Note that I was addicted to trying to build a docker image on AWS EC2.
I got the following error when building the docker image. The content is to add the plugin gem to the fluentd image.
$ docker build . --no-cache
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM fluent/fluentd:v1.11.4-2.0
v1.11.4-2.0: Pulling from fluent/fluentd
df20fa9351a1: Pull complete
5bbb4150a5a0: Pull complete
0a2f393cb307: Pull complete
b1dea35b5d99: Pull complete
65de893ed157: Pull complete
Digest: sha256:0c6ae6c72902cbc3a4f60bc15069cb89fd72b57391bff150960a6f911361d6c9
Status: Downloaded newer image for fluent/fluentd:v1.11.4-2.0
---> 7bcbcb847e0d
Step 2/4 : USER root
---> Running in 79fb5c74b17f
Removing intermediate container 79fb5c74b17f
---> 03af9cdb324e
Step 3/4 : RUN gem install fluent-plugin-cloudwatch-logs
---> Running in 1bcf43a8efb2
ERROR: Could not find a valid gem 'fluent-plugin-cloudwatch-logs' (>= 0), here is why:
Unable to download data from https://rubygems.org/ - no such name (https://rubygems.org/specs.4.8.gz)
ERROR: Service 'fluentd' failed to build : The command '/bin/sh -c gem install fluent-plugin-cloudwatch-logs' returned a non-zero code: 2
It says that it can not connect to rubygems.org, and when I check it, information such as proxy settings are required. However, it seems that there is no relationship because it can be connected on the host.
I can't access the site directly, and I can't resolve the name. So I found out that there is no network interface eth0.
$ docker build . --no-cache
Sending build context to Docker daemon 2.048kB
Step 1/3 : FROM fluent/fluentd:v1.11.4-2.0
---> 7bcbcb847e0d
Step 2/3 : USER root
---> Running in c80c0a20cd21
Removing intermediate container c80c0a20cd21
---> 16f2ba30695a
Step 3/3 : RUN ifconfig
---> Running in 1d9cb7d5e2ec
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Removing intermediate container 1d9cb7d5e2ec
---> de98e34f64e7
Successfully built de98e34f64e7
Looking on the host side, I found that there was no docker0 and there was no default bridge on the docker network.
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
2d9ce67d06f5 host host local
9a455bcae53c none null local
The host OS is Amazon Linux 2 (EKS-Optimized), but I was able to build it on another server without any problems, so the versions are different when compared.
--amazon-eks-node-1.11-v20190220 → Environment that can be built --amazon-eks-node-1.17-v20201002 → Environment where build fails
Looking at each docker version, there were the following differences.
#Environment that can be built
$ docker version
Client:
Version: 18.06.1-ce
API version: 1.38
Go version: go1.10.3
Git commit: e68fc7a215d7133c34aa18e3b72b4a21fd0c6136
Built: Mon Jan 28 21:03:38 2019
OS/Arch: linux/amd64
Experimental: false
:
#Environment where build fails
$ docker version
Client:
Version: 19.03.6-ce
API version: 1.40
Go version: go1.13.4
Git commit: 369ce74
Built: Fri May 29 04:01:26 2020
OS/Arch: linux/amd64
Experimental: false
:
If you can build it, the default bridge network exists.
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
2f3fd9d451c6 bridge bridge local
cd2fe4f72dff host host local
f56d76b46acb none null local
I couldn't find any information as to whether the presence or absence of this bridge was the cause of the docker build error, but when I looked in the direction of the presence or absence of the default bridge, a configuration file called ** /etc/docker/daemon.json ** appeared. Since it came, I compared it with the above server.
** Environment that can be built **
/etc/docker/daemon.json
{
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "10"
},
"live-restore": true,
"max-concurrent-downloads": 10,
"default-ulimits": {
"nofile": {
"Name": "nofile",
"Soft": 2048,
"Hard": 8192
}
}
}
** Environment where build fails **
/etc/docker/daemon.json
{
"bridge": "none",
"log-driver": "json-file",
"log-opts": {
"max-size": "10m",
"max-file": "10"
},
"live-restore": true,
"max-concurrent-downloads": 10
}
The setting ** bridge: none ** seems to be relevant.
Try restarting the docker service by removing the bridge: none setting in the /etc/docker/daemon.json file.
$ sudo service docker restart
Rebooting the service with the above command did not solve the problem immediately. After that, the default bridge was created while operating separately from stop and start and using the systemctl command.
Apparently, it seems to be useless if there is a running container or a network created by docker-compose, so if you stop all containers, delete the network created later, and restart the docker service, set it. Was reflected.
$ docker network ls
NETWORK ID NAME DRIVER SCOPE
c4433dcfbe9b bridge bridge local
2d9ce67d06f5 host host local
9a455bcae53c none null local
When I tried docker build earlier, eth0 was also created.
$ docker build . --no-cached
Sending build context to Docker daemon 2.048kB
Step 1/3 : FROM fluent/fluentd:v1.11.4-2.0
---> 7bcbcb847e0d
Step 2/3 : USER root
---> Using cache
---> 15b06f798b72
Step 3/3 : RUN ifconfig
---> Running in 713f15663040
eth0 Link encap:Ethernet HWaddr 02:42:AC:12:00:02
inet addr:172.18.0.2 Bcast:172.18.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:180 (180.0 B) TX bytes:0 (0.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Removing intermediate container 713f15663040
---> 6d99f256433b
Successfully built 6d99f256433b
When I tried the original fluentd build, I was able to download the gem and it worked fine.
$ docker build . --no-cached
Sending build context to Docker daemon 2.048kB
Step 1/4 : FROM fluent/fluentd:v1.11.4-2.0
---> 7bcbcb847e0d
Step 2/4 : USER root
---> Using cache
---> a733f7c02648
Step 3/4 : RUN gem install fluent-plugin-cloudwatch-logs
---> Running in 1d43a2226fb4
Successfully installed jmespath-1.4.0
Successfully installed aws-partitions-1.391.0
Successfully installed aws-eventstream-1.1.0
Successfully installed aws-sigv4-1.2.2
Successfully installed aws-sdk-core-3.109.2
Successfully installed aws-sdk-cloudwatchlogs-1.38.0
Successfully installed fluent-plugin-cloudwatch-logs-0.11.1
7 gems installed
Removing intermediate container 1d43a2226fb4
---> f7242c21bd02
Step 4/4 : USER fluent
---> Running in 7baaad7e3b2d
Removing intermediate container 7baaad7e3b2d
---> c39b2ddf48d9
Successfully built c39b2ddf48d9
The build error has been resolved, so it's done for the time being, but I don't understand why bridge is disabled in the new version of docker and OS environment.
I've also seen information that the default bridge shouldn't be built, but I couldn't find any clear information on why it didn't work and what to do if I didn't build a bridge.
Or because it is an EKS-Optimized image, it may not be supposed to run docker build normally by using only the runtime.
Recommended Posts