vi /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1
sysctl -p
than
kubeadm init
[ERROR FileContent–proc-sys-net-bridge-bridge-nf-call-iptables]: /proc/sys/net/bridge/bridge-nf-call-iptables contents are not set to 1
5 Replies
Tag Archives: docker
kubeadm [ERROR Swap]: running with swap on is not supported. Please disable swap
swapoff -a
Remove swap from /etc/fstab
union file systems overlay
mkdir -v lowerdir upperdir workdir overlay
sudo tree
.
├── lowerdir
├── overlay
├── upperdir
└── workdir
lowerdir layer (read only, base layer)
overlay layer (main view)
work layer (diff view, diff layer )
sudo mount -t overlay -o lowerdir=lowerdir,upperdir=upperdir,workdir=workdir overlay overlay
echo test > lowerdir/test
sudo tree
.
├── lowerdir
│ └── test
├── overlay
│ └── test
├── upperdir
└── workdir
└── work
echo 'some new data' >> overlay/test
sudo tree
.
├── lowerdir
│ └── test
├── overlay
│ └── test
├── upperdir
│ └── test
└── workdir
└── work
This is principe how docker is working.
graylog on docker
docker run --name some-mongo -d mongo:2
docker run --name some-elasticsearch -d elasticsearch:2 elasticsearch -Des.cluster.name="graylog"
docker run --link some-mongo:mongo --link some-elasticsearch:elasticsearch -p 9000:9000 -e GRAYLOG_WEB_ENDPOINT_URI="http://127.0.0.1:9000/api" -d graylog2/server
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
755577e84f2d graylog2/server "/docker-entrypoint.s" 23 minutes ago Up 23 minutes 0.0.0.0:9000->9000/tcp, 12900/tcp jolly_perlman
77cd7e84fcc8 elasticsearch:2 "/docker-entrypoint.s" 23 minutes ago Up 23 minutes 9200/tcp, 9300/tcp some-elasticsearch
718b27fbc679 mongo:2 "/entrypoint.sh mongo" 25 minutes ago Up 25 minutes 27017/tcp some-mongo
Failed to synchronize cache for repo ‘dockerrepo’, disabling
vi /etc/yum.repos.d/docker.repo
name=Docker Repository
baseurl=https://yum.dockerproject.org/repo/main/fedora/$releasever/
enabled=1
gpgcheck=1
gpgkey=https://yum.dockerproject.org/gpg
docker stop and remove all containers
sudo docker stop $(sudo docker ps -a -q) && sudo docker rm $(sudo docker ps -a -q)
docker run centos 7 with systemd
[root@ddf8f9b86831 /]# systemctl
Failed to get D-Bus connection: Operation not permitted
To fix use:
sudo docker run --name ccc1 -it --cap-add=SYS_ADMIN -e "container=docker" -ti -d -v /sys/fs/cgroup:/sys/fs/cgroup centos:7 /usr/sbin/init
or
sudo docker run --name ccc2 --privileged -ti -d milcom/centos7-systemd /usr/sbin/init
docker Failed to get D-Bus connection: Operation not permitted centos 7
sudo docker run --name test --privileged -d -ti docker.io/centos /usr/sbin/init
docker-storage-setup.service: Main process exited, code=exited, status=1/FAILURE
sudo dnf reinstall docker
Error response from daemon: Error running deviceCreate (createSnapDevice) dm_task_run failed
sudo -i
mv /var/lib/docker/ /var/lib/docker.backup
exit
sudo systemctl start docker
Usage of loopback devices is strongly discouraged for production use. Either use `–storage-opt dm.thinpooldev` or use `–storage-opt dm.no_warn_on_loop_devices=true` to suppress this warning.
vi /etc/sysconfig/docker-storage
DOCKER_STORAGE_OPTIONS="--storage-opt dm.no_warn_on_loop_devices=true"
nsenter
nsenter – run program with namespaces of other processes
PID=$(docker inspect –format {{.State.Pid}}
nsenter –target $PID –mount –uts –ipc –net –pid
docker images voume Permission denied
chcon -Rt svirt_sandbox_file_t /volume.to.docker/path
SELinux is preventing /bin/bash from getattr access on the chr_file /dev/pts/6. For complete SELinux messages. run sealert
setroubleshoot[2501]: SELinux is preventing /bin/bash from getattr access on the chr_file /dev/pts/6. For complete SELinux messages. run sealert -l 865f628b-7bed-4036-8df5-c4bf9ab57565
Lap 27 19:43:28 localhost.localdomain python[2501]: SELinux is preventing /bin/bash from getattr access on the chr_file /dev/pts/6.
***** Plugin catchall (100. confidence) suggests **************************
If you believe that bash should be allowed getattr access on the 6 chr_file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep bash /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp
Fix:
sudo systemctl stop docker.service
sudo dnf reinstall docker-selinux
sudo systemctl start docker.service
PWOpen: No such file or directory
rpm -e cracklib-dicts --nodeps && yum install cracklib-dicts -y