Docker Snap on Fedora 29

cody35367 · April 17, 2019, 12:35am

Two main issues with the docker snap on Fedora 29:

On Fedora 29 the default aufs storage driver causes the docker daemon to not start.

Error:

Apr 16 19:16:26 clin3 docker.dockerd[20192]: Error starting daemon: error initializing graphdriver: driver not supported
Apr 16 19:16:26 clin3 docker.dockerd[20192]: time=“2019-04-16T19:16:26.153732655-05:00” level=debug msg=“Cleaning up old mountid : start.”
Apr 16 19:16:26 clin3 docker.dockerd[20192]: time=“2019-04-16T19:16:26.153332226-05:00” level=error msg=“AUFS was not found in /proc/filesystems” storage-driver=aufs
Apr 16 19:16:26 clin3 docker.dockerd[20192]: time=“2019-04-16T19:16:26.152424506-05:00” level=debug msg=“processing event stream” module=libcontainerd namespace=plugins.moby
Apr 16 19:16:26 clin3 docker.dockerd[20192]: time=“2019-04-16T19:16:26.152086821-05:00” level=debug msg="[graphdriver] trying provided driver: aufs"

Workaround:

Edit /var/snap/docker/current/config/daemon.json and change storage-driver to overlay2
sudo snap start docker

~~This is not ideal because these config files are not meant to be altered in this location with snaps.~~
EDIT: My original statement is not correct. It is fine to edit configuration files in $SNAP_DATA. The better reason for fixing this is just to provide a better out of the box experience for Fedora users going forward.
SELinux is preventing the docker daemon from functioning properly.

Basically if you review the audit log you will see that SELinux is denying many functions of the docker daemon as it starts. These problems put the docker daemon in a bad state where it will not respond to docker-cli commands. Putting SELinux in permissive mode, then starting the daemon (sudo snap start docker), and then putting SELinux back into enforcement mode (after the daemon has successfully started and is running) does seem to fix the issue. However, it is a pain to do this every time and is not an ideal state for this distro.

Basically I want to help resolve these issues where possible. Let me know if more information is required.

ijohnson · April 17, 2019, 4:28pm

Hi,

Regarding the first issue we are aware and we will be pushing out an update switching the default storage-driver to overlay2 soon which will resolve the issue for new installations. Existing installations will have to manually change $SNAP_DATA/config/daemon.json to specify the storage-driver as overlay2.

For your second point, we will look into why this is the case and try to resolve it in a better way, but in the meantime can you provide the output of snap version?

ijohnson · April 17, 2019, 4:29pm

Can you explain this point more? What is the issue with modifying these config files? The docker daemon’s config file is specifically put inside $SNAP_DATA to make it editable by users, so from my standpoint it is actually meant to be altered?

cody35367 · April 18, 2019, 12:43am

Thank you for replying!

Sorry, you are correct. This was me being uninformed. I reviewed this and now understand that $SNAP_DATA is backed up and restored between refreshes. I was worried that I would lose this config between refreshes but that is not the case. I will correct my original post. The main reason for fixing this is just to provide a better out of the box experience for Fedora users.

Thank you! I removed the snap, ensured the config was gone, and then pulled from edge just to confirm and I see the default of overlay2. This should solve the first problem.

snap version:

snap 2.38-2.fc29
snapd 2.38-2.fc29
series 16
fedora 29
kernel 5.0.7-200.fc29.x86_64

cody35367 · May 3, 2019, 1:37am

The SELinux problem seems to be resolved in Fedora 30. I did not check 29 before I upgraded so it may be fixed there too now.