search

docker / for-mac

Bug reports for Docker Desktop for Mac
https://www.docker.com/products/docker#/mac
2.44k stars 118 forks source link

Docker Desktop 4.35.1 will not run Oracle 23 #7485

Open andrew-simmons opened 1 week ago

andrew-simmons commented 1 week ago

Description

On Docker Desktop 4.35.1, my team cannot run our Oracle database (FREE 23ai) container successfully.

Docker Desktop 4.34.3, does run the container successfully, but we are being asked to use the newer Docker for security improvements.

Reproduce

  1. docker run -p 1521:1521 --shm-size=1g container-registry.oracle.com/database/free:23.5.0.0
  2. view logs

Expected behavior

Docker should successfully start the Oracle database container.

docker version

Client:
 Version:           27.3.1
 API version:       1.47
 Go version:        go1.22.7
 Git commit:        ce12230
 Built:             Fri Sep 20 11:38:18 2024
 OS/Arch:           darwin/amd64
 Context:           desktop-linux

Server: Docker Desktop 4.35.1 (173168)
 Engine:
  Version:          27.3.1
  API version:      1.47 (minimum version 1.24)
  Go version:       go1.22.7
  Git commit:       41ca978
  Built:            Fri Sep 20 11:41:11 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.21
  GitCommit:        472731909fa34bd7bc9c087e4c27943f9835f111
 sysbox-runc:
  Version:          :                   0.6.9-1
  GitCommit:
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client:
 Version:    27.3.1
 Context:    desktop-linux
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.17.1-desktop.1
    Path:     /Users/asimmons/.docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.29.7-desktop.1
    Path:     /Users/asimmons/.docker/cli-plugins/docker-compose
  debug: Get a shell into any image or container (Docker Inc.)
    Version:  0.0.37
    Path:     /Users/asimmons/.docker/cli-plugins/docker-debug
  desktop: Docker Desktop commands (Alpha) (Docker Inc.)
    Version:  v0.0.15
    Path:     /Users/asimmons/.docker/cli-plugins/docker-desktop
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.2
    Path:     /Users/asimmons/.docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.27
    Path:     /Users/asimmons/.docker/cli-plugins/docker-extension
  feedback: Provide feedback, right in your terminal! (Docker Inc.)
    Version:  v1.0.5
    Path:     /Users/asimmons/.docker/cli-plugins/docker-feedback
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.3.0
    Path:     /Users/asimmons/.docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /Users/asimmons/.docker/cli-plugins/docker-sbom
  scout: Docker Scout (Docker Inc.)
    Version:  v1.14.0
    Path:     /Users/asimmons/.docker/cli-plugins/docker-scout

Server:
 Containers: 1
  Running: 1
  Paused: 0
  Stopped: 0
 Images: 5
 Server Version: 27.3.1
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc sysbox-runc
 Default Runtime: sysbox-runc
 Init Binary: docker-init
 containerd version: 472731909fa34bd7bc9c087e4c27943f9835f111
 runc version:
 init version: de40ad0
 Security Options:
  seccomp
   Profile: unconfined
  cgroupns
 Kernel Version: 6.10.11-linuxkit
 Operating System: Docker Desktop
 OSType: linux
 Architecture: x86_64
 CPUs: 8
 Total Memory: 7.753GiB
 Name: docker-desktop
 ID: 113d3f82-688c-4136-ac86-11e8d644270a
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http.docker.internal:3128
 HTTPS Proxy: http.docker.internal:3128
 No Proxy: hubproxy.docker.internal
 Labels:
  com.docker.desktop.address=unix:///Users/asimmons/Library/Containers/com.docker.docker/Data/docker-cli.sock
 Experimental: false
 Insecure Registries:
  hubproxy.docker.internal:5555
  127.0.0.0/8
 Live Restore Enabled: false

Diagnostics ID

2E7C106F-738A-4CF4-AB70-775436B24CCC/20241114214706

Additional Info

Starting Oracle Net Listener. Oracle Net Listener started. Starting Oracle Database instance FREE. Oracle Database instance FREE started.

The Oracle base remains unchanged with value /opt/oracle ##################################### ########### E R R O R ############### DATABASE SETUP WAS NOT SUCCESSFUL! Please check output for further info! ########### E R R O R ############### ##################################### The following output is now a tail of the alert.log: Stored outlines will be desupported in the next release. Starting ORACLE instance (normal) (OS id: 153) Errors in file /opt/oracle/diag/rdbms/free/FREE/trace/FREE_ora_153.trc (incident=8011): ORA-00600: internal error code, arguments: [ksmcsg: failed to get total shm available], [], [], [], [], [], [], [], [], [], [], [] ORA-27300: OS system dependent operation:Cannot open /proc/sys/kernel/shm failed with status: 75 ORA-27301: OS failure message: Value too large for defined data type ORA-27302: failure occurred at: sskgmgtssa_1 Incident details in: /opt/oracle/diag/rdbms/free/FREE/incident/incdir_8011/FREE_ora_153_i8011.trc Use ADRCI or Support Workbench to package the incident. See Note 411.1 at My Oracle Support for error and packaging details.

sh-4.4$ cat /opt/oracle/diag/rdbms/free/FREE/trace/FREE_ora_153.trc Trace file /opt/oracle/diag/rdbms/free/FREE/trace/FREE_ora_153.trc Oracle Database 23ai Free Release 23.0.0.0.0 - Develop, Learn, and Run for Free Version 23.5.0.24.07 Build label: RDBMS_23.5.0.24.07DBRU_LINUX.X64_240710.4 ORACLE_HOME: /opt/oracle/product/23ai/dbhomeFree System name: Linux Node name: a47b7d6575b9 Release: 6.10.11-linuxkit Version: #1 SMP PREEMPT_DYNAMIC Thu Oct 3 10:19:48 UTC 2024 Machine: x86_64 Storage: ? CLID: U Instance name: FREE Instance number: 0 Redo thread mounted by this instance: 0 Oracle process number: 0 Unix process pid: 153, NID: 4026532696, image:

*** 2024-11-14T21:34:53.325491+00:00 DDE: Flood control is not active 2024-11-14T21:34:53.433119+00:00 Incident 8011 created, dump file: /opt/oracle/diag/rdbms/free/FREE/incident/incdir_8011/FREE_ora_153_i8011.trc ORA-00600: internal error code, arguments: [ksmcsg: failed to get total shm available], [], [], [], [], [], [], [], [], [], [], [] ORA-27300: OS system dependent operation:Cannot open /proc/sys/kernel/shm failed with status: 75 ORA-27301: OS failure message: Value too large for defined data type ORA-27302: failure occurred at: sskgmgtssa_1

KJHA:2phase 010 opi_error:600

andrew-simmons commented 1 week ago

This is also happening on 4.36.0

andrew-simmons commented 1 week ago

Worked with an admin to turn off Enhanced Container Isolation on 4.36.0, and that allows Oracle DB to run normally.

What is the Enhanced Container Isolation doing to the /proc/sys/kernel/shm* files? Would you expand the documentation on how Enhanced Container Isolation affects the proc filesystem?