Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug]: docker install MO 0.8.0 failed #10593

Closed
1 task done
dengn opened this issue Jul 12, 2023 · 15 comments
Closed
1 task done

[Bug]: docker install MO 0.8.0 failed #10593

dengn opened this issue Jul 12, 2023 · 15 comments
Assignees
Labels
attention/doc-influence need to complete design document kind/bug Something isn't working needs-triage severity/s1 High impact: Logical errors or data errors that must occur
Milestone

Comments

@dengn
Copy link
Contributor

dengn commented Jul 12, 2023

Is there an existing issue for the same bug?

  • I have checked the existing issues.

Environment

- Version or commit-id (e.g. v0.1.0 or 8b23a93): 0.8.0
- Hardware parameters:
- OS type:
- Others:

Actual Behavior

original issue: matrixorigin/matrixorigin.io.cn#508

I've also recreated this issue in a centos 7.9 and docker version 1.13. The developer who fired this issue used docker version 24.0.4.

But this docker problem doesn't happen in debian 11.1 and macOS.

It seems to be a permission related issue.

Expected Behavior

No response

Steps to Reproduce

No response

Additional information

No response

@dengn dengn added kind/bug Something isn't working needs-triage severity/s-1 labels Jul 12, 2023
@dengn dengn added this to the 1.0.0 milestone Jul 12, 2023
@dengn
Copy link
Contributor Author

dengn commented Jul 12, 2023

with --privileged=true it is able to run now.

docker run -d -p 6001:6001 --name matrixone --privileged=true matrixorigin/matrixone:0.8.0

@loveRhythm1990
Copy link

related with: docker-library/golang#467

the best option maybe disable CGO. also can be fixed by use --priviledge option, we need add document to explain this before CGO is disabled

@dengn
Copy link
Contributor Author

dengn commented Jul 14, 2023

doc has been updated with this --priviledge option. Let's say this is a temporary fix for now. We may search for better solutions.

https://docs.matrixorigin.cn/0.8.0/MatrixOne/Get-Started/install-on-linux/install-on-linux-method3/#1-docker

image

But this is still a problem, users may still have doubt or don't have this privilege at all. As I know, for windows, this is a super painful operation.

@loveRhythm1990

This comment was marked as off-topic.

@loveRhythm1990
Copy link

in progress

@loveRhythm1990
Copy link

will check this issuer in next week

@loveRhythm1990
Copy link

sorry for delay, will check it in next few days

@loveRhythm1990
Copy link

I am working on it now

@loveRhythm1990
Copy link

loveRhythm1990 commented Aug 11, 2023

I can't reproduce this problem on centos 7 and docker 24.0.5 and 24.0.4, I will try reproduce it on lower version of docker

image

@loveRhythm1990
Copy link

loveRhythm1990 commented Aug 12, 2023

I cannot reproduce this issue on following env(I use a VMware virtual machine):

  1. centos 7, use image here: http://isoredirect.centos.org/centos/7/isos/x86_64/
[lr90@localhost ~]$ uname -a
Linux localhost 3.10.0-1160.el7.x86_64 #1 SMP Mon Oct 19 16:18:59 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
  1. docker version, I test version 24.0.5、24.0.4 and 18.06.3-ce, but 1.13 is too old(2017 year version), I did not test it (it is hard to install docker version 1.13 on centos, because of compatibly problem).

I install docker following steps here: https://docs.docker.com/engine/install/centos/#install-using-the-repository
then I startup MO by:

docker run -d -p 6001:6001 --name matrixone registry.cn-shanghai.aliyuncs.com/matrixorigin/matrixone:0.8.0

do I miss some points to reproduce this issue @dengn

@loveRhythm1990
Copy link

loveRhythm1990 commented Aug 15, 2023

I can reproduce this issue in tencent cloud centos machine with docker 1.13.1, but after I upgrade docker version to community version 24.0.5, MO can start normally. It is very likely that the inherited docker 1.13.1 is too old.

centos kernel version: 3.10.0-1160.88.1.el7.x86_64

@loveRhythm1990
Copy link

After communicating with person who open original issue, it turns out that the cause of this issue is version of docker client and docker server mismatched: the docker client version is 24.0.4 while the server version is 20.10.9. after upgrade docker server to 24.0.4 the probelm is solved.

The reason behind this maybe the 24.0.4 client may enable more default seccomp option while server not default allowed.

we may need to determine a porper docker version scope for our user.

image

@aylei
Copy link
Contributor

aylei commented Aug 15, 2023

@dengn @loveRhythm1990

The root cause is go 1.20.0 introduce a new syscall which will blocked by the default seccompl profile in older versions of docker engine. The problem has been fixed in moby/moby#43594, the fix is available in docker 23.x or 24.x version and has been back-ported to 20.10.18 (https://docs.docker.com/engine/release-notes/20.10/#201018)

We need to update the documentation to notice people that they should and --privileged=true if their docker version is lower than the above versions, or they can upgrade the docker version according to docker's doc.

@loveRhythm1990
Copy link

documents need update

@florashi181 florashi181 added the severity/s1 High impact: Logical errors or data errors that must occur label Aug 23, 2023
@loveRhythm1990
Copy link

@dengn hi, should this issue be closed ? since there is another issue tracing document enhancement

@dengn dengn closed this as completed Aug 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
attention/doc-influence need to complete design document kind/bug Something isn't working needs-triage severity/s1 High impact: Logical errors or data errors that must occur
Projects
None yet
Development

No branches or pull requests

5 participants