Docker

Is L4T 24.1 kernel Docker ready?

I am getting compilation errors when kernel options required for Docker are enabled.

This script prints missing options which needs to be enabled for Docker to run:
curl -L https://raw.githubusercontent.com/docker/docker/master/contrib/check-config.sh | /bin/bash /dev/stdin .config

Once all required options enabled - L4T kernel (24.1) does not compile. Errors like:

==============================================================

CC drivers/cpufreq/cpufreq_ondemand.o
kernel_tx1.docker/kernel/cgroup.c: In function ‘subsys_cgroup_allow_attach’:
kernel_tx1.docker/kernel/cgroup.c:2138:37: error: invalid operands to binary != (have ‘kuid_t’ and ‘kuid_t’)
if (current != task && cred->euid != tcred->uid &&
^
kernel_tx1.docker/kernel/cgroup.c:2139:18: error: invalid operands to binary != (have ‘kuid_t’ and ‘kuid_t’)
cred->euid != tcred->suid)

================================================

CC drivers/mmc/card/block.o
kernel_tx1.docker/drivers/misc/tegra-profiler/main.c: In function ‘set_parameters’:
kernel_tx1.docker/drivers/misc/tegra-profiler/main.c:212:14: error: incompatible types when assigning to type ‘uid_t’ from type ‘kuid_t’
current_uid = current_fsuid();
^
kernel_tx1.docker/drivers/misc/tegra-profiler/main.c:213:11: error: incompatible types when assigning to type ‘uid_t’ from type ‘kuid_t’
task_uid = task_uid(task);
^

================================================

That script for checking features has a lot going on. Some of those features are optional, some have a choice between module and integrated feature. I took the existing config of a working system (I think it just had swap enabled versus default, but there could be other differences), then added the mandatory options indicated by that script, using integrated over module format when possible. I then compiled using the crosstool-ng 4.8 which comes with the L4T documentation “Baggage”. This compiled and succeeded.

I am thinking either a different compiler might be an issue, or perhaps your starting config had issues with the changes. What config did you start with? Did you use one of the config menus to edit features, or did you edit the “.config” directly? Did you use any optional features from the script?

Yes, required option only, not optional.
I am using:

$ /usr/bin/aarch64-linux-gnu-gcc -v
Using built-in specs.
COLLECT_GCC=/usr/bin/aarch64-linux-gnu-gcc
COLLECT_LTO_WRAPPER=/usr/lib/gcc-cross/aarch64-linux-gnu/4.8/lto-wrapper
Target: aarch64-linux-gnu
Configured with: …/src/configure -v --with-pkgversion=‘Ubuntu/Linaro 4.8.2-13ubuntu1’ --with-bugurl=file:///usr/share/doc/gcc-4.8/README.Bugs --enable-languages=c,c++,java,go,d,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-4.8 --enable-shared --enable-linker-build-id --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --with-gxx-include-dir=/usr/aarch64-linux-gnu/include/c++/4.8.2 --libdir=/usr/lib --enable-nls --with-sysroot=/ --with-build-sysroot=/usr/aarch64-linux-gnu --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --enable-gnu-unique-object --disable-libmudflap --disable-libitm --disable-libsanitizer --disable-libquadmath --enable-plugin --with-system-zlib --disable-browser-plugin --enable-java-awt=gtk --enable-gtk-cairo --with-java-home=/usr/lib/jvm/java-1.5.0-gcj-4.8-arm64-cross/jre --enable-java-home --with-jvm-root-dir=/usr/lib/jvm/java-1.5.0-gcj-4.8-arm64-cross --with-jvm-jar-dir=/usr/lib/jvm-exports/java-1.5.0-gcj-4.8-arm64-cross --with-arch-directory=arm64 --with-ecj-jar=/usr/share/java/eclipse-ecj.jar --disable-libgcj --disable-libstdcxx-pch --enable-multiarch --disable-werror --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=aarch64-linux-gnu --program-prefix=aarch64-linux-gnu- --includedir=/usr/aarch64-linux-gnu/include
Thread model: posix
gcc version 4.8.2 20140110 (prerelease) [ibm/gcc-4_8-branch merged from gcc-4_8-branch, revision 205847] (Ubuntu/Linaro 4.8.2-13ubuntu1)

==========================================

New kernel options:

@@ -37,13 +37,14 @@ CONFIG_BUILDTIME_EXTABLE_SORT=y

CONFIG_INIT_ENV_ARG_LIMIT=32
CONFIG_CROSS_COMPILE=""

CONFIG_LOCALVERSION_AUTO is not set

CONFIG_DEFAULT_HOSTNAME="(none)"

CONFIG_SWAP is not set

CONFIG_SYSVIPC=y
CONFIG_SYSVIPC_SYSCTL=y
-# CONFIG_POSIX_MQUEUE is not set
+CONFIG_POSIX_MQUEUE=y
+CONFIG_POSIX_MQUEUE_SYSCTL=y

CONFIG_FHANDLE is not set

CONFIG_AUDIT is not set

CONFIG_HAVE_GENERIC_HARDIRQS=y
@@ -104,11 +105,13 @@ CONFIG_GENERIC_SCHED_CLOCK=y
CONFIG_CGROUPS=y
CONFIG_CGROUP_DEBUG=y
CONFIG_CGROUP_FREEZER=y
-# CONFIG_CGROUP_DEVICE is not set
-# CONFIG_CPUSETS is not set
+CONFIG_CGROUP_DEVICE=y
+CONFIG_CPUSETS=y
+CONFIG_PROC_PID_CPUSET=y
CONFIG_CGROUP_CPUACCT=y
CONFIG_RESOURCE_COUNTERS=y
-# CONFIG_MEMCG is not set
+CONFIG_MEMCG=y
+# CONFIG_MEMCG_KMEM is not set

CONFIG_CGROUP_PERF is not set

CONFIG_CGROUP_SCHED=y
CONFIG_FAIR_GROUP_SCHED=y
@@ -116,10 +119,16 @@ CONFIG_FAIR_GROUP_SCHED=y
CONFIG_RT_GROUP_SCHED=y

CONFIG_BLK_CGROUP is not set

CONFIG_CHECKPOINT_RESTORE is not set

-# CONFIG_NAMESPACES is not set
+CONFIG_NAMESPACES=y
+CONFIG_UTS_NS=y
+CONFIG_IPC_NS=y
+CONFIG_USER_NS=y
+CONFIG_PID_NS=y
+CONFIG_NET_NS=y
CONFIG_UIDGID_CONVERTED=y

CONFIG_UIDGID_STRICT_TYPE_CHECKS is not set

CONFIG_SCHED_AUTOGROUP is not set

+CONFIG_MM_OWNER=y

CONFIG_SYSFS_DEPRECATED is not set

CONFIG_RELAY is not set

CONFIG_BLK_DEV_INITRD=y
@@ -616,6 +625,7 @@ CONFIG_NET_ACTIVITY_STATS=y
CONFIG_NETFILTER=y

CONFIG_NETFILTER_DEBUG is not set

CONFIG_NETFILTER_ADVANCED=y
+CONFIG_BRIDGE_NETFILTER=y

Core Netfilter Configuration

@@ -696,7 +706,7 @@ CONFIG_NETFILTER_XT_TARGET_TCPMSS=y

Xtables matches

-# CONFIG_NETFILTER_XT_MATCH_ADDRTYPE is not set
+CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=y

CONFIG_NETFILTER_XT_MATCH_BPF is not set

CONFIG_NETFILTER_XT_MATCH_CLUSTER is not set

CONFIG_NETFILTER_XT_MATCH_COMMENT=y
@@ -724,6 +734,7 @@ CONFIG_NETFILTER_XT_MATCH_MARK=y

CONFIG_NETFILTER_XT_MATCH_OSF is not set

CONFIG_NETFILTER_XT_MATCH_OWNER is not set

CONFIG_NETFILTER_XT_MATCH_POLICY=y
+# CONFIG_NETFILTER_XT_MATCH_PHYSDEV is not set
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=y
CONFIG_NETFILTER_XT_MATCH_QTAGUID=y
CONFIG_NETFILTER_XT_MATCH_QUOTA=y
@@ -797,6 +808,7 @@ CONFIG_IP6_NF_MANGLE=y
CONFIG_IP6_NF_RAW=y

CONFIG_IP6_NF_SECURITY is not set

CONFIG_NF_NAT_IPV6 is not set

+# CONFIG_BRIDGE_NF_EBTABLES is not set

CONFIG_IP_DCCP is not set

CONFIG_IP_SCTP is not set

CONFIG_RDS is not set

@@ -806,7 +818,9 @@ CONFIG_IP6_NF_RAW=y
CONFIG_STP=y
CONFIG_GARP=y
CONFIG_MRP=y
-# CONFIG_BRIDGE is not set
+CONFIG_BRIDGE=y
+CONFIG_BRIDGE_IGMP_SNOOPING=y
+CONFIG_BRIDGE_VLAN_FILTERING=y
CONFIG_HAVE_NET_DSA=y
CONFIG_VLAN_8021Q=y
CONFIG_VLAN_8021Q_GVRP=y
@@ -1356,7 +1370,7 @@ CONFIG_MII=y

CONFIG_NETPOLL is not set

CONFIG_NET_POLL_CONTROLLER is not set

CONFIG_TUN=y
-# CONFIG_VETH is not set
+CONFIG_VETH=y

CONFIG_ARCNET is not set

@@ -1796,7 +1810,7 @@ CONFIG_VT_CONSOLE_SLEEP=y
CONFIG_HW_CONSOLE=y

CONFIG_VT_HW_CONSOLE_BINDING is not set

CONFIG_UNIX98_PTYS=y
-# CONFIG_DEVPTS_MULTIPLE_INSTANCES is not set
+CONFIG_DEVPTS_MULTIPLE_INSTANCES=y

CONFIG_LEGACY_PTYS is not set

CONFIG_SERIAL_NONSTANDARD is not set

CONFIG_NOZOMI is not set

@@ -4037,7 +4051,8 @@ CONFIG_FILE_LOCKING=y
CONFIG_FSNOTIFY=y
CONFIG_DNOTIFY=y
CONFIG_INOTIFY_USER=y
-# CONFIG_FANOTIFY is not set
+CONFIG_FANOTIFY=y
+# CONFIG_FANOTIFY_ACCESS_PERMISSIONS is not set

CONFIG_QUOTA is not set

CONFIG_QUOTACTL is not set

CONFIG_AUTOFS4_FS is not set

Could you share your options diff?

What are those options relative to? I’ll see if I can just attach the whole file. I renamed my config with .doc but it is just plain text. Waiting for the forum to finish scanning it.
config-3.10.96-test.doc (115 KB)

OK I found solution myself:

  1. disable UIDGID_STRICT_TYPE_CHECKS

— a/init/Kconfig
+++ b/init/Kconfig
@@ -1085,7 +1085,6 @@ config IPC_NS
config USER_NS
bool “User namespace”
depends on UIDGID_CONVERTED

  •   select UIDGID_STRICT_TYPE_CHECKS
    
      default n
      help
    
  1. in addition to kernel options listed above add this

+CONFIG_DM_THIN_PROVISIONING=y

  1. and remove this option

-CONFIG_MEMCG=y

After that kernel build will succeed successfully and Docker service will start without errors:

root@Unconfigured-SVEN:~# service docker status
docker start/running, process 2368

root@Unconfigured-SVEN:~# docker version
Client version: 1.6.2
Client API version: 1.18
Go version (client): go1.2.1
Git commit (client): 7c8fca2
OS/Arch (client): linux/arm
Server version: 1.6.2
Server API version: 1.18
Go version (server): go1.2.1
Git commit (server): 7c8fca2
OS/Arch (server): linux/arm

Continuation:

To build and run Docker v1.13 on L4T v24.1 one addition Kernel change needed:

  1. Enable 32bit compatibility wrapper for keyctl syscalls. Required for latest Docker. By default all keyctl syscalls are defunct. It is a bug in L4T kernel.

=======================================

— a/security/keys/Makefile
+++ b/security/keys/Makefile
@@ -14,8 +14,8 @@ obj-y :=
process_keys.o
request_key.o
request_key_auth.o \

  •   user_defined.o
    

-obj-$(CONFIG_KEYS_COMPAT) += compat.o

  •   user_defined.o \
    
  •   compat.o
    

=======================================

root@Unconfigured-SVEN:~# docker version
Client:
Version: 1.13.0-dev
API version: 1.25
Go version: go1.7
Git commit: c5f4a1a-unsupported
Built: Fri Sep 23 17:59:10 2016
OS/Arch: linux/arm

Server:
Version: 1.13.0-dev
API version: 1.25
Go version: go1.7
Git commit: c5f4a1a-unsupported
Built: Fri Sep 23 17:59:10 2016
OS/Arch: linux/arm

root@Unconfigured-SVEN:~# cat /etc/os-release
NAME=“Ubuntu”
VERSION=“14.04.5 LTS, Trusty Tahr”
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME=“Ubuntu 14.04.5 LTS”
VERSION_ID=“14.04”
HOME_URL=“http://www.ubuntu.com/
SUPPORT_URL=“http://help.ubuntu.com/
BUG_REPORT_URL=“http://bugs.launchpad.net/ubuntu/

hey -

i am working to get docker on the tx2 and was happy to see this thread, following these steps:

https://blog.hypriot.com/post/getting-docker-running-on-a-high-density-armv8-server-from-hisilicon

i built/installed go latest (1.8), git cloned and built docker latest (v17.04.0-ce) and ‘docker version’ reports positively.

now in running check-config.sh there are quite a few missing options … i expect dockerd to fail.

in any event, would love to hear of other attempts, kernel configs, etc.

thx,

  • james

Are you installing docker on jetson tx1?
How to configure the kernel options? I don’t want to reinstall the ubuntu system, I just want to use docker on the system, could you show the command to build the docker?

Thank you!