On 10/23/2017 10:46 PM, tu...@posteo.de wrote:
>
>>>> Hi Robert,
>>>>
>>>> oh YEAH!
>>>> Thanks a lot for that quick start!
>>>>
>>>> I didi it, but...
>>>> #>eix -I docker
>>>> [I] app-emulation/docker
>>>> Available versions: 17.03.2^si (~)17.06.2^si (~)17.09.0^si **9999^si
>>>> {apparmor aufs btrfs +container-init +device-mapper hardened overlay
>>>> pkcs11 seccomp}
>>>> Installed versions: 17.09.0^si(05:48:14 PM
>>>> 10/23/2017)(container-init device-mapper seccomp -apparmor -aufs -btrfs
>>>> -hardened -overlay -pkcs11)
>>>> Homepage: https://dockerproject.org
>>>> Description: The core functions you need to create Docker
>>>> images and run Docker containers
>>>>
>>>> [I] app-emulation/docker-proxy
>>>> Available versions: 0.8.0_p20161111 (~)0.8.0_p20170917^t **9999
>>>> Installed versions: 0.8.0_p20170917^t(05:46:10 PM 10/23/2017)
>>>> Homepage: https://github.com/docker/libnetwork
>>>> Description: Docker container networking
>>>>
>>>> [I] app-emulation/docker-runc
>>>> Available versions: 1.0.0_rc2_p20170308^t (~)1.0.0_rc3_p20170706^t
>>>> (~)1.0.0_rc4_p20170917^t {+ambient apparmor hardened +seccomp}
>>>> Installed versions: 1.0.0_rc4_p20170917^t(05:46:07 PM
>>>> 10/23/2017)(ambient seccomp -apparmor -hardened)
>>>> Homepage: http://runc.io
>>>> Description: runc container cli tools (docker fork)
>>>>
>>>>
>>>> #>groups
>>>> wheel mail uucp audio cdrom video games cdrw usb users docker wireshark
>>>> vboxusers vlock realtime
>>>> ^----^
>>>>
>>>> (as root)
>>>> #>/etc/init.d/docker start
>>>> * WARNING: docker has already been started
>>>> (so it is runnig)
>>>>
>>>> (as user again)
>>>> #>docker run --name firefox -e DISPLAY=$DISPLAY --device /dev/snd -v
>>>> /tmp/.X11-unix:/tmp/.X11-unix -v $XAUTHORITY:/tmp/.host_Xauthority:ro -dti
>>>> openhs/firefox-ubuntu
>>>>
>>>> docker: Cannot connect to the Docker daemon at
>>>> unix:///var/run/docker.sock. Is the docker daemon running?.
>>>> See 'docker run --help'.
>>>> [1] 10401 exit 125 docker run --name firefox -e DISPLAY=$DISPLAY
>>>> --device /dev/snd -v -v -dti
>>>>
>>>> Hmmmm...seems I missed something...
>>>>
>>>> Cheers
>>>> Meino
>>>>
>>>>
>>>>
>>>>
>>> Found this in dmesg
>>>
>>> [ 1587.391861] device-mapper: table: 254:0: thin-pool: unknown target type
>>> [ 1587.391863] device-mapper: ioctl: error adding target to table
>>>
>>> these two lines are added when I try to start /etc/ini.d/docker as root.
>>>
>>> Cheers
>>> Meino
>>>
>>>
>>>
>> I could this problem by defining
>>
>> CONFIG_DM_THIN_PROVISIONING=y
>>
>> in the kernel, recompile it and the message disappears.
>> BUT:
>> still docker does not start...
>>
>> How can I fix that?
>>
>> Cheers
>> Meino
>>
>>
> Next fix:
> Need to activate the complete cgroup features.
>
> Now I get this error message in /var/log/docker.log
>
> time="2017-10-24T04:42:39.358339658+02:00" level=info msg="Loading
> containers: start."
> time="2017-10-24T04:42:39.869600530+02:00" level=error msg="could not get
> initial namespace: no such file or directory"
> time="2017-10-24T04:42:39.884438663+02:00" level=error msg="failed to set to
> initial namespace, readlink /proc/4588/task/4588/ns/net: no such file or
> directory, initns fd -1: bad file descriptor"
> time="2017-10-24T04:42:39.885161875+02:00" level=info msg="Default bridge
> (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip
> can be used to set a preferred IP address"
> time="2017-10-24T04:42:39.885339857+02:00" level=error msg="failed to set to
> initial namespace, readlink /proc/4588/task/4588/ns/net: no such file or
> directory, initns fd -1: bad file descriptor"
> Error starting daemon: Error initializing network controller: Error creating
> default "bridge" network: Failed to program NAT chain: Failed to inject
> DOCKER in PREROUTING chain: iptables failed: iptables --wait -t nat -A
> PREROUTING -m addrtype --dst-type LOCAL -j DOCKER: iptables: No
> chain/target/match by that name.
>
> ...and now I really did not know how to hack further...
>
> Any help is very appreciated...
>
> Cheers
> Meino
>
You might need CONFIG_NF_NAT_IPV4 configured in your kernel to get the
NAT table for iptables (-t nat)
Todd
