Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] docker: no container start more
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Wed Apr 17, 2024 3:40 pm    Post subject: [SOLVED] docker: no container start more Reply with quote

Hello community,

When changing the profile, the step

Code:
emerge --ask --emptytree @world


should be carried out. After that, none of my docker containers can be started anymore. Nothing has been changed in the container configuration. Before, the containers ran without any problems.


Code:
matrixstorage /var/log # emerge --info
Portage 3.0.61 (python 3.11.8-final-0, default/linux/arm/23.0/split-usr/armv7a_hf/desktop, gcc-13, glibc-2.38-r11, 4.9.44 armv7l)
=================================================================
System uname: Linux-4.9.44-armv7l-ARMv7_Processor_rev_3_-v7l-with-glibc2.38
KiB Mem:     2041904 total,     61568 free
KiB Swap:    4189180 total,   3867232 free
Timestamp of repository gentoo: Wed, 17 Apr 2024 14:00:00 +0000
Head commit of repository gentoo: 362353f75bf37040343095fa9b6fbcd2c4c60291
sh bash 5.1_p16-r6
ld GNU ld (Gentoo 2.41 p5) 2.41.0
app-misc/pax-utils:        1.3.7::gentoo
app-shells/bash:           5.1_p16-r6::gentoo
dev-build/autoconf:        2.13-r8::gentoo, 2.71-r6::gentoo
dev-build/automake:        1.16.5-r2::gentoo
dev-build/cmake:           3.28.3::gentoo
dev-build/libtool:         2.4.7-r4::gentoo
dev-build/make:            4.4.1-r1::gentoo
dev-build/meson:           1.3.2::gentoo
dev-java/java-config:      2.3.3-r1::gentoo
dev-lang/perl:             5.38.2-r2::gentoo
dev-lang/python:           3.10.14::gentoo, 3.11.8_p1::gentoo, 3.12.2_p1::gentoo
dev-lang/rust-bin:         1.75.0::gentoo
sys-apps/baselayout:       2.14-r2::gentoo
sys-apps/openrc:           0.54::gentoo
sys-apps/sandbox:          2.38::gentoo
sys-devel/binutils:        2.41-r5::gentoo
sys-devel/binutils-config: 5.5::gentoo
sys-devel/gcc:             13.2.1_p20240210::gentoo
sys-devel/gcc-config:      2.11::gentoo
sys-devel/llvm:            15.0.7-r3::gentoo, 17.0.6::gentoo
sys-kernel/linux-headers:  6.6-r1::gentoo (virtual/os-headers)
sys-libs/glibc:            2.38-r11::gentoo
Repositories:

gentoo
    location: /usr/portage
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    volatile: True
    sync-rsync-extra-opts:
    sync-rsync-verify-max-age: 3
    sync-rsync-verify-jobs: 1
    sync-rsync-verify-metamanifest: yes

portage-ols
    location: /var/db/repos/portage-ols
    masters: gentoo
    volatile: False

ACCEPT_KEYWORDS="arm"
ACCEPT_LICENSE="@FREE"
CBUILD="armv7a-unknown-linux-gnueabihf"
CFLAGS="-O2 -pipe -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=hard"
CHOST="armv7a-unknown-linux-gnueabihf"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt /var/bind"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php8.1/ext-active/ /etc/php/apache2-php8.2/ext-active/ /etc/php/cgi-php8.1/ext-active/ /etc/php/cgi-php8.2/ext-active/ /etc/php/cli-php8.1/ext-active/ /etc/php/cli-php8.2/ext-active/ /etc/php/fpm-php8.1/ext-active/ /etc/php/fpm-php8.2/ext-active/ /etc/php/phpdbg-php8.1/ext-active/ /etc/php/phpdbg-php8.2/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -pipe -march=armv7-a -mfpu=vfpv3-d16 -mfloat-abi=hard"
DISTDIR="/usr/portage/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME"
FCFLAGS="-O2 -pipe -march=armv7-a"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs buildpkg-live config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -pipe -march=armv7-a"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="de_DE.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LEX="flex"
LINGUAS="de en"
MAKEOPTS="-j8"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
SHELL="/bin/bash"
USE="X a52 aac acl airplay alsa apache2 arm bluetooth bluray branding bzip2 cairo caps cdda cdr cec crypt css cups curl dbus dri dts dvd dvdr elogind encode exif flac fpm ftp gd gdbm gif gpm gtk gui iconv icu ipv6 java jce jpeg lcms libnotify mad mng mp3 mp4 mpeg ncurses nls nsplugin ogg opengl openmp pam pango pcre pdf pdo php phython png policykit postgres ppds qt5 readline sdl seccomp server sound spell split-usr sqlite ssl startup-notification svg test-rust threads tiff truetype udev udisks unicode upower usb vorbis vulkan wxwidgets x264 xattr xcb xft xml xmlreader xmlwriter xv xvid zip zlib" ADA_TARGET="gcc_12" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_ARM="edsp thumb thumb2 v4 v5 v6 v7 vfp" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 ntrip navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" INPUT_DEVICES="evdev synaptics" KERNEL="linux" L10N="de en ru" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-1" POSTGRES_TARGETS="postgres15" PYTHON_SINGLE_TARGET="python3_11" PYTHON_TARGETS="python3_11" RUBY_TARGETS="ruby31" VIDEO_CARDS="exynos fbdev omap dummy" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account"
Unset:  ADDR2LINE, AR, ARFLAGS, AS, ASFLAGS, CC, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXX, CXXFILT, ELFEDIT, EMERGE_DEFAULT_OPTS, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LFLAGS, LIBTOOL, MAKE, MAKEFLAGS, NM, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PYTHONPATH, RANLIB, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS



This is the current issue of check-config, I can no longer say what the previous issue was like.

Code:
info: reading kernel config from /proc/config.gz ...

Generally Necessary:
- cgroup hierarchy: cgroupv2
  Controllers:
  - cpu: missing
  - cpuset: missing
  - io: available
  - memory: available
  - pids: available
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled (as module)
- CONFIG_BRIDGE: enabled (as module)
- CONFIG_BRIDGE_NETFILTER: enabled (as module)
- CONFIG_IP_NF_FILTER: enabled (as module)
- CONFIG_IP_NF_MANGLE: enabled (as module)
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_NETFILTER_XT_MARK: enabled (as module)
- CONFIG_IP_NF_NAT: enabled (as module)
- CONFIG_NF_NAT: enabled (as module)
- CONFIG_POSIX_MQUEUE: enabled
- CONFIG_NF_NAT_IPV4: enabled (as module)
- CONFIG_NF_NAT_NEEDED: enabled

Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_SECCOMP_FILTER: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_MEMCG_SWAP: enabled
- CONFIG_MEMCG_SWAP_ENABLED: enabled
- CONFIG_IOSCHED_CFQ: enabled
- CONFIG_CFQ_GROUP_IOSCHED: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: missing
- CONFIG_NET_CLS_CGROUP: enabled (as module)
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled (as module)
- CONFIG_IP_VS: enabled (as module)
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_SECURITY_SELINUX: missing
- CONFIG_SECURITY_APPARMOR: missing
- CONFIG_EXT3_FS: enabled
- CONFIG_EXT3_FS_XATTR: missing
- CONFIG_EXT3_FS_POSIX_ACL: enabled
- CONFIG_EXT3_FS_SECURITY: enabled
    (enable these ext3 configs if you are using ext3 as backing filesystem)
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
  - "overlay":
    - CONFIG_VXLAN: enabled (as module)
    - CONFIG_BRIDGE_VLAN_FILTERING: enabled
      Optional (for encrypted networks):
      - CONFIG_CRYPTO: enabled
      - CONFIG_CRYPTO_AEAD: enabled
      - CONFIG_CRYPTO_GCM: enabled (as module)
      - CONFIG_CRYPTO_SEQIV: enabled
      - CONFIG_CRYPTO_GHASH: enabled (as module)
      - CONFIG_XFRM: enabled
      - CONFIG_XFRM_USER: enabled (as module)
      - CONFIG_XFRM_ALGO: enabled
      - CONFIG_INET_ESP: enabled (as module)
      - CONFIG_NETFILTER_XT_MATCH_BPF: enabled (as module)
      - CONFIG_INET_XFRM_MODE_TRANSPORT: enabled (as module)
  - "ipvlan":
    - CONFIG_IPVLAN: enabled (as module)
  - "macvlan":
    - CONFIG_MACVLAN: enabled (as module)
    - CONFIG_DUMMY: enabled (as module)
  - "ftp,tftp client in container":
    - CONFIG_NF_NAT_FTP: enabled (as module)
    - CONFIG_NF_CONNTRACK_FTP: enabled (as module)
    - CONFIG_NF_NAT_TFTP: enabled (as module)
    - CONFIG_NF_CONNTRACK_TFTP: enabled (as module)
- Storage Drivers:
  - "btrfs":
    - CONFIG_BTRFS_FS: enabled (as module)
    - CONFIG_BTRFS_FS_POSIX_ACL: enabled
  - "overlay":
    - CONFIG_OVERLAY_FS: enabled (as module)
  - "zfs":
    - /dev/zfs: missing
    - zfs command: missing
    - zpool command: missing

Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000



Code:
matrixstorage ~ # docker start alpine
Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: bpf_prog_query(BPF_CGROUP_DEVICE) failed: function not implemented: unknown
Error: failed to start containers: alpine


Code:
matrixstorage ~/tmp # tail -f /var/log/docker.log

time="2024-04-17T17:03:48.412592095+02:00" level=error msg="stream copy error: reading from a closed fifo"
time="2024-04-17T17:03:48.617458303+02:00" level=error msg="Handler for POST /v1.44/containers/alpine/start returned error: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: bpf_prog_query(BPF_CGROUP_DEVICE) failed: function not implemented: unknown"



Here is a log excerpt daemon start when it still worked (Note: for me, a container is automatically started with daemon start):

Code:
time="2024-01-27T14:20:05.401101583+01:00" level=info msg="Starting up"
time="2024-01-27T14:20:05.606999916+01:00" level=info msg="[graphdriver] using prior storage driver: overlay2"
time="2024-01-27T14:20:05.879940375+01:00" level=info msg="Loading containers: start."
time="2024-01-27T14:20:06.574278916+01:00" level=info msg="Removing stale sandbox db7030b3f4ae40a6b8ff9d587269dee7110d764cf230fdbea901ac7ece1d4ce5 (cbbb9c18db5>
time="2024-01-27T14:20:06.603408708+01:00" level=warning msg="Error (Unable to complete atomic operation, key modified) deleting object [endpoint f1dccf3c9451e>
time="2024-01-27T14:20:06.778996708+01:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be us>
time="2024-01-27T14:20:07.844565208+01:00" level=info msg="Loading containers: done."
time="2024-01-27T14:20:07.923730625+01:00" level=info msg="Docker daemon" commit=311b9ff0aa93aa55880e1e5f8871c4fb69583426 graphdriver=overlay2 version=24.0.7
time="2024-01-27T14:20:07.926607375+01:00" level=info msg="Daemon has completed initialization"
time="2024-01-27T14:20:08.064004667+01:00" level=info msg="API listen on /var/run/docker.sock"


Here is a log excerpt when starting docker daemon today:

Code:
time="2024-04-17T17:27:27.997695556+02:00" level=info msg="Starting up"
time="2024-04-17T17:27:28.158434764+02:00" level=info msg="[graphdriver] using prior storage driver: overlay2"
time="2024-04-17T17:27:28.250448639+02:00" level=info msg="Loading containers: start."
time="2024-04-17T17:27:28.719671723+02:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address"
time="2024-04-17T17:27:29.540689223+02:00" level=error msg="stream copy error: reading from a closed fifo"
time="2024-04-17T17:27:29.540847723+02:00" level=error msg="stream copy error: reading from a closed fifo"
time="2024-04-17T17:27:29.627491015+02:00" level=error msg="failed to start container" container=cbbb9c18db5868a3be63f776e26f271812d0eeffa5a9ca27014cac2eb4d82c61 error="failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: bpf_prog_query(BPF_CGROUP_DEVICE) failed: function not implemented: unknown"
time="2024-04-17T17:27:29.628352265+02:00" level=info msg="Loading containers: done."
time="2024-04-17T17:27:29.699864556+02:00" level=warning msg="WARNING: No cpu cfs quota support"
time="2024-04-17T17:27:29.700004140+02:00" level=warning msg="WARNING: No cpu cfs period support"
time="2024-04-17T17:27:29.700088390+02:00" level=warning msg="WARNING: No cpu shares support"
time="2024-04-17T17:27:29.700155015+02:00" level=warning msg="WARNING: No cpuset support"
time="2024-04-17T17:27:29.700275015+02:00" level=info msg="Docker daemon" commit=061aa95809be396a6b5542618d8a34b02a21ff77 containerd-snapshotter=false storage-driver=overlay2 version=25.0.4
time="2024-04-17T17:27:29.700555098+02:00" level=info msg="Daemon has completed initialization"
time="2024-04-17T17:27:29.777843723+02:00" level=info msg="API listen on /var/run/docker.sock"




Does anyone have any ideas what I could try to solve this problem? I am grateful for any suggestions.


Last edited by misterxx on Tue Apr 23, 2024 8:22 am; edited 1 time in total
Back to top
View user's profile Send private message
fedeliallalinea
Administrator
Administrator


Joined: 08 Mar 2003
Posts: 31271
Location: here

PostPosted: Wed Apr 17, 2024 4:22 pm    Post subject: Reply with quote

Can help this topic?
_________________
Questions are guaranteed in life; Answers aren't.
Back to top
View user's profile Send private message
grknight
Retired Dev
Retired Dev


Joined: 20 Feb 2015
Posts: 1921

PostPosted: Wed Apr 17, 2024 4:23 pm    Post subject: Reply with quote

Upstream issue report says:
Code:
I'm on kernel 6.6.21 and still getting this error. Which kernel config flag do I need?

In my case it was CONFIG_BPF, CONFIG_BPF_SYSCALL, CONFIG_CGROUP_BPF.
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Thu Apr 18, 2024 9:18 am    Post subject: Reply with quote

Thanks for the tips.

I'm about stumped because I definitely didn't change the kernel. So neither the kernel nor its configuration has changed. Only the packages were rebuilt. Docker containers previously worked with the same kernel without any problems.

I am using kernel version 4.1.42 with this configuration since 2017.
Back to top
View user's profile Send private message
pingtoo
Veteran
Veteran


Joined: 10 Sep 2021
Posts: 1248
Location: Richmond Hill, Canada

PostPosted: Thu Apr 18, 2024 2:40 pm    Post subject: Reply with quote

misterxx,

May be the point was you docker (version) no longer compatible with the running kernel. so consider ungrade kernel.
Back to top
View user's profile Send private message
logrusx
Advocate
Advocate


Joined: 22 Feb 2018
Posts: 2435

PostPosted: Thu Apr 18, 2024 5:50 pm    Post subject: Reply with quote

The current longterm version available on kernel.org is 4.19, 4.x is no longer in tree and thus packages in tree no longer need to maintain compatibility with 4.x. You need to move on.

Best Regards,
Georgi
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 22673

PostPosted: Thu Apr 18, 2024 6:02 pm    Post subject: Reply with quote

misterxx wrote:
I'm about stumped because I definitely didn't change the kernel. So neither the kernel nor its configuration has changed. Only the packages were rebuilt. Docker containers previously worked with the same kernel without any problems.

I am using kernel version 4.1.42 with this configuration since 2017.
Was docker rebuilt to the same version or was it upgraded to a newer version? Check your logs to see which happened. Your emerge --info says you are on Linux kernel v4.9.44, not v4.1.42. However, git grep tells me that CGROUP_BPF does not exist in v4.9.44. Therefore, assuming the link above is accurate, your Docker version requires a feature that is not only not enabled in your kernel, but cannot be enabled because it did not exist in that kernel. Curiously, CGROUP_BPF appears to exist in v4.10, so if you want to use an outdated and unmaintained kernel, you only need to upgrade by one release (v4.9.x -> v4.10.x). This would still let you run a kernel from around 7 years ago.
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Fri Apr 19, 2024 10:33 am    Post subject: Reply with quote

pingtoo wrote:
misterxx,

May be the point was you docker (version) no longer compatible with the running kernel. so consider ungrade kernel.


That could be, the docker version increased from 24.0.7 to 25.0.4 during this action
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Fri Apr 19, 2024 10:35 am    Post subject: Reply with quote

logrusx wrote:
The current longterm version available on kernel.org is 4.19, 4.x is no longer in tree and thus packages in tree no longer need to maintain compatibility with 4.x. You need to move on.

Best Regards,
Georgi


Thank you for the hint
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Fri Apr 19, 2024 10:39 am    Post subject: Reply with quote

Hu wrote:
misterxx wrote:
I'm about stumped because I definitely didn't change the kernel. So neither the kernel nor its configuration has changed. Only the packages were rebuilt. Docker containers previously worked with the same kernel without any problems.

I am using kernel version 4.1.42 with this configuration since 2017.
Was docker rebuilt to the same version or was it upgraded to a newer version? Check your logs to see which happened. Your emerge --info says you are on Linux kernel v4.9.44, not v4.1.42. However, git grep tells me that CGROUP_BPF does not exist in v4.9.44. Therefore, assuming the link above is accurate, your Docker version requires a feature that is not only not enabled in your kernel, but cannot be enabled because it did not exist in that kernel. Curiously, CGROUP_BPF appears to exist in v4.10, so if you want to use an outdated and unmaintained kernel, you only need to upgrade by one release (v4.9.x -> v4.10.x). This would still let you run a kernel from around 7 years ago.


Docker version has changed.

I think I will update to the latest kernel soon.

I will then report on the results here.

Thanks to all!
Back to top
View user's profile Send private message
logrusx
Advocate
Advocate


Joined: 22 Feb 2018
Posts: 2435

PostPosted: Fri Apr 19, 2024 3:50 pm    Post subject: Reply with quote

misterxx wrote:


I think I will update to the latest kernel soon.

I will then report on the results here.

Thanks to all!


Updating to the latest kernel might be too big of a jump, quite a few changes happened in the recent years and the configuration might not be straight forward. You might want to consider jumping to 5.10 of 5.15 first and see how it goes. If it works out then you may consider jumping to the next stable version, otherwise you may need to think about too many configuration changes at once. If you're using 4.x since 2017 you certainly are not in need of bleeding edge hardware support or something very special other thing.

Best regards,
Georgi
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Fri Apr 19, 2024 4:48 pm    Post subject: Reply with quote

logrusx wrote:
misterxx wrote:


I think I will update to the latest kernel soon.

I will then report on the results here.

Thanks to all!


Updating to the latest kernel might be too big of a jump, quite a few changes happened in the recent years and the configuration might not be straight forward. You might want to consider jumping to 5.10 of 5.15 first and see how it goes. If it works out then you may consider jumping to the next stable version, otherwise you may need to think about too many configuration changes at once. If you're using 4.x since 2017 you certainly are not in need of bleeding edge hardware support or something very special other thing.

Best regards,
Georgi


Thanks for the tip.

In fact, the system runs on ODROID XU4 as a small Linux home server mostly as a NAS function. So hardware has not changed since 2017 ;-)

I will try the branch 5.4.y according to the following instructions, where a kernel preconfiguration for XU4 is stored by the manufacturer Herdkernel. There is also a branch 6.6.y available. However, I do it with an intermediate step, as you recommended.

https://wiki.gentoo.org/wiki/Hardkernel_ODROID-XU4#Kernel_installation
Back to top
View user's profile Send private message
logrusx
Advocate
Advocate


Joined: 22 Feb 2018
Posts: 2435

PostPosted: Fri Apr 19, 2024 8:12 pm    Post subject: Reply with quote

misterxx wrote:


In fact, the system runs on ODROID XU4 as a small Linux home server mostly as a NAS function. So hardware has not changed since 2017 ;-)


Oh, don't take any advice from me then :)

Best Regards,
Georgi
Back to top
View user's profile Send private message
JumboAg
Apprentice
Apprentice


Joined: 03 Mar 2007
Posts: 205
Location: Dallas, TX

PostPosted: Sun Apr 21, 2024 10:04 pm    Post subject: Reply with quote

I dont think your problem is the age of your kernel. I just did a system update as well and my kernel is far newer (6.1.41-gentoo). I havent updated my kernel but now NONE of my containers work either. Similar error message to what you have. I haven't figured it out yet myself.

Code:

[homesrv:/docker/homeassistant] $ docker-compose up
Starting homeassistant ... error

ERROR: for homeassistant  Cannot start service homeassistant: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: bpf_prog_query(BPF_CGROUP_DEVICE) failed: function not implemented: unknown

ERROR: for homeassistant  Cannot start service homeassistant: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: bpf_prog_query(BPF_CGROUP_DEVICE) failed: function not implemented: unknown
ERROR: Encountered errors while bringing up the project.


Same error from every container I have.
Back to top
View user's profile Send private message
Hu
Administrator
Administrator


Joined: 06 Mar 2007
Posts: 22673

PostPosted: Sun Apr 21, 2024 10:19 pm    Post subject: Reply with quote

Kernel 6.1.41 can have the Kconfig options mentioned above enabled, but is not required to enable them. JumboAg, have you checked that those Kconfig options are enabled for you? OP's kernel is so old those Kconfig options do not exist, and thus cannot be enabled.
Back to top
View user's profile Send private message
JumboAg
Apprentice
Apprentice


Joined: 03 Mar 2007
Posts: 205
Location: Dallas, TX

PostPosted: Mon Apr 22, 2024 1:07 am    Post subject: Reply with quote

Hu wrote:
Kernel 6.1.41 can have the Kconfig options mentioned above enabled, but is not required to enable them. JumboAg, have you checked that those Kconfig options are enabled for you? OP's kernel is so old those Kconfig options do not exist, and thus cannot be enabled.


Yep, that's what mine was. New kernel options resolved it.
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Mon Apr 22, 2024 8:27 am    Post subject: Reply with quote

Great, thanks for the tips!
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Mon Apr 22, 2024 8:51 am    Post subject: Reply with quote

I have a question next door.

https://wiki.gentoo.org/wiki/Hardkernel_ODROID-XU4#Kernel_installation

I have executed the instructions genkernel and mkimage according to the chapter "Kernel installation". What I don't quite understand are the steps:

Code:

root #mkdir /mnt/odroid/boot/overlays
root #INSTALL_MOD_PATH=/mnt/odroid/ make modules_install
root #cp -f /var/tmp/genkernel/kernel-arm-`make kernelrelease` /mnt/odroid/boot/zImage
root #cp -f uInitrd-`make kernelrelease` /mnt/odroid/boot/uInitrd
root #cp -f arch/arm/boot/dts/exynos5422-odroidxu4.dtb /mnt/odroid/boot/
root #cp -f arch/arm/boot/dts/overlays/*.dtbo /mnt/odroid/boot/overlays/
root #cp -f .config /mnt/odroid/boot/config-`make kernelrelease`
root #cd ..


I am supposed to copy the necessary files to my boot partition. This is how I mount my boot partition under "/boot". It currently looks like this:

Code:
-rwxr-xr-x 1 root root 8,9K 31. Aug 2017  boot.ini*
-rwxr-xr-x 1 root root  753 20. Aug 2017  boot.ini.default*
-rwxr-xr-x 1 root root 8,9K 20. Aug 2017  boot.ini.orig*
-rwxr-xr-x 1 root root 138K 31. Aug 2017  config-4.9.44-20170831*
-rwxr-xr-x 1 root root  62K 24. Aug 2017  exynos5422-odroidxu3.dtb*
-rwxr-xr-x 1 root root  61K 24. Aug 2017  exynos5422-odroidxu3-lite.dtb*
-rwxr-xr-x 1 root root  61K 31. Aug 2017  exynos5422-odroidxu4.dtb*
-rwxr-xr-x 1 root root 8,8M 31. Aug 2017  uInitrd*
-rwxr-xr-x 1 root root 8,8M 31. Aug 2017  uInitrd-4.9.44*
-rwxr-xr-x 1 root root 4,7M 31. Aug 2017  zImage*



I copy the files zImage, uInitrd and arch/arm/boot/dts/exynos5422-odroidxu4.dtb to /boot/ or use them to overwrite the existing files.

I copy the arch/arm/boot/dts/overlays/*.dtbo files to /boot/overlays/

What I don't understand is what should I do with the generated lib directory using the instruction "INSTALL_MOD_PATH=/mnt/odroid/make modules_install"?

I also ask myself the question: Since I didn't have /boot/overlays until now, do I have to adjust something in the boot.ini?

Yes, basically something has to be adjusted in the boot.ini?

I just want to avoid that after changing the boot partition the computer does not boot and I have to rely on emergency solutions with recovery media.

Thank you in advance!
Back to top
View user's profile Send private message
pingtoo
Veteran
Veteran


Joined: 10 Sep 2021
Posts: 1248
Location: Richmond Hill, Canada

PostPosted: Mon Apr 22, 2024 9:11 pm    Post subject: Reply with quote

misterxx,

Quote:
What I don't understand is what should I do with the generated lib directory using the instruction "INSTALL_MOD_PATH=/mnt/odroid/make modules_install"?
You can review the link you use for kernel_installation, Just above the "kernel installation" section
Kernel Installation above wrote:
In the next chapters, the target Gentoo system will be installed in these partitions. Thus they have to be mounted in the host Gentoo filesystem. Throughout this article, the partitions will be mounted under the /mnt/odroid/ mountpoint.
Code:
root #mkdir /mnt/odroid
root #mount /dev/mmcblkYp3 /mnt/odroid
root #mkdir /mnt/odroid/boot
root #mount /dev/mmcblkYp1 /mnt/odroid/boot
root #mkdir /mnt/odroid/var # if applicable
root #mount /dev/mmcblkYp5 /mnt/odroid/var # if applicable


So as you can see it is assume your odroid-XU4 rootfs is mounted on /mnt/odroid therefor the command
Code:
INSTALL_MOD_PATH=/mnt/odroid/ make modules_install
Will perform copy the kernel module library you built into /mnt/odroid/lib/module/`make kernelrelease`/

Quote:
I also ask myself the question: Since I didn't have /boot/overlays until now, do I have to adjust something in the boot.ini?
I don't know your boot.init content, so I cannot say for sure, but assume you got those copy commands executed correctly, you should not need to change anything. Three key elements you replaced is zImage, uInited and the board dtb, as long as they are correct you board should boot, I am not sure if you need any thing from overlay to enable device on the board.
Back to top
View user's profile Send private message
misterxx
Guru
Guru


Joined: 18 Apr 2004
Posts: 514

PostPosted: Tue Apr 23, 2024 8:21 am    Post subject: Reply with quote

Thanks, pingtoo!

Thank you for the explanation. Unfortunately, I didn't get round to looking at the previous chapter. Oh man, well, it happened.

Now I have understood the topic of copying files to the /boot partition. System started up without any problems with updated kernel.

Code:
matrixstorage /usr/src # uname -r
5.4.274-arm+


Fortunately, the docker containers can also be started again! Very good!

I'll be running this kernel for the next test period and am considering switching to 6.6.y in the same way soon.


Thanks again to everyone involved for their support!
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum