Closed 01e9 closed 6 years ago
Thanks for your feedback!
I'm a bit surprised that pgrep -xa $(ps -e -o comm | grep dockerd
does not show your dockerd process.
I cannot replace with pidof dockerd
as I need the full command line with its options for some checks later.
Does ps -ax | grep /dockerd | grep -v grep
show your full command line of dockerd?
ps -ax | grep /dockerd | grep -v grep
shows the bash script that I use to start the docker command
1865 pts/0 S+ 0:00 /bin/bash /home/i/soft/bin/dockerd.sh
Why slash /
before dockerd
?
Without slash it outputs:
$ ps -ax | grep dockerd | grep -v grep
1865 pts/0 S+ 0:00 /bin/bash /home/i/soft/bin/dockerd.sh
1867 pts/0 S+ 0:00 sudo env PATH=/sbin:/home/i/soft/bin:/home/i/soft/docker:/sbin:/bin:/usr/sbin:/usr/bin:/snap/bin dockerd --group i --data-root /home/i/docker/lib --exec-root /home/i/docker/run --config-file /home/i/docker/daemon.json --pidfile /home/i/docker/pid
1868 pts/0 Sl+ 0:00 dockerd --group i --data-root /home/i/docker/lib --exec-root /home/i/docker/run --config-file /home/i/docker/daemon.json --pidfile /home/i/docker/pid
Filtering by pidof dockerd
$ ps -ax | grep dockerd | grep "$(pidof dockerd) pts"
1868 pts/0 Sl+ 0:10 dockerd --group i --data-root /home/i/docker/lib --exec-root /home/i/docker/run --config-file /home/i/docker/daemon.json --pidfile /home/i/docker/pid
Does it give a reliable result without pts
? In my case I have ?
instead of pts
.
ps -ax | grep dockerd | grep "$(pidof dockerd)"
It seems I have to look deeper; recent docker versions do not reliably show the options dockerd
is running with. I have to check /etc/docker/daemon.json
, too.
Options I am checking for are --selinux-enabled
and --userns-remap
Sure, it shows the same result. I added that prefix to make sure I get the process id match. For a bit more safety you can add the space at the end
ps -ax | grep dockerd | grep "$(pidof dockerd) "
I just found out I can customize docker options in config.json
{
"group": "o",
"data-root": "/home/o/docker/lib",
"exec-root": "/home/o/docker/run"
}
and start it with
sudo env PATH=/sbin:$PATH dockerd --config-file /home/o/docker/config.json
also I can install docker system-wide and add that json in /etc/docker/daemon.json
docs
Thanks! I could not check a custom config file, and I found I cannot read /etc/docker/daemon.json
without root permissions.
Now I am removing the checks for --selinux-enabled
and --userns-remap
and set belonging docker run options always instead of checking if they are needed.
Especially I have to set --security-opt label=type:container_runtime_t
on systems with SELinux. Previously I checked if it was needed, now I set it as default. Lucky me, it seems not to harm a startup on systems without SELinux.
I've just uploaded an update that now only checks for running dockerd with pidof dockerd
. All checks for dockerd options are dropped now.
I've tested on systems with and without SELinux, no issues so far.
Sorry that your ps checks are not included now :-). Thanks for pointing on this, this way I stumbled over a major issue!
I have docker binaries in my home directory and I start docker like this
Also in
.bashrc
in configured thePATH
variableI do this because my root partition is small (only for system and installed programs) but docker images require a lot of space that's why I made it store all docker related data in my /home partition.
This command doesn't detect my running docker daemon
https://github.com/mviereck/x11docker/blob/6b46a8acf6a42031f1c74a1e29154ea5377aaa28/x11docker#L1109
It works when I replace it with