Invalid user: 'vagrant:docker'

adespain commented 3 years ago

I have ubuntu 16.04.7 running vagrant version 2.2.10 and vagrant-proxyconf 2.0.10. Now whenever I run vagrant provision it fails to configure the proxy during the configuring proxy for docker step:

vagrant provision
==> default: Configuring proxy for Apt...
==> default: Configuring proxy for Docker...
The following SSH command responded with a non-zero exit status.
Vagrant assumes that this means the command failed!

chown -R vagrant:docker /home/vagrant/.docker

Stdout from the command:

Stderr from the command:

chown: invalid user: 'vagrant:docker'

When I had the older version of vagrant 2.2.5 I didn't receive this error...

codylane commented 3 years ago

Hi @adespain,

Thank you for reporting your issue. I'm wondering if you can provide the following?

A copy of you Vagrantfile?
What operating system you are using as well as the version you have currently installed.
Also how are you installing docker are you doing it through a custom provisioner or are you letting Vagrant install dockerfor you?
please login to your vagrant box containing 16.04 and provide the following output getent group | sort and getent passwd | sort

codylane commented 3 years ago

Ok, so I ran a quick test on ubuntu 16.04 and I'm not getting this error. I have feeling and I suspect you have installed a version of docker that does not contain the docker user or docker group? How are you installing docker?

Here's all the configuration that I used during my tests. If you find this information below helpful please let me now as I'm considering adding to the README.

I take bugs very seriously and hope to hear from you soon with additional information of how I can reproduce the error you are seeing.

Test Environment

Assume all commands below are executed in the vagrant box, unless I specify otherwise.

`$ id vagrant`

uid=1000(vagrant) gid=1000(vagrant) groups=1000(vagrant),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),110(lxd),115(lpadmin),116(sambashare),998(docker)

`$ getent passwd vagrant`

vagrant:x:1000:1000:vagrant,,,:/home/vagrant:/bin/bash

`$$ getent group docker`

docker:x:998:vagrant

`$ cat /etc/os-release`

NAME="Ubuntu"
VERSION="16.04.6 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.6 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
VERSION_CODENAME=xenial

`$ dpkg -l | grep -i docker`

ii  docker-ce                             5:19.03.13~3-0~ubuntu-xenial                    amd64        Docker: the open-source application container engine
ii  docker-ce-cli                         5:19.03.13~3-0~ubuntu-xenial                    amd64        Docker CLI: the open-source application container engine

`$ tree -a ${HOME}`

/home/vagrant
├── .bash_logout
├── .bashrc
├── .cache
│   └── motd.legal-displayed
├── .docker
│   └── config.json

`$ cat ~/.docker/config.json`

{
  "proxies": {
    "default": {
      "httpProxy": "http://10.0.2.2:8888",
      "httpsProxy": "http://10.0.2.2:8888",
      "noProxy": "localhost"
    }
  }
}

`$ docker info`

This shows that the docker client is using my test proxy.

Client:
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 19.03.13
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 4.4.0-184-generic
 Operating System: Ubuntu 16.04.6 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 992.1MiB
 Name: vagrant
 ID: 5TVA:3G3H:6AFJ:MY2U:WCV7:HUF2:ZVZT:HQZ6:QTBB:HAJS:I4RJ:ZX2F
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http://10.0.2.2:8888
 HTTPS Proxy: http://10.0.2.2:8888
 No Proxy: localhost
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No swap limit support

`Vagrantfile` (outside of the vagrant box)

So this Vagrantfile will passthrough the HTTP_PROXY and HTTPS_PROXY env vars to vagrant-proxyconf if configured as global variables in your environment prior to running vagrant up or vagrant provision.

There is also a fall back instead if you would rather set the global vars in your vagrant file $PROXY_HOST and $PROXY_PORT

ENV['HTTP_PROXY']  = ENV.fetch('HTTP_PROXY',  "http://#{$PROXY_HOST}:#{$PROXY_PORT}")
ENV['HTTPS_PROXY'] = ENV.fetch('HTTPS_PROXY', "http://#{$PROXY_HOST}:#{$PROXY_PORT}")
ENV['NO_PROXY']    = ENV.fetch('NO_PROXY',    '127.0.0.1')

puts "HTTP_PROXY  = '#{ENV["HTTP_PROXY"]}'"
puts "HTTPS_PROXY = '#{ENV["HTTPS_PROXY"]}'"
puts "NO_PROXY    = '#{ENV["NO_PROXY"]}'"

puts "is vagrant-proxyconf installed? #{Vagrant.has_plugin?('vagrant-proxyconf')}"

Vagrant.configure("2") do |config|

  config.vm.define 'default' do |c|
    c.vm.box = "ubuntu/xenial64"
    c.vm.box_check_update = false

    if Vagrant.has_plugin?('vagrant-proxyconf')
      c.proxy.http     = ENV['HTTP_PROXY']
      c.proxy.https    = ENV['HTTPS_PROXY']
      c.proxy.no_proxy = ENV['NO_PROXY']
    end

    if Vagrant.has_plugin?('vagrant-vbguest')
      c.vbguest.auto_update = false
      c.vbguest.auto_reboot = true
    end

    c.vm.provision "docker"

    c.vm.synced_folder ".", "/vagrant",
      disabled: false,
      type: "sshfs",
      ssh_opts_append: "-o Compression=yes -o ControlPersist=60s -o ControlMaster=auto",
      sshfs_opts_append: "-o cache=no -o nonempty"

  end
end

`$ vagrant --version` (outside of vagrant box)

Vagrant 2.2.10

`$ sw_vers` (outside of vagrant box)

ProductName:    Mac OS X
ProductVersion: 10.15.7
BuildVersion:   19H15

adespain commented 3 years ago

I don't use the vagrant user, I use the deploy user. Is that my problem?
Everything works fine the first time I run vagrant up but after it installs Docker if produces the error when it finalizes and tries to configure docker when it finishes the playbook.

Here is my vagrant file:

Vagrant.configure("2") do |config|
  config.vm.box = "babigtonicus/ubuntu1604-cis-20200820"
  config.ssh.username = "deploy"
  config.ssh.private_key_path = "~/.ssh/deploy.pem"
  config.vm.provider "virtualbox"
  config.vm.hostname = "cmsp-vagrant-host"
  config.vm.box_check_update = false
  config.ssh.forward_agent = true
  config.vm.network "private_network", ip: "192.168.35.10", auto_config: true
  config.proxy.http = "http://user:password@10.10.10.10:80"
  config.proxy.https = "http://user:password@10.10.10.10:80"
  config.proxy.no_proxy = "localhost,x.x.x.x"

  config.vm.provider "virtualbox" do |v|
    v.gui = false
    v.memory = 1024
    v.cpus = 1
    v.name = "cmsp-vagrant-host"
  end

  #Run ansible from the vagrant host (not the guest)
  config.vm.provision "ansible" do |ansible|
    ansible.playbook = "cmsp-app.yml"
    ansible.config_file = "../../ansible.cfg"
    ansible.extra_vars = "secrets.yml"
    ansible.groups = { "development" => ["default"]}
  end
end

getent passwd deploy
deploy:x:1001:1001:Deploy User:/home/deploy:/bin/bash

getent group docker
docker:x:998:deploy

id deploy
uid=1001(deploy) gid=1001(deploy) groups=1001(deploy),27(sudo),998(docker)

On the vagrant box: id vagrant id: 'vagrant': no such user

cat /etc/os-release 
NAME="Ubuntu"
VERSION="16.04.7 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.7 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
VERSION_CODENAME=xenial
UBUNTU_CODENAME=xenial

dpkg -l | grep -i docker
ii  docker-ce                              5:19.03.13~3-0~ubuntu-xenial                    amd64        Docker: the open-source application container engine
ii  docker-ce-cli                          5:19.03.13~3-0~ubuntu-xenial                    amd64        Docker CLI: the open-source application container engine

docker info
Client:
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 19.03.13
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: awslogs
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  apparmor
  seccomp
   Profile: default
 Kernel Version: 4.4.0-187-generic
 Operating System: Ubuntu 16.04.7 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 992MiB
 Name: cmsp-vagrant-host
 ID: AXL6:LTDG:Z2AG:2S6Q:MXS2:32DG:ZZJW:QK2Q:Q44G:ZVWU:2Q3W:47WK
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http://user:password@10.10.10.10:80
 HTTPS Proxy: http://user:password@10.10.10.10:80
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

WARNING: No swap limit support

vagrant --version
Vagrant 2.2.10

cat /etc/lsb-release 
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=16.04
DISTRIB_CODENAME=xenial
DISTRIB_DESCRIPTION="Ubuntu 16.04.7 LTS"

cat ~/.docker/config.json

{
  "credsStore": "ecr-login",
  "proxies":
  {
    "default":
      {
        "httpProxy":"http://user:password@10.10.10.10:80",
        "httpsProxy": "http://user:password@10.10.10.10:80",
        "noProxy": "localhost,x.x.x.x"
      }
  }

codylane commented 3 years ago

hi @adespain - Ahh, I had a hunch the vagrant user didn't exist your vagrant box. You need to ensure that you have the vagrant user as well as the docker group for this plugin to work.

adespain commented 3 years ago

Ok thank you! It worked in previous versions of proxyconf so something must have changed recently?

codylane commented 3 years ago

You are welcome. Glad to hear that this worked. As for how it used to work, I'm afraid I don't work for Hashicorp and I am not sure how or why that might have worked for you in the past. Here's a copy of Vagrant's Changelog, perhaps there is something in here that might provide a hint.

That said, since this't a bug, I'm going to close this PR. Have a good weekend

codylane commented 3 years ago

I think I see what you are saying now. So there was an outstanding bug for the docker client. We did change perms on the docker client from root to vagrant to solve a larger issue a while back. Perhaps we need to think about this a bit more but most folks probably don't override the provision user so im not sure if its worth a refactor. I will keep this in mind however as we move forward.

Thanks again. Stay safe and healthy.

tmatilai / vagrant-proxyconf