サポートが切れたCentOS8なわけですが、それでも運用しなくてはならないときがあります。そんなCentOS8にDockerをインストールしようとしてもエラーが出るため、その対処法です。
$ cat /etc/redhat-release
CentOS Linux release 8.0.1905 (Core)
$ sudo arch
x86_64
こんな環境です。
まず、yumが使えなくなっているので、CentOS 8でyum/dnfに失敗! Failed to download metadata for repo 'AppStream'の対処をして、CentOS Streamのリポジトリを追加します。
公式のガイドに沿ってインストール。
$ sudo yum install -y yum-utils
$ sudo yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
$ sudo yum install docker-ce docker-ce-cli containerd.io docker-compose-plugin
$ sudo usermod -aG docker ${USER}
$ su - ${USER}
$ id -nG
$ sudo systemctl start docker
$ docker run hello-world
とすると
docker: Error response from daemon: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v1.linux/moby/11d90e8de
6aa0882db2edbdb94a593848514c26c6be2c1a2e77d109f8355d954/log.json: no such file or directory): runc did not terminate successfully: exit status 127: unknown.
こんなエラーがでます。そもそもうまく起動できてないみたい。 sudo systemctl status docker で確認すると。
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled) ctive: active (running) since Fri 2023-01-06 21:35:00 JST; 6s ago
Docs: https://docs.docker.com
Main PID: 10163 (dockerd)
Tasks: 12 Memory: 46.9M
CGroup: /system.slice/docker.service └─10163 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
Jan 06 21:34:59 118-27-5-134 dockerd[10163]: time="2023-01-06T21:34:59.597253116+09:00" level=warning msg="Your kernel does not support cgroup blkio weight"
Jan 06 21:34:59 118-27-5-134 dockerd[10163]: time="2023-01-06T21:34:59.597281648+09:00" level=warning msg="Your kernel does not support cgroup blkio weight_device"
Jan 06 21:34:59 118-27-5-134 dockerd[10163]: time="2023-01-06T21:34:59.598441072+09:00" level=info msg="Loading containers: start."
Jan 06 21:35:00 118-27-5-134 dockerd[10163]: time="2023-01-06T21:35:00.320199149+09:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17>
Jan 06 21:35:00 118-27-5-134 dockerd[10163]: time="2023-01-06T21:35:00.533439411+09:00" level=info msg="Loading containers: done."
Jan 06 21:35:00 118-27-5-134 dockerd[10163]: time="2023-01-06T21:35:00.541762375+09:00" level=warning msg="failed to retrieve runc version: exit status 127"
Jan 06 21:35:00 118-27-5-134 dockerd[10163]: time="2023-01-06T21:35:00.552431073+09:00" level=info msg="Docker daemon" commit=4484c46d9d graphdriver(s)=overlay2 versi>
Jan 06 21:35:00 118-27-5-134 dockerd[10163]: time="2023-01-06T21:35:00.552915112+09:00" level=info msg="Daemon has completed initialization"
Jan 06 21:35:00 118-27-5-134 dockerd[10163]: time="2023-01-06T21:35:00.581191090+09:00" level=info msg="API listen on /var/run/docker.sock"
Jan 06 21:35:00 118-27-5-134 systemd[1]: Started Docker Application Container Engine.
runc が起動てきてないとのこと。
runc を動かしてみようとすると、
$ runc --version
runc: symbol lookup error: runc: undefined symbol: seccomp_api_get
ということで、seccomp_api_getというメソッドがないっぽい。
このエラーでググると https://github.com/containerd/containerd/issues/6209 の情報より、libseccomp-2.4 では、seccomp_api_getが追加されましたとのこと。
なのでlibseccomp のバージョンを2.3からあげると直りそう。
元々は行っていたのが2.3であったが、libseccomp-develをインストールすると2.5が入りそうだったのでインストールを実行。
$ sudo yum install libseccomp-devel
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel-playground.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel-playground.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel-playground.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Invalid configuration value: failovermethod=priority in /etc/yum.repos.d/epel-testing.repo; Configuration: OptionBinding with id "failovermethod" does not exist
Last metadata expiration check: 1:02:39 ago on Fri 06 Jan 2023 08:47:40 PM JST.
Dependencies resolved.
======================================================================================================================================================================= Package Architecture Version Repository Size
=======================================================================================================================================================================Installing:
libseccomp-devel x86_64 2.5.1-1.el8 BaseOS 57 k
Upgrading:
libseccomp x86_64 2.5.1-1.el8 AppStream 71 k
Transaction Summary
=======================================================================================================================================================================Install 1 Package
Upgrade 1 Package
Total download size: 128 k
Is this ok [y/N]: y
Downloading Packages:
(1/2): libseccomp-2.5.1-1.el8.x86_64.rpm 345 kB/s | 71 kB 00:00
(2/2): libseccomp-devel-2.5.1-1.el8.x86_64.rpm 67 kB/s | 57 kB 00:00
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------Total 149 kB/s | 128 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Upgrading : libseccomp-2.5.1-1.el8.x86_64 1/3
Running scriptlet: libseccomp-2.5.1-1.el8.x86_64 1/3
Installing : libseccomp-devel-2.5.1-1.el8.x86_64 2/3
Cleanup : libseccomp-2.3.3-3.el8.x86_64 3/3
Running scriptlet: libseccomp-2.3.3-3.el8.x86_64 3/3
Verifying : libseccomp-devel-2.5.1-1.el8.x86_64 1/3
Verifying : libseccomp-2.5.1-1.el8.x86_64 2/3
Verifying : libseccomp-2.3.3-3.el8.x86_64 3/3
Upgraded:
libseccomp-2.5.1-1.el8.x86_64
Installed:
libseccomp-devel-2.5.1-1.el8.x86_64
Complete!
よさそう。無事libseccomp-2.5.1をインストールできた。
Dockerデーモンを再起動。
sudo systemctl stop docker.socket
sudo systemctl stop docker
sudo systemctl start docker
sudo systemctl status docker
中身は、
● docker.service - Docker Application Container Engine
Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled; vendor preset: disabled)
Active: active (running) since Fri 2023-01-06 22:00:35 JST; 38min ago
Docs: https://docs.docker.com
Main PID: 15636 (dockerd)
Tasks: 13
Memory: 578.4M
CGroup: /system.slice/docker.service
└─15636 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
Jan 06 22:08:31 118-27-5-134 dockerd[15636]: time="2023-01-06T22:08:31.839549247+09:00" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Jan 06 22:08:31 118-27-5-134 dockerd[15636]: time="2023-01-06T22:08:31.851858164+09:00" level=warning msg="grpc: addrConn.createTransport failed to connect to {localhost <nil> 0 <nil>}>
Jan 06 22:08:31 118-27-5-134 dockerd[15636]: time="2023-01-06T22:08:31.863199944+09:00" level=info msg="parsed scheme: \"\"" module=grpc
Jan 06 22:08:31 118-27-5-134 dockerd[15636]: time="2023-01-06T22:08:31.863270458+09:00" level=info msg="scheme \"\" not registered, fallback to default scheme" module=grpc
Jan 06 22:08:31 118-27-5-134 dockerd[15636]: time="2023-01-06T22:08:31.863307486+09:00" level=info msg="ccResolverWrapper: sending update to cc: {[{localhost <nil> 0 <nil>}] <nil> <nil>
Jan 06 22:08:31 118-27-5-134 dockerd[15636]: time="2023-01-06T22:08:31.863328740+09:00" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Jan 06 22:08:31 118-27-5-134 dockerd[15636]: time="2023-01-06T22:08:31.863239440+09:00" level=warning msg="image exporter: unknown option load"
Jan 06 22:09:41 118-27-5-134 dockerd[15636]: time="2023-01-06T22:09:41.843267529+09:00" level=warning msg="grpc: addrConn.createTransport failed to connect to {localhost <nil> 0 <nil>}>
Jan 06 22:09:42 118-27-5-134 dockerd[15636]: time="2023-01-06T22:09:42.074260799+09:00" level=info msg="Firewalld: interface br-6f4304986c8e already part of docker zone, returning"
Jan 06 22:09:42 118-27-5-134 dockerd[15636]: time="2023-01-06T22:09:42+09:00" level=info msg="Firewalld: docker zone already exists, returning"
全部infoになっていてどうやらこれでエラーが出ておらず成功した様子。
やっとHello Worldを再実行
$ docker run hello-world
Hello from Docker!
This message shows that your installation appears to be working correctly.
To generate this message, Docker took the following steps:
1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
(amd64)
3. The Docker daemon created a new container from that image which runs the
executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
to your terminal.
To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash
Share images, automate workflows, and more with a free Docker ID:
https://hub.docker.com/
For more examples and ideas, visit:
https://docs.docker.com/get-started/
無事成功。ということでインストール、動作確認完了です。お疲れさまでした。