I haven’t been using Fedora for a few years but wanted to try it again (Fedora 39). In the past, I had a few problems with Docker in Fedora (see Fixing Docker problems in Fedora). Things are slightly improved, while others haven’t changed. For sure, I gave up using the official Docker command in Fedora: I’m using “moby-engine” instead of “docker-ce” and also “docker-compose“. In the past, Moby was mostly working out of the box, while Docker CE required a few tweaks. I don’t think it’s worthwhile insisting on tweaking it, so I’ll go straight with Moby.
This is a docker-compose file that gave me troubles in the past in Fedora:
|
1 2 3 4 5 6 7 8 9 10 11 |
services: db: image: mysql:5.7 environment: - MYSQL_ROOT_PASSWORD=somewordpress - MYSQL_DATABASE=wordpress - MYSQL_USER=wordpress - MYSQL_PASSWORD=wordpress expose: - 3306 - 33060 |
Save it to “docker-compose.yaml” and run “docker-compose up,” and it works fine! (In the past, with Docker CE, this used to hang and eat all the memory).
Concerning the Testcontainers library, I’ll use this example project (taken from my TDD book): https://github.com/LorenzoBettini/it-docker-mongo-example. I run “mvn verify”.
When it comes to using Testcontainers, I get this error:
|
1 2 3 4 5 6 7 |
Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Get http://%2Fvar%2Frun%2Fdocker.sock/_ping: dial unix /var/run/docker.sock: connect: permission denied[\n]" ... [ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 0.001 s <<< FAILURE! - in com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT [ERROR] com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT Time elapsed: 0.001 s <<< ERROR! java.lang.IllegalStateException: Ryuk failed to start Caused by: com.github.dockerjava.api.exception.NotFoundException: Status 404: {"message":"No such container: be095fae9fc281a783e46e9787d51907370d8fee4fd24cee8729f71a9904df1f"} |
However, the error goes away if I update Testcontainers to a more recent version (previously, I was using 1.16.3):
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
<properties> ... <testcontainers.version>1.19.3</testcontainers.version> </properties> ... <dependency> <groupId>org.testcontainers</groupId> <artifactId>testcontainers</artifactId> <version>${testcontainers.version}</version> <scope>test</scope> </dependency> <dependency> <groupId>org.testcontainers</groupId> <artifactId>mongodb</artifactId> <version>${testcontainers.version}</version> <scope>test</scope> </dependency> <dependency> <groupId>org.testcontainers</groupId> <artifactId>junit-jupiter</artifactId> <version>${testcontainers.version}</version> <scope>test</scope> </dependency> |
So, that works!
Let’s try now by telling Docker to use another folder (for the images and containers) on another disk.
First, stop Docker
|
1 |
sudo systemctl stop docker |
Then, change this file (remember, I’m using “moby-engine”, which uses this file with these contents) “/etc/sysconfig/docker”:
|
1 2 3 4 5 6 7 8 9 10 |
# /etc/sysconfig/docker # Modify these options if you want to change the way the docker daemon runs OPTIONS="--selinux-enabled \ --log-driver=journald \ --live-restore \ --default-ulimit nofile=1024:1024 \ --init-path /usr/libexec/docker/docker-init \ --userland-proxy-path /usr/libexec/docker/docker-proxy \ " |
I’m adding this last line to point to a directory that mounts a partition on another disk:
|
1 2 3 4 5 6 7 8 9 10 11 |
# /etc/sysconfig/docker # Modify these options if you want to change the way the docker daemon runs OPTIONS="--selinux-enabled \ --log-driver=journald \ --live-restore \ --default-ulimit nofile=1024:1024 \ --init-path /usr/libexec/docker/docker-init \ --userland-proxy-path /usr/libexec/docker/docker-proxy \ --data-root /media/bettini/common/docker \ " |
And let’s reload Docker
|
1 |
sudo systemctl daemon-reload |
Now, the “docker-compose.yaml” file above gives this error:
|
1 2 3 |
Attaching to docker-compose-mysql_db_1 db_1 | /bin/bash: error while loading shared libraries: /lib64/libc.so.6: cannot apply additional memory protection after relocation: Permission denied docker-compose-mysql_db_1 exited with code 127 |
And the Maven project above fails with something like that:
|
1 2 3 4 5 |
[ERROR] Tests run: 1, Failures: 0, Errors: 1, Skipped: 0, Time elapsed: 5.25 s <<< FAILURE! - in com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT [ERROR] com.examples.school.repository.mongo.StudentMongoRepositoryTestcontainersIT Time elapsed: 5.25 s <<< ERROR! org.testcontainers.containers.ContainerLaunchException: Container startup failed for image mongo:4.4.3 Caused by: org.rnorth.ducttape.RetryCountExceededException: Retry limit hit with exception Caused by: org.testcontainers.containers.ContainerLaunchException: Could not create/start container |
This problem is due to SELinux (that figures!!!) If you temporarily disable SELinux:
|
1 |
sudo setenforce 0 |
Everything succeeds again!
Thus, Moby in Fedora 39 works out of the box with the default configuration. If you want images and containers in another mounted directory (not handled by Selinux), you must disable SELinux.
Better than nothing! 😉
This is a timely article, as I have a Fedora box sitting, waiting to be used for just this purpose. You mention in your article that Moby work in Fedora right out of the box. How would you accomplish the same thing on Ubuntu?
On Ubuntu docker ce works out of the box, IIRC. You don’t need Moby in Ubuntu.