Docker-compose does not work with "sysbox" as a default runtime

[koorchik]

With docker run command everything works great but nothing works with docker-compose.

Ducker run works:

I've configured sysbox-runc as a default runtime.

docker run -ti  ubuntu:latest

docker inspect shows that everything find

docker inspect 4921e6bd074a|grep Runtime
            "Runtime": "sysbox-runc",
            "CpuRealtimeRuntime": 0, 

Docker-compose does not work:

docker-compose.test.yml

version: "3.1"

services:
  ubuntu:
    image: ubuntu:latest
    restart: always

docker git:(master) ✗ docker-compose -f docker-compose.test.yml up                                                                
Starting docker_ubuntu_1 ... error

ERROR: for docker_ubuntu_1  Cannot start service ubuntu: OCI runtime create failed: container_linux.go:364: starting container process caused "process_linux.go:533: container init caused \"process_linux.go:504: handleReqOp caused \\\"rootfs_init_linux.go:249: bind mounting /var/lib/docker/containers/744072f486fdffb8abf303ef4467267de1f53defaa98e391a507930a3336b06c/mounts/shm to dev/shm caused \\\\\\\"lstat /var/lib/docker/containers/744072f486fdffb8abf303ef4467267de1f53defaa98e391a507930a3336b06c/mounts: permission denied\\\\\\\"\\\"\"": unknown

ERROR: for ubuntu  Cannot start service ubuntu: OCI runtime create failed: container_linux.go:364: starting container process caused "process_linux.go:533: container init caused \"process_linux.go:504: handleReqOp caused \\\"rootfs_init_linux.go:249: bind mounting /var/lib/docker/containers/744072f486fdffb8abf303ef4467267de1f53defaa98e391a507930a3336b06c/mounts/shm to dev/shm caused \\\\\\\"lstat /var/lib/docker/containers/744072f486fdffb8abf303ef4467267de1f53defaa98e391a507930a3336b06c/mounts: permission denied\\\\\\\"\\\"\"": unknown
ERROR: Encountered errors while bringing up the project.

I have tried to run the command from the root but it changes nothing.

[koorchik]

I have rollbacked default runtime to "runc" but the issue with docker-compose remains. Possibly, something happened during sysbox installation (ubuntu 20.04). Trying to find the cause of the issue

[koorchik]

With "runc" as a default, everything works after reboot. I've tried to switch to "sysbox-runc" again and have the same issue again.

I will appreciate any help with that.

[ctalledo]

Hi @koorchik , thanks for giving Sysbox a shot.

I think the issue you are reporting may have been fixed recently via this commit:

https://github.com/nestybox/sysbox-runc/commit/bed8a8340261ed856e334ea8bd4cd303c61e151d

We've not yet generated a packaged release with this commit (we are planning to generate one in a few weeks), but in the meantime you can easily build Sysbox from source as described here:

https://github.com/nestybox/sysbox/blob/master/docs/developers-guide/build.md

If you can, give it a shot.

I have rollbacked default runtime to "runc" but the issue with docker-compose remains. Possibly, something happened during sysbox installation (ubuntu 20.04). Trying to find the cause of the issue

This I can't explain and should not have occurred. If you could copy-paste your /etc/docker/daemon.json after installing Sysbox, that may give us a clue.

[rodnymolina]

@koorchik, i just went ahead and reproduced the two issues that you reported above:

• There's no Sysbox installer issue here. The reason that you reproduced the problem once you switched back to runc, is simply coz the container that you previously created with sysbox-runc, was still around by the time you invoked docker-compose again. Note that docker-compose makes use of an "always" restart-policy for service containers, so the containers are recreated (with their original specs) once that docker is restarted.

$ docker inspect docker-compose-issue_ubuntu_1
...
            "RestartPolicy": {
                "Name": "always",
                "MaximumRetryCount": 0
            },
...

• Concerning the error your reported, i verified that the commit that Cesar mentioned above is the one fixing this issue. Please build sysbox from sources and try again (make sysbox && sudo make install), it should be fine now.

Let us know if any question.

[rodnymolina]

Btw @koorchik, just in case you are not aware, if you upgrade docker-compose to 1.27+ you will be able to make use of the 'runtime' flag to specify the runtime that you want to utilize ...

version: '3.7'
services:
  web:
    image: nginx:alpine
    runtime: sysbox-runc
    ports:
      - "8000:80"

https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-compose-on-ubuntu-20-04

[koorchik]

After building and installing sysbox from the sources everything works just fine. Thank you!

[Kamforka]

Btw @koorchik, just in case you are not aware, if you upgrade docker-compose to 1.27+ you will be able to make use of the 'runtime' flag to specify the runtime that you want to utilize ...

version: '3.7'
services:
  web:
    image: nginx:alpine
    runtime: sysbox-runc
    ports:
      - "8000:80"

https://www.digitalocean.com/community/tutorials/how-to-install-and-use-docker-compose-on-ubuntu-20-04

Big thanks for the runtime snippet. I was browsing the docker-compose file specs looking for the possibility of specifying the runtime argument, but I couldn't find it anywhere...

UPDATE:

Found it in the Version 2 specs, but then I wonder if it will work with Version 3.x

[ctalledo]

Found it in the Version 2 specs, but then I wonder if it will work with Version 3.x

I believe the runtime clause was present in V2, then was inadvertently removed in V3, and later added back. But I've not done a proper investigation, just going by recollection.

[Kamforka]

Yep it seems like with docker-compose v2.x and with file version v3.8 it seems like one can configure the required runtime for a service.