Rust-Railcar v1.0.4: railcar — Docker-like container OCI runtime implementation in Rust

icon
Latest Release: v1.0.4

railcar - rust implementation of the oci-runtime spec

railcar

What is railcar?

railcar is a rust implementation of the opencontainers initiative's runtime spec. It is similar to the reference implementation runc, but it is implemented completely in rust for memory safety without needing the overhead of a garbage collector or multiple threads. For more information on the development of railcar, check out Building a Container Runtime in Rust

Building railcar

wercker status

Install rust:

curl https://sh.rustup.rs -sSf | sh
cargo install cargo-when
rustup toolchain install stable-x86_64-unknown-linux-gnu
rustup default stable-x86_64-unknown-linux-gnu # for stable
rustup target install x86_64-unknown-linux-musl # for stable
rustup toolchain install nightly-x86_64-unknown-linux-gnu
rustup default nightly-x86_64-unknown-linux-gnu # for nightly
rustup target install x86_64-unknown-linux-musl # for nightly

Building can be done via build.sh:

build.sh

By default, build.sh builds a dynamic binary using gnu. To build a static binary, set TARGET to x86_64-unknown-linux-musl:

TARGET=x86_64-unknown-linux-musl ./build.sh

Build requirements for TARGET=x86_64-unknown-linux-gnu:

libseccomp-devel

Build requirements for TARGET=x86_64-unknown-linux-musl:

git submodule update --init
autotools
make
gcc
musl-gcc

To build a release version:

build.sh --release

If you build using stable instead of nightly, the set_name feature will be disabled and the init process inside the container will not be named rc-init when viewed via ps or /proc/$pid/cmdline.

Using railcar

./railcar run

You can specify a different bundle directory where your config.json is located with -b:

./railcar -b /some/other/directory run

Using railcar with docker

railcar can be used as a backend for docker. To use it, start the docker daemon with an additional backend:

dockerd ... --experimental --add-runtime "rc=/path/to/railcar"

Then you can use railcar by specifying the rc backend:

docker run -it --rm --runtime rc hello

Note that you should start the daemon with a terminal (the -t option) so that docker can properly collect stdout and stderr from railcar. If you want to daemonize the container, just use:

docker run -dt --rm --runtime rc hello

Differences from runc

In general, railcar is very similar to runc, but some of the runc commands are not supported. Currently, railcar does not support the following commands:

 checkpoint
 events
 exec
 init
 list
 pause
 restore
 resume
 spec

Also, railcar always runs an init process separately from the container process.

Contributing

railcar is an open source project. See CONTRIBUTING for details.

Oracle gratefully acknowledges the contributions to railcar that have been made by the community.

Getting in touch

The best way to get in touch is Slack.

Click here to join the the Oracle Container Tools workspace.

Then join the Railcar channel.

License

Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved.

railcar is dual licensed under the Universal Permissive License 1.0 and the Apache License 2.0.

See LICENSE for more details.

Comments

  • failure on systemd cgroup flag
    failure on systemd cgroup flag

    Sep 25, 2018

    [[email protected] ~]# docker run -it --runtime=railcar alpine 
    docker: Error response from daemon: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/551ea273e14d5adda4ca2ae3632721b6a4926a498b319a2d14eeddd62a5eb0c3/log.json: no such file or directory): /usr/local/bin/railcar did not terminate sucessfully: error: Found argument '--systemd-cgroup' which wasn't expected, or isn't valid in this context
    
    USAGE:
        railcar --log <log> --log-format <log-format> --root <r> <SUBCOMMAND>
    
    For more information try --help
    : unknown.
    

    Versions:

    [[email protected] ~]# railcar --version
    Railcar 1.0.4
    [[email protected] ~]# docker --version
    Docker version 18.06.1-ce, build e68fc7a
    [[email protected] ~]# uname -r
    3.10.0-862.11.6.el7.x86_64
    
    Reply
  • Adding cargo lock
    Adding cargo lock

    Dec 10, 2018

    This PR adds a Cargo.lock file to the repository.

    This is recommended behaviour according to the official Cargo documentation:

    If you’re building a library that other packages will depend on, put Cargo.lock in your .gitignore. If you’re building an executable like a command-line tool or an application, check Cargo.lock into git

    This change also means the easy building of a NixOS package

    Reply
  • CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem
    CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem

    Feb 20, 2019

    Is railcar vulnerable to this exploit? I tried using the docker-based exploit, but it requires the use of the "railcar exec" command, which is not yet implemented. Does that mean it is not possible to exploit it with railcar?

    ref: https://nvd.nist.gov/vuln/detail/CVE-2019-5736

    Reply
  • Update to Rust 2018 edition
    Update to Rust 2018 edition

    Mar 31, 2019

    Hey, this PR updates the project to use the latest Rust 2018 edition.

    Reply
  • chore (edition 2018, Cargo.lock)
    chore (edition 2018, Cargo.lock)

    Jun 22, 2019

    Superseeds changes from #46 and #44 - recreated changes since I already signed the CLA

    Reply
  • Clear Build Instructions
    Clear Build Instructions

    Jun 25, 2019

    Hi there,

    First off thanks. This project is interesting. But at the same time it is unbuildable.

    I understand this project is new and is in the process of gaining traction. However, the first thing anyone looking at experimental projects does is to go through the README and INSTALL file to understand how to build it. I faced the following issues whilst following the instructions in README (using both nightly and stable results in failure to build).

    % cargo install cargo-when --force
        Updating crates.io index
      Installing cargo-when v0.1.0
       Compiling libc v0.2.58
       Compiling bitflags v1.1.0
       Compiling unicode-width v0.1.5
       Compiling strsim v0.8.0
       Compiling ansi_term v0.11.0
       Compiling vec_map v0.8.1
       Compiling nom v1.2.4
       Compiling textwrap v0.11.0
       Compiling atty v0.2.11
       Compiling semver v0.2.3
       Compiling clap v2.33.0
       Compiling cargo-when v0.1.0
        Finished release [optimized] target(s) in 14.13s
       Replacing /home/borats/.cargo/bin/cargo-when
        Replaced package `cargo-when v0.1.0` with `cargo-when v0.1.0` (executable `cargo-when`)
    % rustup toolchain install nightly-x86_64-unknown-linux-gnu
    info: syncing channel updates for 'nightly-x86_64-unknown-linux-gnu'
    
      nightly-x86_64-unknown-linux-gnu unchanged - rustc 1.37.0-nightly (8aa42ed7c 2019-06-24)
    
    info: checking for self-updates
    % rustup default nightly-x86_64-unknown-linux-gnu
    info: using existing install for 'nightly-x86_64-unknown-linux-gnu'
    info: default toolchain set to 'nightly-x86_64-unknown-linux-gnu'
    
      nightly-x86_64-unknown-linux-gnu unchanged - rustc 1.37.0-nightly (8aa42ed7c 2019-06-24)
    
    % rustup target install x86_64-unknown-linux-musl
    info: component 'rust-std' for target 'x86_64-unknown-linux-musl' is up to date
    % ./build.sh
           Fresh autocfg v0.1.4
           Fresh cc v1.0.37
           Fresh unicode-xid v0.0.4
           Fresh quote v0.3.15
           Fresh serde v0.9.15
           Fresh cfg-if v0.1.9
           Fresh void v1.0.2
           Fresh dtoa v0.4.4
           Fresh itoa v0.3.4
           Fresh unicode-width v0.1.5
           Fresh rustc-demangle v0.1.15
           Fresh error-chain v0.11.0
           Fresh vec_map v0.8.1
           Fresh ansi_term v0.11.0
           Fresh strsim v0.8.0
           Fresh scopeguard v0.3.3
           Fresh lazy_static v1.3.0
           Fresh synom v0.11.3
           Fresh log v0.4.6
           Fresh textwrap v0.11.0
       Compiling railcar v1.0.4 (/home/borats/railcar)
           Fresh libc v0.2.58
           Fresh syn v0.11.11
           Fresh bitflags v1.1.0
         Running `/home/borats/railcar/target/debug/build/railcar-97580fb017f47a4c/build-script-build`
           Fresh num-traits v0.2.8
           Fresh backtrace-sys v0.1.28
           Fresh serde_codegen_internals v0.14.2
           Fresh nix v0.14.1
           Fresh atty v0.2.11
           Fresh errno v0.2.4
           Fresh nix v0.11.1
           Fresh seccomp-sys v0.1.2
           Fresh num-traits v0.1.43
           Fresh serde_derive v0.9.15
           Fresh backtrace v0.3.31
           Fresh caps v0.2.0
           Fresh prctl v1.0.0
           Fresh clap v2.33.0
           Fresh serde_json v0.9.10
           Fresh error-chain v0.10.0
           Fresh oci v0.1.0 (/home/borats/railcar/oci)
         Running `rustc --crate-name railcar src/main.rs --color always --crate-type bin --emit=dep-info,link -C debuginfo=2 --cfg 'feature="nightly"' -C metadata=12d0de802f07e3fd -C extra-filename=-12d0de802f07e3fd --out-dir /home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps --target x86_64-unknown-linux-gnu -C incremental=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/incremental -L dependency=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps -L dependency=/home/borats/railcar/target/debug/deps --extern caps=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libcaps-67d173d58ebaebb3.rlib --extern clap=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libclap-eb82d8d1deb68ea9.rlib --extern error_chain=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liberror_chain-750966dd47db576b.rlib --extern lazy_static=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liblazy_static-f8ceff266b2f605c.rlib --extern libc=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liblibc-ec4a4f7dac2918e1.rlib --extern log=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liblog-fd8c27578fe85362.rlib --extern nix=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libnix-1c93976f2ea74ddf.rlib --extern num_traits=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libnum_traits-b589b2077b20211c.rlib --extern oci=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liboci-22f042852e491cad.rlib --extern prctl=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libprctl-eff9f095377cf6ec.rlib --extern scopeguard=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libscopeguard-4169729df20e381e.rlib --extern seccomp_sys=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libseccomp_sys-c808e7f6ba5ce040.rlib -L native=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/build/backtrace-sys-7891320c1b99be3c/out`
    error[E0463]: can't find crate for `alloc_system`
     --> src/main.rs:6:1
      |
    6 | extern crate alloc_system;
      | ^^^^^^^^^^^^^^^^^^^^^^^^^^ can't find crate
    
    error: aborting due to previous error
    
    For more information about this error, try `rustc --explain E0463`.
    error: Could not compile `railcar`.
    
    Caused by:
      process didn't exit successfully: `rustc --crate-name railcar src/main.rs --color always --crate-type bin --emit=dep-info,link -C debuginfo=2 --cfg 'feature="nightly"' -C metadata=12d0de802f07e3fd -C extra-filename=-12d0de802f07e3fd --out-dir /home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps --target x86_64-unknown-linux-gnu -C incremental=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/incremental -L dependency=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps -L dependency=/home/borats/railcar/target/debug/deps --extern caps=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libcaps-67d173d58ebaebb3.rlib --extern clap=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libclap-eb82d8d1deb68ea9.rlib --extern error_chain=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liberror_chain-750966dd47db576b.rlib --extern lazy_static=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liblazy_static-f8ceff266b2f605c.rlib --extern libc=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liblibc-ec4a4f7dac2918e1.rlib --extern log=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liblog-fd8c27578fe85362.rlib --extern nix=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libnix-1c93976f2ea74ddf.rlib --extern num_traits=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libnum_traits-b589b2077b20211c.rlib --extern oci=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/liboci-22f042852e491cad.rlib --extern prctl=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libprctl-eff9f095377cf6ec.rlib --extern scopeguard=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libscopeguard-4169729df20e381e.rlib --extern seccomp_sys=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/deps/libseccomp_sys-c808e7f6ba5ce040.rlib -L native=/home/borats/railcar/target/x86_64-unknown-linux-gnu/debug/build/backtrace-sys-7891320c1b99be3c/out` (exit code: 1)
    cp: cannot stat 'target/x86_64-unknown-linux-gnu/debug/railcar': No such file or directory
    

    Any chance you could provide an up-to date README? Thanks

    Reply
  • Can this work with podman?
    Can this work with podman?

    Jun 25, 2019

    The readme mentions using this with docker, I'm curious if it can be used with podman in the same way?

    Reply
  • Compilation produces 'mismatched types' error on newer kernel
    Compilation produces 'mismatched types' error on newer kernel

    Jun 27, 2019

    Attempted to build on Intel Clear Linux with the Rust nightly compiler and got the following error:

    error[E0308]: mismatched types
      --> src/nix_ext.rs:50:40
       |
    50 |     let res = unsafe { libc::setrlimit(resource, rlim) };
       |                                        ^^^^^^^^ expected u32, found i32
    
    

    rustc and kernel version:

    [email protected]~/dev/rust/railcar $ rustc --version
    rustc 1.35.0 (3c235d560 2019-05-20)
    [email protected]~/dev/rust/railcar $ uname -a
    Linux thinkclear 5.1.12-785.native #1 SMP Wed Jun 19 07:09:10 UTC 2019 x86_64 GNU/Linux
    

    I was able to get it built with this patch but I do not know if it's generally applicable, or if I have fully tested that my binary built with this change actually works.

    Reply
  • Status of the project
    Status of the project

    Sep 24, 2019

    Hey, I really like the idea of having a Rust OCI runtime, but this project does not seem to have a clear maintainership, right?

    Is it still supported by oracle? Do you consider having a base set of code owners to bring the project forward?

    Reply
  • Fix some type bugs with latest rust language
    Fix some type bugs with latest rust language

    Oct 14, 2019

                                                                                                                                                                                                           
    Reply
  • Logger has hardcoded path to vishvananda's log directory
    Logger has hardcoded path to vishvananda's log directory

    Jun 30, 2017

    Looking through the source for logger.rs, it appears the directory specified by @vishvananda is still in there. I'm happy to submit a PR to something more generic like /var/log but maybe it's better to make this configurable.

    Reply
  • log output accordingly : either --log or stdout
    log output accordingly : either --log or stdout

    Jan 23, 2018

    Was unable to get debug log to logfile. Hence, added a value 'logfile' to SimpleLogger log checks if the value of --log attribute is empty or not. If there is a value, it writes to the mentioned file, else it goes to stderr/stdout.

    Reply
  • Bump nix version number
    Bump nix version number

    Oct 5, 2017

    From nix 0.8.0 to 0.9.0.

    Reply
  • Platform should be optional
    Platform should be optional

    Oct 19, 2017

    Hi,

    struct Spec's member platform should be optional, because current docker seems not to provide this in its config.json when invoke the runtime via docker-containerd-shim. So this instruction is now broken.

    (tested with Docker 17.09.0-ce on Ubuntu Zesty)

    $ docker info
    Containers: 22                      
     Running: 1                         
     Paused: 0                          
     Stopped: 21                                                             
    Images: 1                                                                
    Server Version: 17.09.0-ce          
    Storage Driver: overlay2            
     Backing Filesystem: extfs          
     Supports d_type: true              
     Native Overlay Diff: true          
    Logging Driver: json-file           
    Cgroup Driver: cgroupfs             
    Plugins:                            
     Volume: local                      
     Network: bridge host ipvlan macvlan null overlay
     Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
    Swarm: inactive                     
    Runtimes: rc runc                                                        
    Default Runtime: runc               
    Init Binary: docker-init            
    containerd version: 06b9cb35161009dcb7123345749fef02f7cea8e0
    runc version: 3f2f8b84a77f73d38244dd690525642a72156c64
    init version: 949e6fa               
    Security Options: 
     apparmor 
     seccomp 
      Profile: default                  
    Kernel Version: 4.10.0-37-generic   
    Operating System: Ubuntu 17.04      
    OSType: linux                       
    Architecture: x86_64                
    CPUs: 2                             
    Total Memory: 989.8MiB              
    Name: ubuntu-zesty                  
    ID: ...          
    Docker Root Dir: /var/lib/docker    
    Debug Mode (client): false          
    Debug Mode (server): true           
     File Descriptors: 26               
     Goroutines: 42                     
     System Time: 2017-10-20T03:21:52.575539454Z                             
     EventsListeners: 0                 
    Registry: https://index.docker.io/v1/                                    
    Experimental: true                  
    Insecure Registries:                
     127.0.0.0/8                        
    Live Restore Enabled: false         
    
    WARNING: No swap limit support      
    
    Reply
  • caps: wishlists and filling gaps
    caps: wishlists and filling gaps

    Jun 29, 2017

    Hi, caps-rs author here. I was happily looking at your usecase, trying to identify existing gaps and bits that can be incorporated directly in the lib.

    So far I think I have seen:

    • adding a serde-derive for Serialize/Deserialize directly on caps::Capability
    • adding some kind of all() returning a full hashset

    Both seems reasonably feasible and easy to add. Any other feedback on it?

    Reply
  • init
    init

    Jun 30, 2017

    Also, railcar always runs an init process separately from the container process.

    Does that mean that we'll have two init processes, when the container comes with one?

    Reply
  • Fixes compilation for the mips architecture
    Fixes compilation for the mips architecture

    Jul 19, 2017

    The signal SIGSTKFLT is not supported on mips. Improves the conversion from str to Signal.

    Reply
  • unable to start container
    unable to start container

    Jul 18, 2017

    #docker run -d --runtime rc busybox top 677dbdda10bab368e63fc641c96d1367230294170d2cb930e8030c985a469c9d docker: Error response from daemon: containerd: container not started.

    #docker logs 677dbdda10bab368e63fc641c96d1367230294170d2cb930e8030c985a469c9d [8/1875] ERROR - failed to load config.json ERROR - caused by: invalid type: map, expected a sequence at line 1 column 304 ERROR - caused by: invalid type: map, expected a sequence at line 1 column 304 ERROR - stack backtrace: 0: 0x7fc7d8535d14 - backtrace::backtrace::libunwind::trace at /root/.cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.2/src/backtrace/libunwind.rs:53 - backtrace::backtrace::trace at /root/.cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.2/src/backtrace/mod.rs:42 1: 0x7fc7d85360ce - backtrace::capture::{{impl}}::new at /root/.cargo/registry/src/github.com-1ecc6299db9ec823/backtrace-0.3.2/src/capture.rs:64 2: 0x7fc7d852bc2c - error_chain::make_backtrace at /root/.cargo/registry/src/github.com-1ecc6299db9ec823/error-chain-0.10.0/src/lib.rs:417 3: 0x7fc7d847dedc - core::ops::FnOnce::call_once<fn() -> core::option::Option<alloc::arc::Arcbacktrace::capture::Backtrace>,()> at /checkout/src/libcore/ops.rs:2626 4: 0x7fc7d8443f88 - core::option::{{impl}}::or_else<alloc::arc::Arcbacktrace::capture::Backtrace,fn() -> core::option::Option<alloc::arc::Arcbacktrace::capture::Backtrace>> at /checkout/src/libcore/option.rs:640 5: 0x7fc7d843a17f - error_chain::{{impl}}::newrailcar::errors::Error at /root/.cargo/registry/src/github.com-1ecc6299db9ec823/error-chain-0.10.0/src/lib.rs:518 6: 0x7fc7d8516275 - railcar::errors::{{impl}}::chain_err::{{closure}}oci::Spec,oci::serialize::SerializeError,closure,collections::string::String at /home/shenling.yyb/code/railcar/<error_chain_processed macros>:131 7: 0x7fc7d846a4c6 - core::result::{{impl}}::map_erroci::Spec,oci::serialize::SerializeError,railcar::errors::Error,closure at /checkout/src/libcore/result.rs:486 8: 0x7fc7d850a4f5 - railcar::errors::{{impl}}::chain_erroci::Spec,oci::serialize::SerializeError,closure,collections::string::String at /home/shenling.yyb/code/railcar/<error_chain_processed macros>:129 9: 0x7fc7d84ea771 - railcar::cmd_create at /home/shenling.yyb/code/railcar/src/main.rs:379 10: 0x7fc7d84e7ee2 - railcar::run at /home/shenling.yyb/code/railcar/src/main.rs:294 11: 0x7fc7d84e6582 - railcar::main at /home/shenling.yyb/code/railcar/src/main.rs:213 12: 0x7fc7d8806aaa - panic_unwind::__rust_maybe_catch_panic at /checkout/src/libpanic_unwind/lib.rs:98 13: 0x7fc7d88003cd - std::panicking::try<(),fn()> at /checkout/src/libstd/panicking.rs:433 - std::panic::catch_unwind<fn(),()> at /checkout/src/libstd/panic.rs:361 - std::rt::lang_start at /checkout/src/libstd/rt.rs:57 14: 0x7fc7d8519fb2 - main 15: 0x7fc7d7850b14 - __libc_start_main 16: 0x7fc7d8431eac - 17: 0x0 -

    #./railcar --version ./railcar version: 0.1.0

    build from git branch v1.0.0: #git status On branch v1.0.0

    Reply
  • Unable to use rc as runtime for docker : run command hangs indefinitely.
    Unable to use rc as runtime for docker : run command hangs indefinitely.

    Jan 23, 2018

    Steps performed :

    1. compile and build railcar. rc is an alias.
    $ rc -V
    Railcar 1.0.4
    
    1. added railcar as runtime for docker
     $ cat work/src/scripts/do_run_dockerd.sh 
    sudo /usr/bin/dockerd --debug --log-level debug --data-root /home/rgade/docker-data-root --exec-root /home/rgade/docker-exec-root  --pidfile /home/rgade/docker.pid  --experimental --add-runtime "rc=/home/rgade/railcar/railcar" -H unix:///home/rgade/docker.sock -H tcp://0.0.0.0:2375
    
    1. Started docker daemon log is listed below.

    2. tried to run two containers, one as daemon , one with command

    • This one hung indedinitely. $ docker run -dt --rm --runtime rc nginx d3a1605e166db1bc66307b44ced44b1f25b98621b08b4ead59888314bdcd57e7

    • This one ended with Error response after a while. $ docker run -d --runtime rc busybox top ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c docker: Error response from daemon: ttrpc: client shutting down: EOF: unknown.

    docker ps -a output

     $ docker ps -a
    CONTAINER ID        IMAGE               COMMAND                  CREATED             STATUS              PORTS               NAMES
    ef6b37f13ff4        busybox             "top"                    25 minutes ago      Created                                 boring_wiles
    d3a1605e166d        nginx               "nginx -g 'daemon of…"   27 minutes ago      Created                                 nostalgic_hugle
    

    docker version

    $ docker version Client: Version: 18.01.0-ce API version: 1.35 Go version: go1.9.2 Git commit: 03596f51b1 Built: Sun Jan 14 23:10:39 2018 OS/Arch: linux/amd64 Experimental: false Orchestrator: swarm

    Server: Engine: Version: 18.01.0-ce API version: 1.35 (minimum version 1.12) Go version: go1.9.2 Git commit: 03596f51b1 Built: Sun Jan 14 23:11:14 2018 OS/Arch: linux/amd64 Experimental: true

    what I couldn't find.

    1. Log of railcar when run as docker backed. One of my query is whether this is implemented or not ( logging of railcar when used as backed for docker ). did try this though :
    sudo /usr/bin/dockerd --debug --log-level debug --data-root /home/rgade/docker-data-root --exec-root /home/rgade/docker-exec-root  --pidfile /home/rgade/docker.pid  --experimental --add-runtime "rc=/home/rgade/railcar/railcar -v --log /home/rgade/rc.log " -H unix:///home/rgade/docker.sock -H tcp://0.0.0.0:2375
    

    Didn't work, of course. Not really sure if that is the way!

    Couldn't get logs for railcar run -v --log <filename> <subcommand> as well. Couldn't see accessing logfile in code. Saw your PR #30 for 17.12 changes but does it also write to log file after touch ing it?

    Log when run command was executed for nginx

    time="2018-01-23T12:56:15.967017788+05:30" level=debug msg="Calling POST /v1.35/containers/create" time="2018-01-23T12:56:15.967337209+05:30" level=debug msg="form data: {"AttachStderr":false,"AttachStdin":false,"AttachStdout":false,"Cmd":null,"Domainname":"","Entrypoint":null,"Env":[],"HostConfig":{"AutoRemove":true,"Binds":null,"BlkioDeviceReadBps":null,"BlkioDeviceReadIOps":null,"BlkioDeviceWriteBps":null,"BlkioDeviceWriteIOps":null,"BlkioWeight":0,"BlkioWeightDevice":[],"CapAdd":null,"CapDrop":null,"Cgroup":"","CgroupParent":"","ConsoleSize":[0,0],"ContainerIDFile":"","CpuCount":0,"CpuPercent":0,"CpuPeriod":0,"CpuQuota":0,"CpuRealtimePeriod":0,"CpuRealtimeRuntime":0,"CpuShares":0,"CpusetCpus":"","CpusetMems":"","DeviceCgroupRules":null,"Devices":[],"DiskQuota":0,"Dns":[],"DnsOptions":[],"DnsSearch":[],"ExtraHosts":null,"GroupAdd":null,"IOMaximumBandwidth":0,"IOMaximumIOps":0,"IpcMode":"","Isolation":"","KernelMemory":0,"Links":null,"LogConfig":{"Config":{},"Type":""},"Memory":0,"MemoryReservation":0,"MemorySwap":0,"MemorySwappiness":-1,"NanoCpus":0,"NetworkMode":"default","OomKillDisable":false,"OomScoreAdj":0,"PidMode":"","PidsLimit":0,"PortBindings":{},"Privileged":false,"PublishAllPorts":false,"ReadonlyRootfs":false,"RestartPolicy":{"MaximumRetryCount":0,"Name":"no"},"Runtime":"rc","SecurityOpt":null,"ShmSize":0,"UTSMode":"","Ulimits":null,"UsernsMode":"","VolumeDriver":"","VolumesFrom":null},"Hostname":"","Image":"nginx","Labels":{},"NetworkingConfig":{"EndpointsConfig":{}},"OnBuild":null,"OpenStdin":false,"StdinOnce":false,"Tty":true,"User":"","Volumes":{},"WorkingDir":""}" time="2018-01-23T12:56:16.115736991+05:30" level=debug msg="container mounted via layerStore: &{/home/rgade/docker-data-root/overlay2/e773fd14e1e23e71b59c088bc506bd3e8690142f9f9c609083c482c42f82384a/merged 0x55c998dc10e0 0x55c998dc10e0}" time="2018-01-23T12:56:16.217428012+05:30" level=debug msg="Calling POST /v1.35/containers/d3a1605e166db1bc66307b44ced44b1f25b98621b08b4ead59888314bdcd57e7/wait?condition=removed" time="2018-01-23T12:56:16.218423541+05:30" level=debug msg="Calling POST /v1.35/containers/d3a1605e166db1bc66307b44ced44b1f25b98621b08b4ead59888314bdcd57e7/start" time="2018-01-23T12:56:16.220286574+05:30" level=debug msg="container mounted via layerStore: &{/home/rgade/docker-data-root/overlay2/e773fd14e1e23e71b59c088bc506bd3e8690142f9f9c609083c482c42f82384a/merged 0x55c998dc10e0 0x55c998dc10e0}" time="2018-01-23T12:56:16.221067450+05:30" level=debug msg="Assigning addresses for endpoint nostalgic_hugle's interface on network bridge" time="2018-01-23T12:56:16.221118112+05:30" level=debug msg="RequestAddress(LocalDefault/172.17.0.0/16, , map[])" time="2018-01-23T12:56:16.305129365+05:30" level=debug msg="Assigning addresses for endpoint nostalgic_hugle's interface on network bridge" time="2018-01-23T12:56:16.463674041+05:30" level=debug msg="Programming external connectivity on endpoint nostalgic_hugle (b99f4cb5aea4cc3dd5f32a5e43405d3b33ac840068b9c265e6b590696c799be7)" time="2018-01-23T12:56:16.505383138+05:30" level=debug msg="EnableService d3a1605e166db1bc66307b44ced44b1f25b98621b08b4ead59888314bdcd57e7 START" time="2018-01-23T12:56:16.505444755+05:30" level=debug msg="EnableService d3a1605e166db1bc66307b44ced44b1f25b98621b08b4ead59888314bdcd57e7 DONE" time="2018-01-23T12:56:16.534986694+05:30" level=debug msg="bundle dir created" bundle=/home/rgade/docker-exec-root/containerd/d3a1605e166db1bc66307b44ced44b1f25b98621b08b4ead59888314bdcd57e7 module=libcontainerd namespace=moby root=/home/rgade/docker-data-root/overlay2/e773fd14e1e23e71b59c088bc506bd3e8690142f9f9c609083c482c42f82384a/merged time="2018-01-23T12:56:16+05:30" level=debug msg="event published" module="containerd/containers" ns=moby topic="/containers/create" type=containerd.events.ContainerCreate time="2018-01-23T12:56:16+05:30" level=info msg="shim docker-containerd-shim started" address="/containerd-shim/moby/d3a1605e166db1bc66307b44ced44b1f25b98621b08b4ead59888314bdcd57e7/shim.sock" debug=true module="containerd/tasks" pid=3683 time="2018-01-23T12:56:16+05:30" level=debug msg="registering ttrpc server" time="2018-01-23T12:56:16+05:30" level=debug msg="serving api on unix socket" socket="[inherited from parent]"** time="2018-01-23T12:56:20.037948729+05:30" level=debug msg="Calling GET /_ping" time="2018-01-23T12:56:20.038363211+05:30" level=debug msg="Calling GET /v1.35/containers/json" time="2018-01-23T12:56:21.857977024+05:30" level=debug msg="Calling GET /_ping" time="2018-01-23T12:56:21.858486285+05:30" level=debug msg="Calling GET /v1.35/containers/json?all=1" time="2018-01-23T12:58:14.998614842+05:30" level=debug msg="Calling GET /_ping"

    Log when busybox top command was executed

    time="2018-01-23T12:58:15.000655981+05:30" level=debug msg="Calling POST /v1.35/containers/create" time="2018-01-23T12:58:15.001056327+05:30" level=debug msg="form data: {"AttachStderr":false,"AttachStdin":false,"AttachStdout":false,"Cmd":["top"],"Domainname":"","Entrypoint":null,"Env":[],"HostConfig":{"AutoRemove":false,"Binds":null,"BlkioDeviceReadBps":null,"BlkioDeviceReadIOps":null,"BlkioDeviceWriteBps":null,"BlkioDeviceWriteIOps":null,"BlkioWeight":0,"BlkioWeightDevice":[],"CapAdd":null,"CapDrop":null,"Cgroup":"","CgroupParent":"","ConsoleSize":[0,0],"ContainerIDFile":"","CpuCount":0,"CpuPercent":0,"CpuPeriod":0,"CpuQuota":0,"CpuRealtimePeriod":0,"CpuRealtimeRuntime":0,"CpuShares":0,"CpusetCpus":"","CpusetMems":"","DeviceCgroupRules":null,"Devices":[],"DiskQuota":0,"Dns":[],"DnsOptions":[],"DnsSearch":[],"ExtraHosts":null,"GroupAdd":null,"IOMaximumBandwidth":0,"IOMaximumIOps":0,"IpcMode":"","Isolation":"","KernelMemory":0,"Links":null,"LogConfig":{"Config":{},"Type":""},"Memory":0,"MemoryReservation":0,"MemorySwap":0,"MemorySwappiness":-1,"NanoCpus":0,"NetworkMode":"default","OomKillDisable":false,"OomScoreAdj":0,"PidMode":"","PidsLimit":0,"PortBindings":{},"Privileged":false,"PublishAllPorts":false,"ReadonlyRootfs":false,"RestartPolicy":{"MaximumRetryCount":0,"Name":"no"},"Runtime":"rc","SecurityOpt":null,"ShmSize":0,"UTSMode":"","Ulimits":null,"UsernsMode":"","VolumeDriver":"","VolumesFrom":null},"Hostname":"","Image":"busybox","Labels":{},"NetworkingConfig":{"EndpointsConfig":{}},"OnBuild":null,"OpenStdin":false,"StdinOnce":false,"Tty":false,"User":"","Volumes":{},"WorkingDir":""}" time="2018-01-23T12:58:15.160084075+05:30" level=debug msg="container mounted via layerStore: &{/home/rgade/docker-data-root/overlay2/b19f835f06529a1e9fd54e19d1629c61383961b8315069220049943ad468f0c9/merged 0x55c998dc10e0 0x55c998dc10e0}" time="2018-01-23T12:58:15.289854905+05:30" level=debug msg="Calling POST /v1.35/containers/ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c/wait?condition=next-exit" time="2018-01-23T12:58:15.290809147+05:30" level=debug msg="Calling POST /v1.35/containers/ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c/start" time="2018-01-23T12:58:15.292197939+05:30" level=debug msg="container mounted via layerStore: &{/home/rgade/docker-data-root/overlay2/b19f835f06529a1e9fd54e19d1629c61383961b8315069220049943ad468f0c9/merged 0x55c998dc10e0 0x55c998dc10e0}" time="2018-01-23T12:58:15.292905090+05:30" level=debug msg="Assigning addresses for endpoint boring_wiles's interface on network bridge" time="2018-01-23T12:58:15.292956264+05:30" level=debug msg="RequestAddress(LocalDefault/172.17.0.0/16, , map[])" time="2018-01-23T12:58:15.399990240+05:30" level=debug msg="Assigning addresses for endpoint boring_wiles's interface on network bridge" time="2018-01-23T12:58:15.608321003+05:30" level=debug msg="Programming external connectivity on endpoint boring_wiles (c6f1bee88855a83e11c77860291c5b9e1e4ea7e39dfd515c78da3c1bc6b05201)" time="2018-01-23T12:58:15.649952419+05:30" level=debug msg="EnableService ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c START" time="2018-01-23T12:58:15.650012862+05:30" level=debug msg="EnableService ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c DONE" time="2018-01-23T12:58:15.690161560+05:30" level=debug msg="bundle dir created" bundle=/home/rgade/docker-exec-root/containerd/ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c module=libcontainerd namespace=moby root=/home/rgade/docker-data-root/overlay2/b19f835f06529a1e9fd54e19d1629c61383961b8315069220049943ad468f0c9/merged time="2018-01-23T12:58:15+05:30" level=debug msg="event published" module="containerd/containers" ns=moby topic="/containers/create" type=containerd.events.ContainerCreate time="2018-01-23T12:58:15+05:30" level=info msg="shim docker-containerd-shim started" address="/containerd-shim/moby/ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c/shim.sock" debug=true module="containerd/tasks" pid=3759 time="2018-01-23T12:58:15+05:30" level=debug msg="registering ttrpc server" time="2018-01-23T12:58:15+05:30" level=debug msg="serving api on unix socket" socket="[inherited from parent]" time="2018-01-23T12:58:16+05:30" level=debug msg="event published" module="containerd/tasks" ns=moby topic="/tasks/create" type=containerd.events.TaskCreate time="2018-01-23T12:58:16.023661011+05:30" level=debug msg=event module=libcontainerd namespace=moby topic=/tasks/create time="2018-01-23T12:58:16+05:30" level=error msg="OCI runtime state failed: unable to retrieve OCI runtime error (open /home/rgade/docker-exec-root/containerd/daemon/io.containerd.runtime.v1.linux/moby/ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c/log.json: no such file or directory): invalid character 'W' looking for beginning of value: unknown" module="containerd/tasks" time="2018-01-23T12:58:16+05:30" level=fatal msg="containerd-shim: ttrpc server failure" error="ttrpc: server close" time="2018-01-23T12:58:16+05:30" level=debug msg="received signal" module=containerd signal=child exited time="2018-01-23T12:58:16+05:30" level=info msg="shim reaped" id=ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c module="containerd/tasks" time="2018-01-23T12:58:16+05:30" level=warning msg="cleaning up after killed shim" id=ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c module="containerd/tasks" namespace=moby time="2018-01-23T12:58:16+05:30" level=debug msg="received signal" module=containerd signal=child exited time="2018-01-23T12:58:16+05:30" level=debug msg="received signal" module=containerd signal=child exited time="2018-01-23T12:58:16+05:30" level=debug msg="event published" ns=moby topic="/tasks/exit" type=containerd.events.TaskExit time="2018-01-23T12:58:16.228476413+05:30" level=debug msg=event module=libcontainerd namespace=moby topic=/tasks/exit time="2018-01-23T12:58:16+05:30" level=debug msg="event published" ns=moby topic="/tasks/delete" type=containerd.events.TaskDelete time="2018-01-23T12:58:16.228540920+05:30" level=warning msg="Ignoring Exit Event, no such exec command found" container=ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c exec-id=ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c exec-pid=3769 time="2018-01-23T12:58:16.228713994+05:30" level=debug msg=event module=libcontainerd namespace=moby topic=/tasks/delete time="2018-01-23T12:58:16.228734124+05:30" level=info msg="ignoring event" module=libcontainerd namespace=moby topic=/tasks/delete type="*events.TaskDelete" time="2018-01-23T12:58:16+05:30" level=debug msg="received signal" module=containerd signal=terminated time="2018-01-23T12:58:16.232833575+05:30" level=error msg="failed to get event" error="rpc error: code = Internal desc = transport is closing" module=libcontainerd namespace=moby time="2018-01-23T12:58:16.232961375+05:30" level=error msg="failed to delete task after fail start" container=ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c error="transport is closing: unknown" module=libcontainerd namespace=moby time="2018-01-23T12:58:16.237339462+05:30" level=error msg="stream copy error: reading from a closed fifo" time="2018-01-23T12:58:16.232832590+05:30" level=error msg="failed to get event" error="rpc error: code = Internal desc = transport is closing" module=libcontainerd namespace=plugins.moby time="2018-01-23T12:58:19.365667766+05:30" level=debug msg="daemon is not responding" binary=docker-containerd error="rpc error: code = DeadlineExceeded desc = context deadline exceeded" module=libcontainerd time="2018-01-23T12:58:19.367399412+05:30" level=info msg="libcontainerd: started new docker-containerd process" pid=3782 time="2018-01-23T12:58:19+05:30" level=info msg="starting containerd" module=containerd revision=89623f28b87a6004d4b785663257362d1658a729 version=v1.0.0 time="2018-01-23T12:58:19+05:30" level=info msg="setting subreaper..." module=containerd time="2018-01-23T12:58:19+05:30" level=info msg="changing OOM score to -500" module=containerd time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.content.v1.content"..." module=containerd type=io.containerd.content.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.btrfs"..." module=containerd type=io.containerd.snapshotter.v1 time="2018-01-23T12:58:19+05:30" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.btrfs" error="path /home/rgade/docker-data-root/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter" module=containerd time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.snapshotter.v1.overlayfs"..." module=containerd type=io.containerd.snapshotter.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.metadata.v1.bolt"..." module=containerd type=io.containerd.metadata.v1 time="2018-01-23T12:58:19+05:30" level=warning msg="could not use snapshotter btrfs in metadata plugin" error="path /home/rgade/docker-data-root/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter" module="containerd/io.containerd.metadata.v1.bolt" time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.differ.v1.walking"..." module=containerd type=io.containerd.differ.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.gc.v1.scheduler"..." module=containerd type=io.containerd.gc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.containers"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.content"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.diff"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.events"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.healthcheck"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.images"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.leases"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.namespaces"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.snapshots"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.monitor.v1.cgroups"..." module=containerd type=io.containerd.monitor.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.runtime.v1.linux"..." module=containerd type=io.containerd.runtime.v1 time="2018-01-23T12:58:19+05:30" level=debug msg="loading tasks in namespace" module="containerd/io.containerd.runtime.v1.linux" namespace=moby time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.tasks"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.version"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg="loading plugin "io.containerd.grpc.v1.introspection"..." module=containerd type=io.containerd.grpc.v1 time="2018-01-23T12:58:19+05:30" level=info msg=serving... address="/home/rgade/docker-exec-root/containerd/docker-containerd-debug.sock" module="containerd/debug" time="2018-01-23T12:58:19+05:30" level=info msg=serving... address="/home/rgade/docker-exec-root/containerd/docker-containerd.sock" module="containerd/grpc" time="2018-01-23T12:58:19+05:30" level=info msg="containerd successfully booted in 0.013588s" module=containerd time="2018-01-23T12:58:19+05:30" level=debug msg="received signal" module=containerd signal=broken pipe time="2018-01-23T12:58:19+05:30" level=debug msg="event published" module="containerd/containers" ns=moby topic="/containers/delete" type=containerd.events.ContainerDelete time="2018-01-23T12:58:19+05:30" level=debug msg="garbage collected" d=68.424828ms module="containerd/io.containerd.gc.v1.scheduler" time="2018-01-23T12:58:19.583679923+05:30" level=debug msg="Revoking external connectivity on endpoint boring_wiles (c6f1bee88855a83e11c77860291c5b9e1e4ea7e39dfd515c78da3c1bc6b05201)" time="2018-01-23T12:58:19.587519776+05:30" level=debug msg="DeleteConntrackEntries purged ipv4:0, ipv6:0" time="2018-01-23T12:58:19.808334991+05:30" level=debug msg="Releasing addresses for endpoint boring_wiles's interface on network bridge" time="2018-01-23T12:58:19.808402932+05:30" level=debug msg="ReleaseAddress(LocalDefault/172.17.0.0/16, 172.17.0.3)" time="2018-01-23T12:58:19.931098021+05:30" level=error msg="ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c cleanup: failed to delete container from containerd: no such container" time="2018-01-23T12:58:19.931211392+05:30" level=error msg="Handler for POST /v1.35/containers/ef6b37f13ff4b30d88484f43606d4f3f910a0a8701ef2c7a25ad98dcb460c95c/start returned error: ttrpc: client shutting down: EOF: unknown"

    time="2018-01-23T12:58:29.479560177+05:30" level=debug msg="Calling GET /_ping" time="2018-01-23T12:58:29.480027996+05:30" level=debug msg="Calling GET /v1.35/containers/json" time="2018-01-23T12:58:31.099764158+05:30" level=debug msg="Calling GET /_ping" time="2018-01-23T12:58:31.100198302+05:30" level=debug msg="Calling GET /v1.35/containers/json?all=1" time="2018-01-23T12:58:40.512113963+05:30" level=debug msg="Calling GET /_ping" time="2018-01-23T12:58:40.512568079+05:30" level=debug msg="Calling GET /v1.35/containers/boring_wiles/json"

    Reply
  • Mostly updating crates
    Mostly updating crates

    Aug 15, 2018

    This includes using Pid ,Gid, 'Uid' wherever possible.

    Next steps will include replacing error_chain with failure and revamping error handling in general.

    Reply