[WARN] DD0017: can a VM be started? vm has not started: vm has not started
[WARN] DD0016: is the LinuxKit VM running? prereq failed: can a VM be started?
[WARN] DD0004: is the Docker engine running? prereq failed: is the LinuxKit VM running?
[PASS] DD0015: are the binary symlinks installed?
[WARN] DD0031: does the Docker API work? prereq failed: is the Docker engine running?
[WARN] DD0032: do Docker networks overlap with host IPs? prereq failed: does the Docker API work?

Please note the following 5 warnings:

1 : The check: can a VM be started?
    Produced the following warning: vm has not started: vm has not started

The Docker engine runs inside a Linux VM. Therefore we must be able to start Virtual Machines.

2 : The check: is the LinuxKit VM running?
    Produced the following warning: prereq failed: can a VM be started?

The Docker engine runs inside a Linux VM. Therefore the VM must be running.

3 : The check: is the Docker engine running?
    Produced the following warning: prereq failed: is the LinuxKit VM running?

The Docker engine manages all containers and images on the host. Check the dockerd.log to see why it failed to start.

4 : The check: does the Docker API work?
    Produced the following warning: prereq failed: is the Docker engine running?

If the Docker API is not available from the host then Docker Desktop will not work correctly.

5 : The check: do Docker networks overlap with host IPs?
    Produced the following warning: prereq failed: does the Docker API work?

If the subnet used by a Docker network overlaps with an IP used by the host, then containers
won't be able to contact the overlapping IP addresses.

Try configuring the IP address range used by networks: in your docker-compose.yml.
See https://docs.docker.com/compose/compose-file/compose-file-v2/#ipv4_address-ipv6_address

Please investigate the following 1 issue:

1 : The test: can a VM be started?
    Failed with: vm has not started: vm has not started

The Docker engine runs inside a Linux VM. Therefore we must be able to start Virtual Machines.

Reproduce

run docker compose up (this issue happens intermittently, so I've been unable to determine reliable steps to reproduce, but it happens multiple times per day)

Expected behavior

No response

docker version

Client:
 Cloud integration: v1.0.35+desktop.13
 Version:           26.0.0
 API version:       1.45
 Go version:        go1.21.8
 Git commit:        2ae903e
 Built:             Wed Mar 20 15:14:46 2024
 OS/Arch:           darwin/amd64
 Context:           desktop-linux

Server: Docker Desktop 4.29.0 (145265)
 Engine:
  Version:          26.0.0
  API version:      1.45 (minimum version 1.24)
  Go version:       go1.21.8
  Git commit:       8b79278
  Built:            Wed Mar 20 15:18:01 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.6.28
  GitCommit:        ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc:
  Version:          1.1.12
  GitCommit:        v1.1.12-0-g51d5e94
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client:
 Version:    26.0.0
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.13.1-desktop.1
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.26.1-desktop.1
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-compose
  debug: Get a shell into any image or container. (Docker Inc.)
    Version:  0.0.27
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-debug
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.2
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.23
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-extension
  feedback: Provide feedback, right in your terminal! (Docker Inc.)
    Version:  v1.0.4
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-feedback
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.1.0
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-sbom
  scout: Docker Scout (Docker Inc.)
    Version:  v1.6.3
    Path:     /Users/wisniewski/.docker/cli-plugins/docker-scout
WARNING: Plugin "/Users/wisniewski/.docker/cli-plugins/docker-scan" is not valid: failed to fetch metadata: fork/exec /Users/wisniewski/.docker/cli-plugins/docker-scan: no such file or directory

Server:
 Containers: 42
  Running: 35
  Paused: 0
  Stopped: 7
 Images: 271
 Server Version: 26.0.0
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: ae07eda36dd25f8a1b98dfbf587313b99c0190bb
 runc version: v1.1.12-0-g51d5e94
 init version: de40ad0
 Security Options:
  seccomp
   Profile: unconfined
  cgroupns
 Kernel Version: 6.6.22-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 15.62GiB
 Name: docker-desktop
 ID: 7cb03dbb-6bc1-4506-abd0-a800587f95ee
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Labels:
  com.docker.desktop.address=unix:///Users/wisniewski/Library/Containers/com.docker.docker/Data/docker-cli.sock
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: daemon is not using the default seccomp profile

Diagnostics ID

52F6F400-078B-4055-ADF2-026233CE3547/20240522190124

Additional Info

No response

jstewmon commented 3 months ago

This week, I started experiencing this issue, but I think I only started observing it after updating from 4.29 to 4.31. I have been able to recover by opening Activity Monitor and killing the Docker app and the VM.

Possibly worth mentioning: I'm experiencing this issue on a company issued macbook, and a recent IT policy change revokes local admin privileges by default (have to explicitly request temporary admin privileges for anything requiring admin privileges).

lukewis commented 3 weeks ago

Update - this is happening more frequently (5-6 times per day?). It extends beyond just containers in the "Created" state. When this happens, most (all?) containers become unresponsive. Containers hosting web apis will fail to respond, logs stop, etc. I've been accepting every update offered (now at version 4.34.0, Engine 27.2.0, and Compose 2.29.2-desktop.2)