Fatal: Docker storage backend doesn't match value in /etc/islet/islet.conf

[sebelk]

Hi, It outputs that error when /opt/islet/bin/islet_shell is launched:

I've tried on Ubuntu 14.04:

I didn't use install-docker targer because it fails, instead I followed the instructions of https://docs.docker.com/installation/ubuntulinux/.

docker info:

Containers: 0
Images: 32
Storage Driver: devicemapper
 Pool Name: docker-252:1-574424-pool
 Pool Blocksize: 65.54 kB
 Backing Filesystem: extfs
 Data file: /dev/loop0
 Metadata file: /dev/loop1
 Data Space Used: 2.351 GB
 Data Space Total: 107.4 GB
 Data Space Available: 3.659 GB
 Metadata Space Used: 2.531 MB
 Metadata Space Total: 2.147 GB
 Metadata Space Available: 2.145 GB
 Udev Sync Supported: true
 Deferred Removal Enabled: false
 Data loop file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata loop file: /var/lib/docker/devicemapper/devicemapper/metadata
 Library Version: 1.02.77 (2012-10-15)
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 3.19.0-31-generic
Operating System: Ubuntu 14.04.3 LTS
CPUs: 1
Total Memory: 1.462 GiB
Name: sergio-VirtualBox
ID: LFBY:F6TR:MD7R:EO7V:BMAW:SKVX:Z3BD:WMGP:JGZH:AW7I:FPXI:FU4D
WARNING: No swap limit support

Mi docker config:

cat /etc/default/docker 
DOCKER_OPTS="--storage-driver=devicemapper --storage-opt dm.basesize=2G"

Am I doing something wrong? Thanks in advance!

[jonschipp]

You need to set the STORAGE_BACKEND variable in /etc/islet/islet.conf to value devicemapper. ISLET defaults to AUFS now because it's what I mostly see. Eventually I'll have it autodetect, thanks. I'll add this to to the documentation and check on the install-docker make target - I noticed that they changed the install process recently.

[sebelk]

Thanks, now it outputs:

shell: CLIENT= SRCPORT= SERVER= DSTPORT= SSH_TTY= TERM=xterm-256color PPID=1942 TMOUT=60 opt: docker run --name=bro.sergio4 --tty --hostname bro --cpu-shares 1024 --cpuset-cpus 0 --memory 256m --memory-swap 10m --net none --dns 127.0.0.1 --add-host bro:127.0.0.1 -v /exercises:/exercises:ro --cap-drop AUDIT_WRITE --cap-drop CHOWN --cap-drop DAC_OVERRIDE --cap-drop FOWNER --cap-drop FSETID --cap-drop MAC_OVERRIDE --cap-drop MKNOD --cap-drop NET_BIND_SERVICE --cap-add NET_RAW --cap-drop SYSLOG --cap-drop SYS_ADMIN --cap-drop SYS_CHROOT --cap-drop KILL --cap-add SETFCAP --cap-add SETUID --cap-add SETGID --cap-drop AUDIT_CONTROL --cap-drop BLOCK_SUSPEND --cap-drop DAC_READ_SEARCH --cap-drop IPC_LOCK --cap-drop IPC_OWNER --cap-drop LEASE --cap-drop LINUX_IMMUTABLE --cap-drop NET_ADMIN --cap-drop NET_BROADCAST --cap-drop SYS_BOOT --cap-drop SYS_MODULE --cap-drop SYS_PACCT --cap-drop SYS_PTRACE --cap-drop SYS_NICE --cap-drop SYS_RAWIO --cap-drop SYS_RESOURCE --cap-drop SYS_TIME --cap-drop SYS_TTY_CONFIG --cap-drop WAKE_ALARM --workdir /home/demo --env IMAGE --env PLATFORM --interactive broplatform/brolive su demo Enjoy yourself! Training materials are in /exercises WARNING: Localhost DNS setting (--dns=127.0.0.1) may fail in containers. WARNING: Your kernel does not support swap limit capabilities, memory limited without swap. su: System error

My system and kernek are:

Linux sergio-VirtualBox 3.19.0-31-generic #36~14.04.1-Ubuntu SMP Thu Oct 8 10:21:08 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

Any ideas?

Thanks in advance!!

[jonschipp]

hmmm, looks like su demo is failing - I wonder if something has changed, I'll spin up a test instance. Have you changed any other ISLET default config values such as in /etc/islet/islet.conf, /etc/islet/security.conf, /etc/islet/brolive.conffile?

The value after opt: in the debug output prints the exact docker command used. You can play around with it on the command line but you'll have to change --name= to something like --name=$RANDOM so there are not name conflicts. Trying change su demo to sudo -i -u demo and see if that works for now. If so, then set COMMAND="sudo -i -u $VIRTUSER" in/etc/islet/brolive.conf` for now.

docker run --name=bro.sergio4 --tty --hostname bro --cpu-shares 1024 --cpuset-cpus 0 --memory 256m --memory-swap 10m --net none --dns 127.0.0.1 --add-host bro:127.0.0.1 -v /exercises:/exercises:ro --cap-drop AUDIT_WRITE --cap-drop CHOWN --cap-drop DAC_OVERRIDE --cap-drop FOWNER --cap-drop FSETID --cap-drop MAC_OVERRIDE --cap-drop MKNOD --cap-drop NET_BIND_SERVICE --cap-add NET_RAW --cap-drop SYSLOG --cap-drop SYS_ADMIN --cap-drop SYS_CHROOT --cap-drop KILL --cap-add SETFCAP --cap-add SETUID --cap-add SETGID --cap-drop AUDIT_CONTROL --cap-drop BLOCK_SUSPEND --cap-drop DAC_READ_SEARCH --cap-drop IPC_LOCK --cap-drop IPC_OWNER --cap-drop LEASE --cap-drop LINUX_IMMUTABLE --cap-drop NET_ADMIN --cap-drop NET_BROADCAST --cap-drop SYS_BOOT --cap-drop SYS_MODULE --cap-drop SYS_PACCT --cap-drop SYS_PTRACE --cap-drop SYS_NICE --cap-drop SYS_RAWIO --cap-drop SYS_RESOURCE --cap-drop SYS_TIME --cap-drop SYS_TTY_CONFIG --cap-drop WAKE_ALARM --workdir /home/demo --env IMAGE --env PLATFORM --interactive broplatform/brolive su demo

[sebelk]

HI @jonschipp

I've modified /etc/islet/brolive.conf as you suggested and it does not work with an existing user:

Welcome back! Training materials are in /exercises opt: docker start bro.sergio && docker attach bro.sergio Failed to run! Turn on debug mode for more info: DEBUG=yes in /etc/islet/islet.conf

But it works with a new one:

shell: CLIENT= SRCPORT= SERVER= DSTPORT= SSH_TTY= TERM=xterm-256color PPID=1942 TMOUT=60 opt: docker run --name=bro.cadorna --tty --hostname bro --cpu-shares 1024 --cpuset-cpus 0 --memory 256m --memory-swap 10m --net none --dns 127.0.0.1 --add-host bro:127.0.0.1 -v /exercises:/exercises:ro --cap-drop AUDIT_WRITE --cap-drop CHOWN --cap-drop DAC_OVERRIDE --cap-drop FOWNER --cap-drop FSETID --cap-drop MAC_OVERRIDE --cap-drop MKNOD --cap-drop NET_BIND_SERVICE --cap-add NET_RAW --cap-drop SYSLOG --cap-drop SYS_ADMIN --cap-drop SYS_CHROOT --cap-drop KILL --cap-add SETFCAP --cap-add SETUID --cap-add SETGID --cap-drop AUDIT_CONTROL --cap-drop BLOCK_SUSPEND --cap-drop DAC_READ_SEARCH --cap-drop IPC_LOCK --cap-drop IPC_OWNER --cap-drop LEASE --cap-drop LINUX_IMMUTABLE --cap-drop NET_ADMIN --cap-drop NET_BROADCAST --cap-drop SYS_BOOT --cap-drop SYS_MODULE --cap-drop SYS_PACCT --cap-drop SYS_PTRACE --cap-drop SYS_NICE --cap-drop SYS_RAWIO --cap-drop SYS_RESOURCE --cap-drop SYS_TIME --cap-drop SYS_TTY_CONFIG --cap-drop WAKE_ALARM --workdir /home/demo --env IMAGE --env PLATFORM --interactive broplatform/brolive sudo -i -u demo Enjoy yourself! Training materials are in /exercises WARNING: Localhost DNS setting (--dns=127.0.0.1) may fail in containers. WARNING: Your kernel does not support swap limit capabilities, memory limited without swap. demo@bro:~$

HTH, and any comments will be welcome. (I don't exactly about the swap warnings...)

Go ahead is a great project!

[jonschipp]

yah, the bro.sergio container will not be functional because it failed on creation. If a container fails at creation it will be unusable - it's one of the shortcomings/bugs that needs to be handled better in ISLET. If you want to use the sergio account again for bro you can remove the failed container via the ISLET menu - it's on the numbered options to delete a container, then selecting bro again will create a new container with the sudo -i change and put you into it.

Ignore the WARNINGs e.g. swap - these are from Docker and are only printed when DEBUG="yes", just about everyone sees them and they're harmless.

I'm going to try to test the bro config today with the su issue, thanks for reporting. Let me know if you need anything else