New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DOCKER_OPTS do not work in config file /etc/default/docker #9889

Closed
seanlook opened this Issue Jan 4, 2015 · 51 comments

Comments

Projects
None yet
@seanlook

seanlook commented Jan 4, 2015

I have changed /etc/default/docker with DOCKER_OPTS="-H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock" (docker version 1.4.1 in ubuntu 14.04), but it do not take any effect for me. It seems that docker do not read this initital config file because I found export http_proxy enviroment do not work too.

Only sudo docker -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock -d works.

It really confused me!

@phemmer

This comment has been minimized.

Contributor

phemmer commented Jan 4, 2015

What distro are you using (including version), and where did you get the docker package from, and what version is it?

@seanlook

This comment has been minimized.

seanlook commented Jan 4, 2015

I have memtioned it within the question. Docker version 1.4.1, ubuntu 14.04. I'm following the installation guides to install latest version $ sudo apt-get install lxc-docker

@acbodine

This comment has been minimized.

Contributor

acbodine commented Jan 9, 2015

$ sudo service docker stop
docker stop/waiting

$ cat /etc/default/docker
# Docker Upstart and SysVinit configuration file

# Customize location of Docker binary (especially for development testing).
#DOCKER="/usr/local/bin/docker"

# Use DOCKER_OPTS to modify the daemon startup options.
DOCKER_OPTS="-H tcp://127.0.0.1:2375"

# If you need Docker to use an HTTP proxy, it can also be specified here.
#export http_proxy="http://127.0.0.1:3128/"

# This is also a handy place to tweak where Docker's temporary files go.
#export TMPDIR="/mnt/bigdrive/docker-tmp"

$ sudo service docker start
$ export DOCKER_HOST=127.0.0.1:2375

$ docker info
Containers: 3
Images: 49
Storage Driver: aufs
 Root Dir: /var/lib/docker/aufs
 Dirs: 55
Execution Driver: native-0.2
Kernel Version: 3.13.0-40-generic
Operating System: Ubuntu 14.04.1 LTS
CPUs: 4
Total Memory: 7.679 GiB
Name: thorn
ID: 2MCI:3YT2:XQ4H:AX24:S7BJ:ADF6:L4JT:EKHM:KOIG:CR7N:FOTS:ZCVS

$ docker version
Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.3.3
Git commit (client): 5bc2ff8
OS/Arch (client): linux/amd64
Server version: 1.4.1
Server API version: 1.16
Go version (server): go1.3.3
Git commit (server): 5bc2ff8

I don't seem to be having the same problem. Can you paste the output of your docker info and docker version ?

@stozk

This comment has been minimized.

stozk commented Jan 15, 2015

I have installed docker locally yesterday and (probably) ran into this problem. In my case the problem was, that the new docker version (1.4.1) comes with this new /etc/default/docker file (maybe even earlier versions, but the last version I installed and only updated since then on my server, only had the DOCKER_OPTS variable in it and I think it was just empty and not commented out), which has all that stuff in it, but it's all commented out by default.
I tried for like 2 hours to get it working until I noticed that the options were inactive... :(

@acbodine

This comment has been minimized.

Contributor

acbodine commented Jan 15, 2015

@stozk +1 for figuring it out though!

@seanlook

This comment has been minimized.

seanlook commented Jan 16, 2015

I upgrade docker version 1.3.1 to 1.4.1 and run into this problem. Finally I got my problem resolved by reboot my ubuntu server. Maybe, @stozk is right.

@seanlook seanlook closed this Jan 16, 2015

@AlexAndrascu

This comment has been minimized.

AlexAndrascu commented Jan 22, 2015

I'm still having this issue.

sudo docker info
Containers: 3
Images: 67
Storage Driver: devicemapper
 Pool Name: docker-8:33-22287262-pool
 Pool Blocksize: 65.54 kB
 Data file: /var/lib/docker/devicemapper/devicemapper/data
 Metadata file: /var/lib/docker/devicemapper/devicemapper/metadata
 Data Space Used: 1.543 GB
 Data Space Total: 107.4 GB
 Metadata Space Used: 3.158 MB
 Metadata Space Total: 2.147 GB
 Library Version: 1.02.82-git (2013-10-04)
Execution Driver: native-0.2
Kernel Version: 3.18.0-031800-generic
Operating System: Ubuntu 14.10


Client version: 1.4.1
Client API version: 1.16
Go version (client): go1.3.3
Git commit (client): 5bc2ff8
OS/Arch (client): linux/amd64
Server version: 1.4.1
Server API version: 1.16
Go version (server): go1.3.3
Git commit (server): 5bc2ff8

@fstuess

This comment has been minimized.

fstuess commented May 22, 2015

got into the same issue.
Ubuntu 14.10 uses systemd instead of sysv-init/upstart
Maybe you should look into /lib/systemd/system/docker.service to change options

@zepalmer

This comment has been minimized.

zepalmer commented Jun 7, 2015

I've also encountered this problem (Debian Jessie 8.0, lxc-docker=1.6.2). After a look around at the configuration files in /lib/systemd/system/, it seems that the Docker configuration file (/lib/systemd/system/docker.service) is not using /etc/default/docker at all. :( The problem is solved by adding an EnvironmentFile directive and modifying the command line to include the options from the file, e.g.

[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target docker.socket
Requires=docker.socket

[Service]
EnvironmentFile=-/etc/default/docker
ExecStart=/usr/bin/docker -d $DOCKER_OPTS -H fd://
MountFlags=slave
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity

[Install]
WantedBy=multi-user.target

I edited /lib/systemd/system/docker.service to look like the above, ran systemctl daemon-reload, and then restarted the Docker service. This time, it properly launched with the options set in DOCKER_OPTS in my /etc/default/docker.

Again, I'm on Debian Jessie 8.0 with lxc-docker=1.6.2, so YMMV.

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Jun 7, 2015

Correct, the /etc/default/docker file is only used on systems using "upstart" and "SysVInit", not on systems using systemd.

This is also mentioned at the top of the file;
https://github.com/docker/docker/blob/44fe8cbbd174b5d85d4a063ed270f6b9d2279b70/contrib/init/sysvinit-debian/docker.default#L1

@zepalmer

This comment has been minimized.

zepalmer commented Jun 7, 2015

Fair point. On my Debian system, however, the systemd services in /lib/systemd/system/ all include an EnvironmentFile directive to point to the appropriate /etc/defaults/ file. It seems that I should interpret this as an indication that the Ubuntu Docker package isn't, in this somewhat minor way, appropriate for Debian systems. I'll bear this in mind. :)

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Jun 7, 2015

@zepalmer if I'm not mistaken, there's currently some work being done on the installation for those systems, but I'm not 100% clear on what the status is and what changes are made 😊

@eolamey

This comment has been minimized.

Contributor

eolamey commented Jun 8, 2015

@zepalmer, as the latest version of the documentation suggests (http://docs.master.dockerproject.org/articles/systemd/), the proper way to edit systemd service file is to create a file in /etc/systemd/system/docker.service.d/<something>.conf and only override the directives you need. The file in /lib/systemd/system/docker.service is "reserved" for the package vendor.

@zepalmer

This comment has been minimized.

zepalmer commented Jun 9, 2015

Good to know, thanks. My apologies for cluttering up the bug report. :)

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Jun 9, 2015

@zepalmer no problem!

@rcousens

This comment has been minimized.

rcousens commented Jul 13, 2015

This tripped me up a lot on Ubuntu 15.04 using Docker 1.8.0 experimental via the shell script install process. My assumption is the apt repository package does not provide a proper docker systemd unit file yet?

I ended up having to do a double ExecStart in my override file to clear the original else it would complain about two ExecStart's on a oneshot.

I.e. in /etc/systemd/system/docker.service.d/docker.conf

[Service]
EnvironmentFile=-/etc/default/docker
ExecStart=
ExecStart=docker -d $DOCKER_OPTS ...
@ballPointPenguin

This comment has been minimized.

ballPointPenguin commented Aug 27, 2015

thanks

for me, my settings were simply located in /etc/systemd/docker file

FYI

[~]$ docker info
Containers: 4
Images: 77
Storage Driver: btrfs
 Build Version: Btrfs v4.1.2+20150724
 Library Version: 101
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 4.1.6-1-desktop
Operating System: openSUSE 20150823 (Tumbleweed) (x86_64)
CPUs: 8
Total Memory: 15.55 GiB
Name: linux.site
ID: 7JXD:UYXG:ADLO:4DYM:YBSL:GBCO:RGXE:RICT:3WV3:REZX:HIQM:Y773
Username: ____
Registry: https://index.docker.io/v1/
WARNING: No swap limit support
@mattelacchiato

This comment has been minimized.

mattelacchiato commented Oct 16, 2015

Hi,

I can't find the commits 5c7fa42 and 0e7fb27 any more. Were they published to a branch which is now deleted?

I think, the should be merged into master and/or to the release branch immediately!

mattelacchiato pushed a commit to mattelacchiato/docker that referenced this issue Oct 16, 2015

Matthias Brandt
Systemd init script should support DOCKER_OPTS
See #9889 (specifically, [here](#9889 (comment)). The systemd daemon should support `DOCKER_OPTS` the same as upstart and sysv do.

This commit is copied from
moby@0e7fb27
The commit itself is not present anymore (maybe it's orphaned?).

mattelacchiato pushed a commit to mattelacchiato/docker that referenced this issue Oct 16, 2015

Matthias Brandt
Systemd init script should support DOCKER_OPTS
See moby#9889 (specifically, [here](moby#9889 (comment)). The systemd daemon should support `DOCKER_OPTS` the same as upstart and sysv do.

This commit is copied from
moby@0e7fb27
The commit itself is not present anymore (maybe it's orphaned?).

Signed-off-by: Matthias Brandt <matthias.brandt@inoio.de>
@cpuguy83

This comment has been minimized.

Contributor

cpuguy83 commented Oct 16, 2015

@mattelacchiato no they were not.
systemd has a built-in method called 'drop-ins' to handle customizing unit files.

https://coreos.com/os/docs/latest/using-systemd-drop-in-units.html

@netbrain

This comment has been minimized.

Contributor

netbrain commented Oct 20, 2015

Apparently you can override the entire unit file like so:

sudo cp /lib/systemd/system/docker.service /etc/systemd/system/docker.service

and then replacing whatever you need in the new file located within /etc.

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Oct 21, 2015

@netbrain also see the documentation, which contains some example to override more fine-grained: https://docs.docker.com/articles/systemd/#custom-docker-daemon-options

@anirudt

This comment has been minimized.

anirudt commented Nov 18, 2015

@stozk 👍 for providing the fix.

guybrush added a commit to guybrush/k8s that referenced this issue Nov 24, 2015

fix docker config
see moby/moby#9889
huge thx to @resouer

this needs still lots of cleanup but now completely works
@jeffjohnston

This comment has been minimized.

Contributor

jeffjohnston commented Dec 10, 2015

@thaJeztah That link fixed my issue too. I could clearly see that adding things to /etc/sysconfig/docker was not doing anything but I wasn't really sure the best way to fix it.

Is there anyone I could notify to let them know the docs are wrong on this page:
https://docs.docker.com/engine/articles/configuring/

Or at least put in a link for systemd (Red Hat) installs so others can figure it out faster:
http://docs.docker.com/engine/articles/systemd/#custom-docker-daemon-options

@JM1

This comment has been minimized.

JM1 commented Aug 24, 2016

If you use options that need expansion, e.g.: DOCKER_OPTS="-g $(readlink -f /var/lib/docker)" then this might help:

[ ! -e /etc/systemd/system/docker.service.d/ ] && mkdir -p /etc/systemd/system/docker.service.d/
cat << 'EOF' > /etc/systemd/system/docker.service.d/docker.conf
# Load /etc/default/docker from SystemD init script
# References: 
#  https://github.com/docker/docker/issues/9889#issuecomment-120927382
#  https://gist.github.com/nickjacob/9909574

[Service]
# This line is sufficient if DOCKER_OPTS variable does not have to be expanded:
#EnvironmentFile=-/etc/default/docker
# Use this line to expand DOCKER_OPTS variable:
ExecStartPre=/bin/sh -c ". /etc/default/docker && /bin/systemctl set-environment DOCKER_OPTS=\"$DOCKER_OPTS\""

ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// $DOCKER_OPTS

EOF

systemctl daemon-reload 
service docker restart
@JazzDeben

This comment has been minimized.

JazzDeben commented Sep 16, 2016

On Ubuntu. If you experience error:

  • x509: cannot validate certificate for [IP address or domain name] because it doesn't contain any IP SANs

On the Docker registry the certificate had to be compiled with the subjectAltName as described here:
https://docs.docker.com/engine/security/https/

Here is the code for convenience:
$ echo subjectAltName = IP:10.10.10.20,IP:127.0.0.1 > extfile.cnf
$ openssl x509 -req -days 365 -sha256 -in server.csr -CA ca.pem -CAkey ca-key.pem
-CAcreateserial -out server-cert.pem -extfile extfile.cnf

Note, I was able to check the subject alternative name is present in the certificate using the following command:
openssl x509 -in certificate.crt -text -noout

However, on Ubuntu 14 client (i.e. Docker Engine)
This error was followed suit by
x509: certificate signed by unknown authority

For people using Ubuntu 14.
The config file that is used for the Docker engine (that I want to use to connect to the Docker Registry):
/etc/default/docker

in there, you need to specify the docker options:
DOCKER_OPTS="--insecure-registry myinsecure.com:5000"

Then restart the daemon (add sudo if you user is not allowed to start a docker service):
$ [sudo] service docker restart

The value does not need to be a domain name, it simply has to match what you certificate is registered with; I have an IP address with a port and this works... (i.e. e.g. 100.100.100.100:100)

All this took me a day, so, I am posting this hoping that it will be useful to other people...

@rjarmstrong

This comment has been minimized.

rjarmstrong commented Dec 21, 2016

Having gone down this road twice here's my take for Debian Jessie:

Debian GNU/Linux 8 (jessie) / Docker version 1.12.3

vi /lib/systemd/system/docker.service

Change this line:

     ExecStart=/usr/bin/dockerd --label=[co.kwk.dc=sj] -H fd://

systemctl daemon-reload
service docker restart

Check it
docker info

Would be great if /etc/default/docker file wasn't installed on systemd setups.

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Dec 21, 2016

@rjarmstrong you should not modify the main systemd unit file; doing so will result in the unit file not being updated if you update a newer version of docker, which can result in issues. If you want to change the systemd unit file, use a drop-in file, as explained here; http://docs.docker.com/engine/articles/systemd/#custom-docker-daemon-options

However, the easiest way to make changes to the daemon configuration is to use a daemon.json configuration file; that approach works independent of the init system used (systemd, upstart), and even works if you start the daemon manually. If also allows you to reload some configuration settings without restarting the daemon. See https://docs.docker.com/engine/reference/commandline/dockerd/#/daemon-configuration-file

@rjarmstrong

This comment has been minimized.

rjarmstrong commented Dec 21, 2016

Thanks @thaJeztah that works well - I went with editing /etc/docker/daemon.json and restarting the service. I think the documentation on Docker could summarise the configuration options at the top of the page better though, as it stands you kind of have to read most of the page (estimated reading time 47 minutes!) to get a full idea of the options.

@carloscds

This comment has been minimized.

carloscds commented Jan 4, 2017

Hi all, I'm using Ubuntu 16.10 and I have same problem: daemon not use DOCKER_OPTS config. Any ideas ?

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Jan 4, 2017

@carloscds did you take the time to read the discussion above before posting your question?

@carloscds

This comment has been minimized.

carloscds commented Jan 4, 2017

@thaJeztah I already read this post and many others, but I can't solve my problem.

@cpuguy83

This comment has been minimized.

Contributor

cpuguy83 commented Jan 4, 2017

@carloscds Don't use /etc/default/docker. It's used only by upstart, which is not used by Ubuntu since 16.04.

Use /etc/docker/daemon.json, which is documented here: https://docs.docker.com/engine/reference/commandline/dockerd/#/linux-configuration-file

@carloscds

This comment has been minimized.

carloscds commented Jan 4, 2017

@cpuguy83 Thanks, I change configuration using daemon.json and now it's working!

@et304383

This comment has been minimized.

et304383 commented Jan 12, 2017

Why does the docker.io package install a systemd file that DOES source EnvironmentFile for additional config?

Meanwhile docker-engine installs a different systemd file. Which package is correct? Why is docker.io still present if it's wrong?

@vdemeester

This comment has been minimized.

Member

vdemeester commented Jan 12, 2017

Which package is correct? Why is docker.io still present if it's wrong?

docker-engine is the official one. docker.io package is not maintained by us, it's maintained (probably no more) by Ubuntu developper (see http://packages.ubuntu.com/zesty/docker.io)

@cpuguy83

This comment has been minimized.

Contributor

cpuguy83 commented Jan 12, 2017

@eric-tucker "docker-engine" is the official package provided by Docker Inc, "docker.io" is provided by Canonical.

It's important to note that "EnvironmentFile" is not shell compatible, meanwhile the old "/etc/default/docker" is expected to be sourced by a shell.

The daemon.json file is the right place to put config. It supports hot-reloading of certain parameters and works on any distro, init system, whatever.

@et304383

This comment has been minimized.

et304383 commented Jan 12, 2017

@cpuguy83 so how does one define DOCKER_OPTS now then? In /etc/docker/daemon.json here?

    "insecure-registries": [],

I want to make sure I'm doing things correctly now.

Edit: I was editing DOCKER_OPTS to specify an insecure registry.

@cpuguy83

This comment has been minimized.

Contributor

cpuguy83 commented Jan 12, 2017

You don't define "DOCKER_OPTS".
In the old upstart config this is essentially what was happening:

# /etc/default/docker
DOCKER_OPTS="--insecure-registry 1.2.3.4 -s overlay"
# upstart config
source /etc/default/docker
exec docker daemon "$DOCKER_OPTS"

DOCKER_OPTS was not some special env var that Docker uses, it's just set in one file and consumed by the init script in another file and inserted as an inline argument to the docker command.

/etc/docker/daemon.json is the hard-coded default location for daemon configuration in Docker.
To do the equivalent config as above you would put this in /etc/docker/daemon.json:

{
    "insecure-registries": ["1.2.3.4"],
    "storage-driver": "overlay"
}

When docker starts, it reads this file and loads the configuration.

@et304383

This comment has been minimized.

et304383 commented Jan 12, 2017

I understood that DOCKER_OPTS was just a way to get command line options onto the daemon call. Hence why I was aware of the EnvironmentFile line in the docker.io version of /lib/systemd/system/docker.service. I know you have to assume we're all dumb in your replies though. :)

Glad to know config has gotten simpler with a simple json file, but yaml would have been a better choice. :(

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Jan 12, 2017

@eric-tucker it helps for people that arrive on these issues through Google search, and may not be aware of the way things work.

@et304383

This comment has been minimized.

et304383 commented Jan 12, 2017

Good point @thaJeztah . The json config is working for me. Thanks @cpuguy83 and @vdemeester .

@imranfawan

This comment has been minimized.

imranfawan commented Jan 19, 2017

@acbodine - Thanks your post really helped !! In addition to setting DOCKER_OPTS="-H tcp://127.0.0.1:2375". However to get jenkins to pick up the daemon I also had to execute
sudo nohup docker daemon -H tcp://127.0.0.1:2375 -H unix:///var/run/docker.sock &

@sbwoodside

This comment has been minimized.

sbwoodside commented Feb 12, 2017

The Debian package should not install SysVinit scripts and configuration files (e.g. /etc/default/docker) because they are not used.

I filed this new issue: #30936

Thanks @zepalmer @rjarmstrong

@chucky2305

This comment has been minimized.

chucky2305 commented Apr 19, 2017

I think i have f***ed up my docker.service file. Can someone post me the original file of it?

@thaJeztah

This comment has been minimized.

Member

thaJeztah commented Apr 19, 2017

@chucky2305 latest version is here; https://github.com/moby/moby/tree/master/contrib/init/systemd, depending on if you're using an rpm-based system (CentOS, RHEL, Fedora), you only need the .rpm version, otherwise, you need the other two (for socket activation)

@holms

This comment has been minimized.

holms commented May 30, 2017

Using /etc/docker/daemon.json instead of /etc/default/docker solved my issue! This comments for those who scrolls to the last post 👅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment