Bug #18867
closed
Must upgrade Docker to support containers with libc 2.33
100%
Description
The effect is
2022-03-15T15:07:57.132119688Z stderr ERROR: R_HOME ('/usr/lib/R') not found
This appears to be due to the bug reported here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1005906
The gist is:
- Container has glibc 2.33
- When checking if a file or directory is executable, the new glibc uses a different system call than it used to
- This system call is not on the list of permitted system calls inside Docker containers, so it gets a "operation not permitted" error
- Because it returns an error, it thinks the directory doesn't exist (although it does)
- As a result, R refuses to start, with a very misleading error message
This is reportedly fixed since Docker 20.10
This means we will need to upgrade to Docker 20.10 or later everywhere.
Updated by Peter Amstutz 11 months ago
- Subject changed from Upgrade Docker to support containers with libc 2.33 to Must upgrade Docker to support containers with libc 2.33
Updated by Peter Amstutz 11 months ago
- Target version changed from 2022-03-16 sprint to 2022-03-30 Sprint
Updated by Ward Vandewege 11 months ago
Ready for review at 0059c1f8145f14432c464929c67f0cc2bee89e10 on branch 18867-compute-image-new-minimum-docker-version
I built images for ce8i5 and tordo. I tested the tordo image by running the CWL hasher against it, cf. https://workbench.tordo.arvadosapi.com/container_requests/tordo-xvhdp-fzp65jk7mjq2vw6
Updated by Peter Amstutz 11 months ago
Ward Vandewege wrote:
Ready for review at 0059c1f8145f14432c464929c67f0cc2bee89e10 on branch 18867-compute-image-new-minimum-docker-version
I built images for ce8i5 and tordo. I tested the tordo image by running the CWL hasher against it, cf. https://workbench.tordo.arvadosapi.com/container_requests/tordo-xvhdp-fzp65jk7mjq2vw6
I suggest parameterizing the docker version, something like
dockerversion=5:20.10.13~3-0
$SUDO apt-get yq --no-install-recommends install docker-ce=${dockerversion}~$family$distro
The rest LGTM!
Updated by Ward Vandewege 11 months ago
Peter Amstutz wrote:
Ward Vandewege wrote:
Ready for review at 0059c1f8145f14432c464929c67f0cc2bee89e10 on branch 18867-compute-image-new-minimum-docker-version
I built images for ce8i5 and tordo. I tested the tordo image by running the CWL hasher against it, cf. https://workbench.tordo.arvadosapi.com/container_requests/tordo-xvhdp-fzp65jk7mjq2vw6
I suggest parameterizing the docker version, something like
dockerversion=5:20.10.13~3-0
$SUDO apt-getyq --no-install-recommends install docker-ce=${dockerversion}~$family$distroThe rest LGTM!
Thanks, merged with that change.
Updated by Ward Vandewege 11 months ago
- Status changed from In Progress to Resolved
Applied in changeset arvados|8d797490d2975aa0bf0473469ce76c3717efc261.