Description of problem

I am not able to use shared docker socket between host machine and a docker container.

Expected result

The docker client that is in container connects to docker daemon at host machine and launches other containers.

Actual result

In the container when trying to execute any docker command "Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?"

Meta details

Running kata-collect-data.sh version 0.0.1 (commit f6544a3524f43dbfba3ca1a3a89502e7792390b0) at 2018-07-03.10:03:03.555301752+0200.

Runtime is /usr/local/bin/kata-runtime.

`kata-env`

Output of "/usr/local/bin/kata-runtime kata-env":

[Meta]
  Version = "1.0.11"

[Runtime]
  Debug = false
  [Runtime.Version]
    Semver = "0.0.1"
    Commit = "f6544a3524f43dbfba3ca1a3a89502e7792390b0"
    OCI = "1.0.1"
  [Runtime.Config]
    Path = "/usr/share/defaults/kata-containers/configuration.toml"

[Hypervisor]
  MachineType = "pc"
  Version = "QEMU emulator version 2.11.0\nCopyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers"
  Path = "/usr/bin/qemu-lite-system-x86_64"
  BlockDeviceDriver = "virtio-scsi"
  Msize9p = 8192
  Debug = false

[Image]
  Path = "/usr/share/kata-containers/kata-containers-image_clearlinux_agent_a099747.img"

[Kernel]
  Path = "/usr/share/kata-containers/vmlinuz-4.14.22.1-130.container"
  Parameters = ""

[Initrd]
  Path = ""

[Proxy]
  Type = "kataProxy"
  Version = "kata-proxy version 1.0.0"
  Path = "/usr/libexec/kata-containers/kata-proxy"
  Debug = false

[Shim]
  Type = "kataShim"
  Version = "kata-shim version 1.0.0"
  Path = "/usr/libexec/kata-containers/kata-shim"
  Debug = false

[Agent]
  Type = "kata"
  Version = "<<unknown>>"

[Host]
  Kernel = "4.15.11"
  Architecture = "amd64"
  VMContainerCapable = true
  [Host.Distro]
    Name = "Ubuntu"
    Version = "18.04"
  [Host.CPU]
    Vendor = "GenuineIntel"
    Model = "Intel(R) Core(TM) i7-8550U CPU @ 1.80GHz"

Runtime config files

Runtime default config files

/etc/kata-containers/configuration.toml
/usr/share/defaults/kata-containers/configuration.toml

Runtime config file contents

Config file /etc/kata-containers/configuration.toml not found Output of "cat "/usr/share/defaults/kata-containers/configuration.toml"":

# Copyright (c) 2017-2018 Intel Corporation
#
# SPDX-License-Identifier: Apache-2.0
#

# XXX: WARNING: this file is auto-generated.
# XXX:
# XXX: Source file: "cli/config/configuration.toml.in"
# XXX: Project:
# XXX:   Name: Kata Containers
# XXX:   Type: kata

[hypervisor.qemu]
path = "/usr/bin/qemu-lite-system-x86_64"
kernel = "/usr/share/kata-containers/vmlinuz.container"
image = "/usr/share/kata-containers/kata-containers.img"
machine_type = "pc"

# Optional space-separated list of options to pass to the guest kernel.
# For example, use `kernel_params = "vsyscall=emulate"` if you are having
# trouble running pre-2.15 glibc.
#
# WARNING: - any parameter specified here will take priority over the default
# parameter value of the same name used to start the virtual machine.
# Do not set values here unless you understand the impact of doing so as you
# may stop the virtual machine from booting.
# To see the list of default parameters, enable hypervisor debug, create a
# container and look for 'default-kernel-parameters' log entries.
kernel_params = ""

# Path to the firmware.
# If you want that qemu uses the default firmware leave this option empty
firmware = ""

# Machine accelerators
# comma-separated list of machine accelerators to pass to the hypervisor.
# For example, `machine_accelerators = "nosmm,nosmbus,nosata,nopit,static-prt,nofw"`
machine_accelerators=""

# Default number of vCPUs per SB/VM:
# unspecified or 0                --> will be set to 1
# < 0                             --> will be set to the actual number of physical cores
# > 0 <= number of physical cores --> will be set to the specified number
# > number of physical cores      --> will be set to the actual number of physical cores
default_vcpus = 1

# Default maximum number of vCPUs per SB/VM:
# unspecified or == 0             --> will be set to the actual number of physical cores or to the maximum number
#                                     of vCPUs supported by KVM if that number is exceeded
# > 0 <= number of physical cores --> will be set to the specified number
# > number of physical cores      --> will be set to the actual number of physical cores or to the maximum number
#                                     of vCPUs supported by KVM if that number is exceeded
# WARNING: Depending of the architecture, the maximum number of vCPUs supported by KVM is used when
# the actual number of physical cores is greater than it.
# WARNING: Be aware that this value impacts the virtual machine's memory footprint and CPU
# the hotplug functionality. For example, `default_maxvcpus = 240` specifies that until 240 vCPUs
# can be added to a SB/VM, but the memory footprint will be big. Another example, with
# `default_maxvcpus = 8` the memory footprint will be small, but 8 will be the maximum number of
# vCPUs supported by the SB/VM. In general, we recommend that you do not edit this variable,
# unless you know what are you doing.
default_maxvcpus = 0

# Bridges can be used to hot plug devices.
# Limitations:
# * Currently only pci bridges are supported
# * Until 30 devices per bridge can be hot plugged.
# * Until 5 PCI bridges can be cold plugged per VM.
#   This limitation could be a bug in qemu or in the kernel
# Default number of bridges per SB/VM:
# unspecified or 0   --> will be set to 1
# > 1 <= 5           --> will be set to the specified number
# > 5                --> will be set to 5
default_bridges = 1

# Default memory size in MiB for SB/VM.
# If unspecified then it will be set 2048 MiB.
#default_memory = 2048

# Disable block device from being used for a container's rootfs.
# In case of a storage driver like devicemapper where a container's 
# root file system is backed by a block device, the block device is passed
# directly to the hypervisor for performance reasons. 
# This flag prevents the block device from being passed to the hypervisor, 
# 9pfs is used instead to pass the rootfs.
disable_block_device_use = false

# Block storage driver to be used for the hypervisor in case the container
# rootfs is backed by a block device. This is either virtio-scsi or 
# virtio-blk.
block_device_driver = "virtio-scsi"

# Enable iothreads (data-plane) to be used. This causes IO to be
# handled in a separate IO thread. This is currently only implemented
# for SCSI.
#
enable_iothreads = false

# Enable pre allocation of VM RAM, default false
# Enabling this will result in lower container density
# as all of the memory will be allocated and locked
# This is useful when you want to reserve all the memory
# upfront or in the cases where you want memory latencies
# to be very predictable
# Default false
#enable_mem_prealloc = true

# Enable huge pages for VM RAM, default false
# Enabling this will result in the VM memory
# being allocated using huge pages.
# This is useful when you want to use vhost-user network
# stacks within the container. This will automatically 
# result in memory pre allocation
#enable_hugepages = true

# Enable swap of vm memory. Default false.
# The behaviour is undefined if mem_prealloc is also set to true
#enable_swap = true

# This option changes the default hypervisor and kernel parameters
# to enable debug output where available. This extra output is added
# to the proxy logs, but only when proxy debug is also enabled.
# 
# Default false
#enable_debug = true

# Disable the customizations done in the runtime when it detects
# that it is running on top a VMM. This will result in the runtime
# behaving as it would when running on bare metal.
# 
#disable_nesting_checks = true

# This is the msize used for 9p shares. It is the number of bytes 
# used for 9p packet payload.
#msize_9p = 8192

[proxy.kata]
path = "/usr/libexec/kata-containers/kata-proxy"

# If enabled, proxy messages will be sent to the system log
# (default: disabled)
#enable_debug = true

[shim.kata]
path = "/usr/libexec/kata-containers/kata-shim"

# If enabled, shim messages will be sent to the system log
# (default: disabled)
#enable_debug = true

[agent.kata]
# There is no field for this section. The goal is only to be able to
# specify which type of agent the user wants to use.

[runtime]
# If enabled, the runtime will log additional debug messages to the
# system log
# (default: disabled)
#enable_debug = true
#
# Internetworking model
# Determines how the VM should be connected to the
# the container network interface
# Options:
#
#   - bridged
#     Uses a linux bridge to interconnect the container interface to
#     the VM. Works for most cases except macvlan and ipvlan.
#
#   - macvtap
#     Used when the Container network interface can be bridged using
#     macvtap.
internetworking_model="macvtap"

Image details

---
osbuilder:
  url: "https://github.com/kata-containers/osbuilder"
  version: "unknown"
rootfs-creation-time: "2018-06-12T03:55:46.913416409+0000Z"
description: "osbuilder rootfs"
file-format-version: "0.0.2"
architecture: "x86_64"
base-distro:
  name: "Clear"
  version: "22950"
  packages:
    default:
      - "iptables-bin"
      - "libudev0-shim"
      - "systemd"
    extra:

agent:
  url: "https://github.com/kata-containers/agent"
  name: "kata-agent"
  version: "1.0.0-a099747be287d30d7f1efcd6ba2bda88fc4a0f15"
  agent-is-init-daemon: "no"

Initrd details

No initrd

Logfiles

Runtime logs

Recent runtime problems found in system journal:

time="2018-07-03T09:48:09.415528318+02:00" level=error msg="Container c01c0e360a9ef0542b06badef9858f87ca16acac3080b699663a8817c00b43da not ready or running, cannot send a signal" command=kill name=kata-runtime pid=6063 source=runtime
time="2018-07-03T09:48:09.421325339+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-f2f95ccb-717d-4c87-9dae-08 original-name=mon-f2f95ccb-717d-4c87-9dae-08a1e7d2ddcb pid=6071 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:09.421377969+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-f2f95ccb-717d-4c87-9dae-08 original-name=ctl-f2f95ccb-717d-4c87-9dae-08a1e7d2ddcb pid=6071 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:09.797683987+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6111 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:09.797724997+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6111 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:11.620444756+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6227 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:11.620506453+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6227 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:11.62754778+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6238 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:11.627587102+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6238 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:11.636351031+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6248 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:11.636402761+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6248 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:15.780789719+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6263 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:15.780848358+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6263 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.260260209+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6435 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.260301439+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6435 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.260975467+02:00" level=error msg="Container c01c0e360a9ef0542b06badef9858f87ca16acac3080b699663a8817c00b43da not ready or running, cannot send a signal" command=kill name=kata-runtime pid=6435 source=runtime
time="2018-07-03T09:48:26.273536511+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6450 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.27358445+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6450 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.280720199+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6459 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.280761163+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6459 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.281473458+02:00" level=error msg="Container c01c0e360a9ef0542b06badef9858f87ca16acac3080b699663a8817c00b43da not ready or running, cannot send a signal" command=kill name=kata-runtime pid=6459 source=runtime
time="2018-07-03T09:48:26.286130766+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-43459be3-a4ca-439f-b061-3f original-name=mon-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6466 source=virtcontainers subsystem=qemu
time="2018-07-03T09:48:26.286163237+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-43459be3-a4ca-439f-b061-3f original-name=ctl-43459be3-a4ca-439f-b061-3fa2ab647b97 pid=6466 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:11.981195814+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8446 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:11.981396792+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8446 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:13.829111781+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8567 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:13.829173545+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8567 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:13.839474709+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8575 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:13.839537889+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8575 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:13.850565962+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8586 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:13.85063256+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8586 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:22.668400989+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8623 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:22.668555417+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8623 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:22.702306888+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8639 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:22.702356727+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8639 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:22.864803269+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8656 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:22.864847666+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8656 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.356774887+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8675 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.356958357+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8675 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.647428341+02:00" level=error msg="Container not ready or running, impossible to signal the container" command=kill name=kata-runtime pid=8675 source=runtime
time="2018-07-03T09:52:30.692194792+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8700 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.692290055+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8700 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.70311957+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8707 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.703164345+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8707 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.703994448+02:00" level=error msg="Container 92b4d201070cbaf023d426b7c555a3972de3361555488b7210884ff7cd27ab30 not ready or running, cannot send a signal" command=kill name=kata-runtime pid=8707 source=runtime
time="2018-07-03T09:52:30.71028486+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-04888c96-b9c0-42cb-86fe-1b original-name=mon-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8715 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:30.710331896+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-04888c96-b9c0-42cb-86fe-1b original-name=ctl-04888c96-b9c0-42cb-86fe-1bcd5479deb6 pid=8715 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:31.269032424+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=mon-f6430f92-6fe9-41a3-9aa8-6a original-name=mon-f6430f92-6fe9-41a3-9aa8-6a7010e72fd2 pid=8782 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:31.269069507+02:00" level=warning msg="shortening QMP socket name" arch=amd64 name=kata-runtime new-name=ctl-f6430f92-6fe9-41a3-9aa8-6a original-name=ctl-f6430f92-6fe9-41a3-9aa8-6a7010e72fd2 pid=8782 source=virtcontainers subsystem=qemu
time="2018-07-03T09:52:33.205037795+02:00" level=error msg="rpc error: code = Internal desc = Could not mount /dev/sda to /run/kata-containers/shared/containers/92b4d201070cbaf023d426b7c555a3972de3361555488b7210884ff7cd27ab30: bad message" command=create name=kata-runtime pid=8782 source=runtime

Proxy logs

Recent proxy problems found in system journal:

time="2018-06-14T16:25:35.902827971+02:00" level=fatal msg="accept unix /run/vc/sbs/1accd68f6a3f8bcf3f87da2311d4320b3c609b0bd039a76a0375b184699fc17c/proxy.sock: use of closed network connection" name=kata-proxy pid=16176 source=proxy
time="2018-06-14T16:35:52.999022309+02:00" level=fatal msg="accept unix /run/vc/sbs/11a76a5c81fd829b8f94f4800392cc546eadbe0b0b2dd69a8b4fdc92e1926c91/proxy.sock: use of closed network connection" name=kata-proxy pid=22278 source=proxy
time="2018-06-14T16:45:48.34187206+02:00" level=fatal msg="accept unix /run/vc/sbs/5bf07752559293c165809f570701fb81a8e303798cb9c229544d32e24e9b29ad/proxy.sock: use of closed network connection" name=kata-proxy pid=25348 source=proxy
time="2018-06-14T16:48:01.928881119+02:00" level=fatal msg="accept unix /run/vc/sbs/5bf07752559293c165809f570701fb81a8e303798cb9c229544d32e24e9b29ad/proxy.sock: use of closed network connection" name=kata-proxy pid=26085 source=proxy
time="2018-06-14T16:59:26.769098768+02:00" level=fatal msg="accept unix /run/vc/sbs/5bf07752559293c165809f570701fb81a8e303798cb9c229544d32e24e9b29ad/proxy.sock: use of closed network connection" name=kata-proxy pid=30602 source=proxy
time="2018-06-14T17:00:43.466316118+02:00" level=fatal msg="accept unix /run/vc/sbs/dab4346c94be2abc9746101a48ce7a0f0b40fe17818cfdce361e2b6cf5fbe3bb/proxy.sock: use of closed network connection" name=kata-proxy pid=31329 source=proxy
time="2018-06-14T17:04:08.544421236+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=2522 source=proxy
time="2018-06-14T17:04:28.656746387+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=2833 source=proxy
time="2018-06-14T17:05:07.794441951+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=3668 source=proxy
time="2018-06-14T17:05:46.73183687+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=4350 source=proxy
time="2018-06-14T17:06:06.219632611+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=4823 source=proxy
time="2018-06-14T17:06:25.708851815+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=5227 source=proxy
time="2018-06-14T17:07:04.518275196+02:00" level=fatal msg="accept unix /run/vc/sbs/8829105d442d62bf4724c09b5c4fcbc334868c8f4f7ebbc575e88ba9e05c58b9/proxy.sock: use of closed network connection" name=kata-proxy pid=5427 source=proxy
time="2018-06-14T17:08:40.261629397+02:00" level=fatal msg="accept unix /run/vc/sbs/7c0edf957800008259b0ae94d8650d76a789a85b29bb821b94a215cb0d83f680/proxy.sock: use of closed network connection" name=kata-proxy pid=6816 source=proxy
time="2018-06-14T17:09:45.17469533+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=9220 source=proxy
time="2018-06-14T17:14:05.93442784+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=13345 source=proxy
time="2018-06-14T17:15:05.008113056+02:00" level=fatal msg="accept unix /run/vc/sbs/38a822c72638aa54a10c3a4e1e801cb5ebf32e569790c825ad25653c7de0b80a/proxy.sock: use of closed network connection" name=kata-proxy pid=14269 source=proxy
time="2018-06-14T17:20:57.752827963+02:00" level=fatal msg="accept unix /run/vc/sbs/d11431f68f5efce7ccd7d8289b0548d6b042429b8702afb7d4154d6f13275cf9/proxy.sock: use of closed network connection" name=kata-proxy pid=19865 source=proxy
time="2018-06-14T17:21:17.064041836+02:00" level=fatal msg="accept unix /run/vc/sbs/d11431f68f5efce7ccd7d8289b0548d6b042429b8702afb7d4154d6f13275cf9/proxy.sock: use of closed network connection" name=kata-proxy pid=20160 source=proxy
time="2018-06-14T17:22:53.823463758+02:00" level=fatal msg="accept unix /run/vc/sbs/d11431f68f5efce7ccd7d8289b0548d6b042429b8702afb7d4154d6f13275cf9/proxy.sock: use of closed network connection" name=kata-proxy pid=21659 source=proxy
time="2018-06-14T17:24:58.682296638+02:00" level=fatal msg="accept unix /run/vc/sbs/d11431f68f5efce7ccd7d8289b0548d6b042429b8702afb7d4154d6f13275cf9/proxy.sock: use of closed network connection" name=kata-proxy pid=23259 source=proxy
time="2018-06-14T17:59:50.553264219+02:00" level=fatal msg="accept unix /run/vc/sbs/27873587013dd996351b2f649042aacf3c6f40bdf884eeb072279bd0022d0c3b/proxy.sock: use of closed network connection" name=kata-proxy pid=31864 source=proxy
time="2018-06-15T10:20:24.201139153+02:00" level=fatal msg="accept unix /run/vc/sbs/4a9463fb8cc1d20019fce6b86aa6abccc69af028a5548fbef6bf0356fe8ffb7a/proxy.sock: use of closed network connection" name=kata-proxy pid=2969 source=proxy
time="2018-06-15T10:43:43.339994927+02:00" level=fatal msg="accept unix /run/vc/sbs/2e78d00ae86522e3d0175f55cbd21c3269f622851d0c79b686e3bff04884baa5/proxy.sock: use of closed network connection" name=kata-proxy pid=9856 source=proxy
time="2018-06-27T10:34:09.919693448+02:00" level=fatal msg="accept unix /run/vc/sbs/204a88e2a61bb72382855150292098e6a66b510f94d805b0364b3655d2a8ffdd/proxy.sock: use of closed network connection" name=kata-proxy pid=4717 source=proxy
time="2018-06-27T10:42:29.060683886+02:00" level=fatal msg="accept unix /run/vc/sbs/2d6cbb51747622ae8b63196dec7f369c564ea19667219bcfe5f11db219c5114e/proxy.sock: use of closed network connection" name=kata-proxy pid=7374 source=proxy
time="2018-06-27T10:55:27.910631042+02:00" level=fatal msg="accept unix /run/vc/sbs/5053d97622f76631eefc594ebb40eb79315aa016d57801a4cbe2e53f60da9100/proxy.sock: use of closed network connection" name=kata-proxy pid=11103 source=proxy
time="2018-06-27T11:09:55.598648847+02:00" level=fatal msg="accept unix /run/vc/sbs/718c4fc91c834156c8fa67dbb2927a06c51b8ffca513291438ec4bccbb0fc692/proxy.sock: use of closed network connection" name=kata-proxy pid=12801 source=proxy
time="2018-07-03T09:47:49.849256133+02:00" level=fatal msg="accept unix /run/vc/sbs/c01c0e360a9ef0542b06badef9858f87ca16acac3080b699663a8817c00b43da/proxy.sock: use of closed network connection" name=kata-proxy pid=5656 source=proxy
time="2018-07-03T09:48:26.170809728+02:00" level=fatal msg="accept unix /run/vc/sbs/c01c0e360a9ef0542b06badef9858f87ca16acac3080b699663a8817c00b43da/proxy.sock: use of closed network connection" name=kata-proxy pid=6187 source=proxy
time="2018-07-03T09:52:30.713826015+02:00" level=fatal msg="accept unix /run/vc/sbs/92b4d201070cbaf023d426b7c555a3972de3361555488b7210884ff7cd27ab30/proxy.sock: use of closed network connection" name=kata-proxy pid=8525 source=proxy

Shim logs

No recent shim problems found in system journal.

Container manager details

Have docker

Docker

Output of "docker version":

Client:
 Version:      18.03.1-ce
 API version:  1.37
 Go version:   go1.9.5
 Git commit:   9ee9f40
 Built:        Thu Apr 26 07:17:38 2018
 OS/Arch:      linux/amd64
 Experimental: false
 Orchestrator: swarm

Server:
 Engine:
  Version:      18.03.1-ce
  API version:  1.37 (minimum version 1.12)
  Go version:   go1.9.5
  Git commit:   9ee9f40
  Built:        Thu Apr 26 07:15:45 2018
  OS/Arch:      linux/amd64
  Experimental: false

Output of "docker info":

Containers: 0
 Running: 0
 Paused: 0
 Stopped: 0
Images: 0
Server Version: 18.03.1-ce
Storage Driver: overlay2
 Backing Filesystem: extfs
 Supports d_type: true
 Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
 Volume: local
 Network: bridge host macvlan null overlay
 Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: kata-runtime runc
Default Runtime: kata-runtime
Init Binary: docker-init
containerd version: 773c489c9c1b21a6d78b5c538cd395416ec50f88
runc version: <<unknown>> (expected: 4fc53a81fb7c994640722ac585fa9ca548971871)
init version: 949e6fa
Security Options:
 apparmor
 seccomp
  Profile: default
Kernel Version: 4.15.11
Operating System: Ubuntu 18.04 LTS
OSType: linux
Architecture: x86_64
CPUs: 8
Total Memory: 15.49GiB
Name: vladost-pro
ID: ASF7:OQ55:OE5A:2H6H:5IWD:75WL:KAEM:27TS:7VC5:BURM:XOF4:ZB4Y
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
 File Descriptors: 38
 Goroutines: 101
 System Time: 2018-07-03T10:03:04.016114093+02:00
 EventsListeners: 0
Username: vladost
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
 127.0.0.0/8
Live Restore Enabled: false

WARNING: No swap limit support

Output of "systemctl show docker":

Type=notify
Restart=on-failure
NotifyAccess=main
RestartUSec=100ms
TimeoutStartUSec=infinity
TimeoutStopUSec=1min 30s
RuntimeMaxUSec=infinity
WatchdogUSec=0
WatchdogTimestamp=Tue 2018-07-03 10:00:56 CEST
WatchdogTimestampMonotonic=414462933
PermissionsStartOnly=no
RootDirectoryStartOnly=no
RemainAfterExit=no
GuessMainPID=yes
MainPID=3541
ControlPID=0
FileDescriptorStoreMax=0
NFileDescriptorStore=0
StatusErrno=0
Result=success
UID=[not set]
GID=[not set]
NRestarts=0
ExecMainStartTimestamp=Tue 2018-07-03 10:00:55 CEST
ExecMainStartTimestampMonotonic=414046250
ExecMainExitTimestampMonotonic=0
ExecMainPID=3541
ExecMainCode=0
ExecMainStatus=0
ExecStart={ path=/usr/bin/dockerd ; argv[]=/usr/bin/dockerd -D --add-runtime kata-runtime=/usr/bin/kata-runtime --default-runtime=kata-runtime ; ignore_errors=no ; start_time=[Tue 2018-07-03 10:00:55 CEST] ; stop_time=[n/a] ; pid=3541 ; code=(null) ; status=0/0 }
ExecReload={ path=/bin/kill ; argv[]=/bin/kill -s HUP $MAINPID ; ignore_errors=no ; start_time=[n/a] ; stop_time=[n/a] ; pid=0 ; code=(null) ; status=0/0 }
Slice=system.slice
ControlGroup=/system.slice/docker.service
MemoryCurrent=[not set]
CPUUsageNSec=[not set]
TasksCurrent=44
IPIngressBytes=18446744073709551615
IPIngressPackets=18446744073709551615
IPEgressBytes=18446744073709551615
IPEgressPackets=18446744073709551615
Delegate=yes
DelegateControllers=cpu cpuacct io blkio memory devices pids
CPUAccounting=no
CPUWeight=[not set]
StartupCPUWeight=[not set]
CPUShares=[not set]
StartupCPUShares=[not set]
CPUQuotaPerSecUSec=infinity
IOAccounting=no
IOWeight=[not set]
StartupIOWeight=[not set]
BlockIOAccounting=no
BlockIOWeight=[not set]
StartupBlockIOWeight=[not set]
MemoryAccounting=no
MemoryLow=0
MemoryHigh=infinity
MemoryMax=infinity
MemorySwapMax=infinity
MemoryLimit=infinity
DevicePolicy=auto
TasksAccounting=yes
TasksMax=infinity
IPAccounting=no
UMask=0022
LimitCPU=infinity
LimitCPUSoft=infinity
LimitFSIZE=infinity
LimitFSIZESoft=infinity
LimitDATA=infinity
LimitDATASoft=infinity
LimitSTACK=infinity
LimitSTACKSoft=8388608
LimitCORE=infinity
LimitCORESoft=infinity
LimitRSS=infinity
LimitRSSSoft=infinity
LimitNOFILE=1048576
LimitNOFILESoft=1048576
LimitAS=infinity
LimitASSoft=infinity
LimitNPROC=infinity
LimitNPROCSoft=infinity
LimitMEMLOCK=16777216
LimitMEMLOCKSoft=16777216
LimitLOCKS=infinity
LimitLOCKSSoft=infinity
LimitSIGPENDING=60714
LimitSIGPENDINGSoft=60714
LimitMSGQUEUE=819200
LimitMSGQUEUESoft=819200
LimitNICE=0
LimitNICESoft=0
LimitRTPRIO=0
LimitRTPRIOSoft=0
LimitRTTIME=infinity
LimitRTTIMESoft=infinity
OOMScoreAdjust=0
Nice=0
IOSchedulingClass=0
IOSchedulingPriority=0
CPUSchedulingPolicy=0
CPUSchedulingPriority=0
TimerSlackNSec=50000
CPUSchedulingResetOnFork=no
NonBlocking=no
StandardInput=null
StandardInputData=
StandardOutput=journal
StandardError=inherit
TTYReset=no
TTYVHangup=no
TTYVTDisallocate=no
SyslogPriority=30
SyslogLevelPrefix=yes
SyslogLevel=6
SyslogFacility=3
LogLevelMax=-1
SecureBits=0
CapabilityBoundingSet=cap_chown cap_dac_override cap_dac_read_search cap_fowner cap_fsetid cap_kill cap_setgid cap_setuid cap_setpcap cap_linux_immutable cap_net_bind_service cap_net_broadcast cap_net_admin cap_net_raw cap_ipc_lock cap_ipc_owner cap_sys_module cap_sys_rawio cap_sys_chroot cap_sys_ptrace cap_sys_pacct cap_sys_admin cap_sys_boot cap_sys_nice cap_sys_resource cap_sys_time cap_sys_tty_config cap_mknod cap_lease cap_audit_write cap_audit_control cap_setfcap cap_mac_override cap_mac_admin cap_syslog cap_wake_alarm cap_block_suspend
AmbientCapabilities=
DynamicUser=no
RemoveIPC=no
MountFlags=
PrivateTmp=no
PrivateDevices=no
ProtectKernelTunables=no
ProtectKernelModules=no
ProtectControlGroups=no
PrivateNetwork=no
PrivateUsers=no
ProtectHome=no
ProtectSystem=no
SameProcessGroup=no
UtmpMode=init
IgnoreSIGPIPE=yes
NoNewPrivileges=no
SystemCallErrorNumber=0
LockPersonality=no
RuntimeDirectoryPreserve=no
RuntimeDirectoryMode=0755
StateDirectoryMode=0755
CacheDirectoryMode=0755
LogsDirectoryMode=0755
ConfigurationDirectoryMode=0755
MemoryDenyWriteExecute=no
RestrictRealtime=no
RestrictNamespaces=no
MountAPIVFS=no
KeyringMode=private
KillMode=process
KillSignal=15
SendSIGKILL=yes
SendSIGHUP=no
Id=docker.service
Names=docker.service
Requires=docker.socket system.slice sysinit.target
Wants=network-online.target
WantedBy=multi-user.target
ConsistsOf=docker.socket
Conflicts=shutdown.target
Before=multi-user.target shutdown.target
After=firewalld.service network-online.target basic.target systemd-journald.socket sysinit.target docker.socket system.slice
TriggeredBy=docker.socket
Documentation=https://docs.docker.com
Description=Docker Application Container Engine
LoadState=loaded
ActiveState=active
SubState=running
FragmentPath=/lib/systemd/system/docker.service
DropInPaths=/etc/systemd/system/docker.service.d/kata-containers.conf
UnitFileState=enabled
UnitFilePreset=enabled
StateChangeTimestamp=Tue 2018-07-03 10:00:56 CEST
StateChangeTimestampMonotonic=414462934
InactiveExitTimestamp=Tue 2018-07-03 10:00:55 CEST
InactiveExitTimestampMonotonic=414046307
ActiveEnterTimestamp=Tue 2018-07-03 10:00:56 CEST
ActiveEnterTimestampMonotonic=414462934
ActiveExitTimestampMonotonic=0
InactiveEnterTimestamp=Tue 2018-07-03 09:59:41 CEST
InactiveEnterTimestampMonotonic=339980137
CanStart=yes
CanStop=yes
CanReload=yes
CanIsolate=no
StopWhenUnneeded=no
RefuseManualStart=no
RefuseManualStop=no
AllowIsolate=no
DefaultDependencies=yes
OnFailureJobMode=replace
IgnoreOnIsolate=no
NeedDaemonReload=no
JobTimeoutUSec=infinity
JobRunningTimeoutUSec=infinity
JobTimeoutAction=none
ConditionResult=yes
AssertResult=yes
ConditionTimestamp=Tue 2018-07-03 10:00:55 CEST
ConditionTimestampMonotonic=414044903
AssertTimestamp=Tue 2018-07-03 10:00:55 CEST
AssertTimestampMonotonic=414044903
Transient=no
Perpetual=no
StartLimitIntervalUSec=1min
StartLimitBurst=3
StartLimitAction=none
FailureAction=none
SuccessAction=none
InvocationID=bbdd7dffa5db409db476f5e1b2bd61f4
CollectMode=inactive

No kubectl

Packages

ii  ipxe-qemu-256k-compat-efi-roms        1.0.0+git-20150424.a25a16d-0ubuntu2  all          PXE boot firmware - Compat EFI ROM images for qemu
ii  kata-containers-image                 1.0.0-29                             amd64        Kata containers image
ii  kata-linux-container                  4.14.22.1-130                        amd64        linux kernel optimised for container-like workloads.
ii  kata-proxy                            1.0.0+git.a69326b-29                 amd64        
ii  kata-runtime                          1.0.0+git.086d197-42                 amd64        
ii  kata-shim                             1.0.0+git.74cbc1e-30                 amd64        
ii  qemu-block-extra:amd64                1:2.11+dfsg-1ubuntu7.4               amd64        extra block backend modules for qemu-system and qemu-utils
ii  qemu-efi                              0~20180205.c0d9813c-2                all          transitional dummy package
ii  qemu-efi-aarch64                      0~20180205.c0d9813c-2                all          UEFI firmware for 64-bit ARM virtual machines
ii  qemu-kvm                              1:2.11+dfsg-1ubuntu7.4               amd64        QEMU Full virtualization on x86 hardware
ii  qemu-lite                             2.11.0+git.6ba2bfbee9-43             amd64        linux kernel optimised for container-like workloads.
ii  qemu-slof                             20170724+dfsg-1ubuntu1               all          Slimline Open Firmware -- QEMU PowerPC version
ii  qemu-system                           1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries
ii  qemu-system-arm                       1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (arm)
ii  qemu-system-common                    1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (common files)
ii  qemu-system-mips                      1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (mips)
ii  qemu-system-misc                      1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (miscellaneous)
ii  qemu-system-ppc                       1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (ppc)
ii  qemu-system-s390x                     1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (s390x)
ii  qemu-system-sparc                     1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (sparc)
ii  qemu-system-x86                       1:2.11+dfsg-1ubuntu7.4               amd64        QEMU full system emulation binaries (x86)
ii  qemu-user                             1:2.11+dfsg-1ubuntu7.4               amd64        QEMU user mode emulation binaries
ii  qemu-user-binfmt                      1:2.11+dfsg-1ubuntu7.4               amd64        QEMU user mode binfmt registration for qemu-user
ii  qemu-utils                            1:2.11+dfsg-1ubuntu7.4               amd64        QEMU utilities
ii  qemu-vanilla                          2.11+git.e3050471ff-41               amd64        linux kernel optimised for container-like workloads.

No rpm

kata-containers / runtime

Sharing docker socket #457