Docker Issues and Tips (aufs/overlay/btrfs..)

Picked up and categorized subjectively. Comments and pull requests are welcome.

Storage Drivers

AUFS

Issue	Abstract	Impact	Reproducibility	Cause	Solution	Notes
✅ #783	Cannot access to a directory due to a permission error	😐 Medium	😃 Easy	Expected AUFS behavior. dirperm1 mount option fixes this issue.	Update the kernel (AUFS >= 2008xxxx?) and Docker daemon (>= 1.7)	Confirm: `docker info
✅ #18180	A process becomes a zombie and hangs up	😱 High	😱 Hard(multiprocessor) 😃 Easy(uniprocessor)	Compatibility between the kernel and AUFS	Update the kernel (AUFS >= 20160111)	Especially Java apps and MongoDB are affected
⬜ #20199	fcntl(F_SETFL, O_APPEND) is ignored and hence data can be corrupted	😱 High	😃 Easy	AUFS bug	None (Workaround: patch)	Especially Dovecot is affected
⬜ #20240	Weird permission even though dirperm1 is enabled	😐 Medium	😱 Hard	Unanalyzed	None

Non-bug issues:

• AUFS is not available in the mainline kernel．Only a few distros (Ubuntu, Boot2Docker, ..) support AUFS, but even for Ubuntu, Canonical says "AUFS will disappear".

Overlay

Issue	Abstract	Impact	Reproducibility	Cause	Solution	Notes
⬜ #10180	File corruption	😱 High	😱 Hard	Unanalyzed	None	Especially RPMs are affected
⬜ #12080	Cannot use UNIX domain sockets	😐 Medium	😃 Easy	Overlay Bug	None (Workaround: patch)
⬜ #19082	Weird behavior after removing the current directory	😃 Low	😃 Easy	Overlay Bug	None (Workaround: patch)
⬜ #19647	Untar fails intermittently	😱 High	😱 Hard	Unanalyzed (Overlay bug related to symbolic links?)	None
⬜ #19758	Daemon hangs up after frequent docker run	😱 High	😱 Hard	Unanalyzed (Overlay bug related to the number of processors?)	None

Non-bug issues:

• 😱 High inode usage
• Red Hat says OverlayFS is Tech Preview

BtrFS

Issue	Abstract	Impact	Reproducibility	Cause	Solution	Notes
✅ #19073	sendfile(2) can be unkillable	😃 Low	😃 Easy	BtrFS bug	None	Not likely to happen in production, but needs consideration for public PaaS
⬜ #20080	cgroups kmem limit leads crash and data corruption	😱 High	😃 Easy?	Btrfs bug	Avoid kmem limit configuration?

Non-bug issues:

• Slow #10161
• No page sharing (e.g. same DLLs are loaded redundantly) http://comments.gmane.org/gmane.comp.sysutils.docker.devel/1384
• Docker says BtrFS is Experimental. Red Hat says BtrFS is Tech Preview.

ZFS

Issue	Abstract	Impact	Reproducibility	Cause	Solution	Notes
✅ #20153	Some operations fail due to EBUSY	😐 Medium	😐 Medium	Daemon bug	Update Docker daemon

Non-bug issues:

• Docker says ZFS is not recommended for production.

DeviceMapper

Issue	Abstract	Impact	Reproducibility	Cause	Solution	Notes
✅ #4036	Mount fails	😱 High	😃 Easy	udev sync disabled	Use a Docker daemon binary which supports udev sync	Confirm: `docker info
⬜ #5684	Cannot restart containers after restaring the daemon	😱 High	😃 Easy	Unanalyzed	None
⬜ #20401	Infinite “mount/remount” loop, which makes the system unresponsive	😱 High	😱 High	Unanalyzed (perhaps related to XFS)	None

Non-bug issues:

• Slow #10161
• No page sharing (e.g. same DLLs are loaded redundantly) http://comments.gmane.org/gmane.comp.sysutils.docker.devel/1384

So which storage driver should I use?

It totally depends on your workload, but Docker, Inc. says AUFS and Devicemapper (direct-lvm) are "production-ready".

https://github.com/docker/docker/blob/master/docs/userguide/storagedriver/selectadriver.md#future-proofing

Although not listed in the above table, VFS driver is also attractive for its robustness.

Links:

• https://jpetazzo.github.io/assets/2015-03-03-not-so-deep-dive-into-docker-storage-drivers.html#1
• http://www.projectatomic.io/docs/filesystems/

Anyway...

You know, containers should be "immutable" and "disposable".

For persistent data and some special temporary data, you should better consider using an external volume (docker run -v).

Links:

• https://github.com/emccode/rexray

Network

Issue	Abstract	Impact	Reproducibility	Cause	Solution	Notes
⬜ #18776	TCP checksums are ignored	😱 High	😱 Hard	Kernel bug	Update the kernel	blog