Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Please Distribute Docker-CE images on Docker Hub #3050

Closed
singe opened this issue Jul 4, 2018 · 6 comments
Closed

Please Distribute Docker-CE images on Docker Hub #3050

singe opened this issue Jul 4, 2018 · 6 comments

Comments

@singe
Copy link

@singe singe commented Jul 4, 2018

Bringing a Twitter convo with @justincormack & @rn here.

I need to build an entire custom kernel, not just a module (why is covered below, but not the core issue). However, doing so means I need to rebuild the whole LinuxKit docker-for-mac image. This means things like transfused and sendtohost aren't there so bind mounts break, and the taskbar app constantly thinks linuxkit is starting for example.

I created linuxkit-for-mac to workaround the need to extract those binaries from the linuxkit iso distributed with docker-ce for mac and include them in a new image that can be embedded in a new linuxkit build. It's a horrible hack.

Ideally, if the docker-ce image layer used for the docker-ce builds could be published on docker hub, we could rebuild a first class LinuxKit not a half working one. Alternatively, if individual layers, like a transfused one could be published, so we could recreate it without the need to first extract it from the running image, that would help. Of course, fully open sourcing things like transfused would be nice too, but not required.

As for the why (don't get stuck here, my request is for people with a general need to rebuild LinuxKit), I need to enable wifi extensions, so I can use the mac80211_hwsim module. The specific kernel config differences needed are here. You'll note this can't all be done as modules. That said, I tried. I extracted the /proc/config.gz from the distributed LinuxKit image, and followed this test example to build the modules. Trying to insmod them resulted in signal errors because of numerous missing symbols. Things like CONFIG_WIRELESS and CONFIG_WLAN are not available as modules. There may be a way to get this working, but it doesn't solve the general problem, of people looking to rebuild a fully working LinuxKit. On Twitter, I suggested adding those kernel config options to the distributed kernel, but on review, that doesn't make sense, it's an edge case that crufts up the kernel for the majority of people who don't need it.

@rn

This comment has been minimized.

Copy link

@rn rn commented Jul 4, 2018

Hi,

I'm closing this issue here as won't fix. Docker Desktop is an application which is build from some open source components (such as various LinuxKit packages) and some closed source components. For Desktop, we consider the embedded Linux VM as an appliance which is tightly integrated into the application and it is not something we currently consider being customisable by users.

As I mentioned on Twitter, I would consider enabling the kernel options you require in the kernel, so we would need to audit the implications. Could you please open an issue in linuxkit/linuxkit as this is the upstream for the kernel used Docker Desktop.

@rn rn closed this Jul 4, 2018
@rn rn added the status/0-wont-fix label Jul 4, 2018
@singe

This comment has been minimized.

Copy link
Author

@singe singe commented Jul 4, 2018

Ok, I'll open an issue there. To be clear, wouldn't the kernel config used by Docker Desktop still be private and the change need to be made there not across all of LinuxKit?

@rn

This comment has been minimized.

Copy link

@rn rn commented Jul 4, 2018

we mostly treat linuxkit/linuxkit as upstream for the Linux VM image shipped with Docker for Mac including the kernel config. For Docker for Mac we currently build a custom kernel to enable AUFS but re-use the kernel config from linuxkit/linuxkit

@singe

This comment has been minimized.

Copy link
Author

@singe singe commented Jul 4, 2018

@arashd

This comment has been minimized.

Copy link

@arashd arashd commented Jan 11, 2019

Somewhat related issue I'm coming across with criu that should have a similar fix:

I've been trying to get the checkpoint/restore experimental feature of docker to work on a mac.

After turning on the experimental feature, I see:

$ docker checkpoint create 53fc5dcc6fc9 checkpoint1
Error response from daemon: Cannot checkpoint container 53fc5dcc6fc9: runc did not terminate sucessfully: CRIU version check failed: exec: "criu": executable file not found in $PATH path= /var/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/53fc5dcc6fc9376f1cf067015750ce67cfbac1863a86b73593cc3dbab974223f/criu-dump.log: unknown

criu doesn't exist on the vm that docker for mac uses by default. I am pretty sure I need to install CRIU on the d4m linux vm. I attempted to use this approach (https://github.com/boucher/criu-for-mac), but realized it doesn’t work since docker for mac, in its newer versions, uses a .iso file built with Linuxkit for its vm, and the image has a read-only filesystem.

$ docker run --rm -it --privileged --pid=host boucher/criu-for-mac
sh: criu: not found
ERROR: Unable to lock database: Read-only file system
ERROR: Failed to open apk database: Read-only file system

The closest I could get was this post, which attempts to pull out some of the missing pieces out of the existing docker for mac image: https://github.com/singe/linuxkit-for-mac.

Is there a better way of doing this that isn’t as brittle, and has someone made the above work?

Would appreciate any help.

@tuzz

This comment has been minimized.

Copy link

@tuzz tuzz commented Feb 19, 2020

Any movement on the CRIU issue? It'd be a huge boon to development environments to be able to checkpoint/restore running applications. As far as I can tell, we're just missing a few dependencies in the d4m VM that shouldn't be too difficult to add? I think a lot of people would love this feature.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
4 participants
You can’t perform that action at this time.