Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1354491 - docker 1.10 with ipv6 disabled via ipv6.disable=1 fails to start
Summary: docker 1.10 with ipv6 disabled via ipv6.disable=1 fails to start
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Containers
Version: 3.2.0
Hardware: All
OS: All
medium
high
Target Milestone: ---
: ---
Assignee: Jhon Honce
QA Contact: DeShuai Ma
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-07-11 12:28 UTC by Kenjiro Nakayama
Modified: 2017-03-08 18:43 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Cause: Docker version < 1.12 required IPv6 Consequence: It was impossible to run the docker daemon on a kernel with IPv6 disabled Fix: The Docker daemon was modified to not require IPv6 Result: It is now possible to run the docker daemon on a kernel with IPv6 disabled.
Clone Of:
Environment:
Last Closed: 2017-01-18 12:41:24 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Knowledge Base (Solution) 2451761 None None None 2016-07-20 07:09:51 UTC
Red Hat Product Errata RHBA-2017:0066 normal SHIPPED_LIVE Red Hat OpenShift Container Platform 3.4 RPM Release Advisory 2017-01-18 17:23:26 UTC

Description Kenjiro Nakayama 2016-07-11 12:28:27 UTC
Description of problem:
===

- docker 1.10 with ipv6 disabled via ipv6.disable=1 can't start

Version-Release number of selected component (if applicable):
===

  # rpm -qa |grep docker
  docker-common-1.10.3-44.el7.x86_64
  docker-forward-journald-1.10.3-44.el7.x86_64
  docker-1.10.3-44.el7.x86_64
  docker-rhel-push-plugin-1.10.3-44.el7.x86_64
  docker-selinux-1.10.3-44.el7.x86_64

How reproducible:
====

Steps to Reproduce:

1. edit /etc/default/grub

  # vim /etc/default/grub
  GRUB_CMDLINE_LINUX="rd.lvm.lv=rhel_unused-221-23/root vconsole.font=latarcyrheb-sun16 rd.lvm.lv=rhel_unused-221-23/swap crashkernel=auto  vconsole.keymap=us rhgb quiet  ipv6.disable=1"

2. Run grub2-mkconfig

  # grub2-mkconfig -o /boot/grub2/grub.cfg

3. Reboot system and check inet6 has been removed

  # ip a |grep inet6
  #

4. Restart docker

  # systemctl restart docker

  # systemctl is-active docker
  inactive

  Error log
  ---
  Jul 11 20:55:44 knakayam-ose32-smaster systemd[1]: Starting Docker Application Container Engine...
  Jul 11 20:55:44 knakayam-ose32-smaster forward-journal[10503]: Forwarding stdin to journald using Priority Informational and tag docker
  Jul 11 20:55:44 knakayam-ose32-smaster forward-journal[10503]: time="2016-07-11T20:55:44.863571209+09:00" level=warning msg="devmapper: Usage of loopback devices is strongly discouraged for production use. Please use `--storage-opt dm.thinpooldev` or use `man docker` to refer to dm.thinpooldev section."
  Jul 11 20:55:44 knakayam-ose32-smaster forward-journal[10503]: time="2016-07-11T20:55:44.897119714+09:00" level=warning msg="devmapper: Base device already exists and has filesystem xfs on it. User specified filesystem  will be ignored."
  Jul 11 20:55:44 knakayam-ose32-smaster forward-journal[10503]: time="2016-07-11T20:55:44.921106225+09:00" level=info msg="[graphdriver] using prior storage driver \"devicemapper\""
  Jul 11 20:55:44 knakayam-ose32-smaster forward-journal[10503]: time="2016-07-11T20:55:44.923003866+09:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
  Jul 11 20:55:44 knakayam-ose32-smaster forward-journal[10503]: time="2016-07-11T20:55:44.939033217+09:00" level=info msg="Firewalld running: true"
  Jul 11 20:55:45 knakayam-ose32-smaster forward-journal[10503]: time="2016-07-11T20:55:45.081397004+09:00" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address"
  Jul 11 20:55:45 knakayam-ose32-smaster forward-journal[10503]: time="2016-07-11T20:55:45.213368479+09:00" level=fatal msg="Error starting daemon: Error initializing network controller: Error creating default \"bridge\" network: Failed to setup IP tables, cannot acquire Interface address: Interface docker0 has no IPv4 addresses"

Actual results:

- Docker failed to start

Expected results:

- Docker starts without error

Additional info:

- This issue is same with https://github.com/docker/libnetwork/issues/892

Comment 16 Troy Dawson 2016-11-11 19:43:47 UTC
This should be ready to test in OCP v3.4.0.25 or newer.

Comment 18 DeShuai Ma 2016-11-14 08:40:19 UTC
Test on docker-1.12, after disable ipv6, docker restart successfully.
[root@dhcp-140-57 ~]# docker version
Client:
 Version:      1.12.3
 API version:  1.24
 Go version:   go1.6.3
 Git commit:   6b644ec
 Built:        
 OS/Arch:      linux/amd64

Server:
 Version:      1.12.3
 API version:  1.24
 Go version:   go1.6.3
 Git commit:   6b644ec
 Built:        
 OS/Arch:      linux/amd64

[root@dhcp-140-57 tmp]# vim /etc/default/grub
[root@dhcp-140-57 ~]# cat /etc/default/grub |grep GRUB_CMDLINE_LINUX
GRUB_CMDLINE_LINUX="rd.lvm.lv=fedora_dhcp-140-57/root rd.lvm.lv=fedora_dhcp-140-57/swap rhgb quiet ipv6.disable=1"
[root@dhcp-140-57 tmp]# grub2-mkconfig -o /boot/grub2/grub.cfg
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-4.5.5-300.fc24.x86_64
Found initrd image: /boot/initramfs-4.5.5-300.fc24.x86_64.img
Found linux image: /boot/vmlinuz-0-rescue-cb5fb8c550984d6b8b2f24e28acf5d51
Found initrd image: /boot/initramfs-0-rescue-cb5fb8c550984d6b8b2f24e28acf5d51.img
Found Windows 7 (loader) on /dev/sda1
done
[root@dhcp-140-57 tmp]# reboot
Connection to 10.66.141.128 closed by remote host.
Connection to 10.66.141.128 closed.
[root@dhcp-128-7 Desktop]# ssh 10.66.141.128
reverse mapping checking getaddrinfo for dhcp-141-128.nay.redhat.com [10.66.141.128] failed - POSSIBLE BREAK-IN ATTEMPT!
root@10.66.141.128's password: 
Last login: Mon Nov 14 16:36:21 2016
[root@dhcp-140-57 ~]# 
[root@dhcp-140-57 ~]# ip a |grep inet6
[root@dhcp-140-57 ~]# systemctl restart docker
[root@dhcp-140-57 ~]# docker ps
CONTAINER ID        IMAGE               COMMAND             CREATED             STATUS              PORTS               NAMES
[root@dhcp-140-57 ~]#

Comment 20 errata-xmlrpc 2017-01-18 12:41:24 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:0066


Note You need to log in before you can comment on or make changes to this bug.