Installing docker on ClearFog CX LX2 fails

I’m attempting to install docker on ‘ddab3ad’ (tried ‘bc46e34’ too), files download, but docker fails to start.

Installation recipe:

Installation recipe used (as recommended on docs.docker.com)
apt install -y ca-certificates curl gnupg lsb-release
curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg

echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

apt install -y docker-ce docker-ce-cli containerd.io docker-compose-plugin
Installation log
# apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages were automatically installed and are no longer required:
  bridge-utils netcat netcat-openbsd ubuntu-fan
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
  dbus-user-session docker-ce-rootless-extras libltdl7 slirp4netns
Suggested packages:
  cgroupfs-mount | cgroup-lite
The following packages will be REMOVED:
  containerd runc
The following NEW packages will be installed:
  containerd.io dbus-user-session docker-ce docker-ce-cli docker-ce-rootless-extras
  docker-compose-plugin libltdl7 slirp4netns
0 upgraded, 8 newly installed, 2 to remove and 0 not upgraded.
Need to get 83.4 MB of archives.
After this operation, 242 MB of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://ports.ubuntu.com/ubuntu-ports focal-updates/main arm64 dbus-user-session arm64 1.12.16-2ubuntu2.2 [9416 B]
Get:2 http://ports.ubuntu.com/ubuntu-ports focal/main arm64 libltdl7 arm64 2.4.6-14 [37.5 kB] 
Get:3 http://ports.ubuntu.com/ubuntu-ports focal/universe arm64 slirp4netns arm64 0.4.3-1 [69.2 kB]
Get:4 https://download.docker.com/linux/ubuntu focal/stable arm64 containerd.io arm64 1.6.4-1 [20.8 MB]
Get:5 https://download.docker.com/linux/ubuntu focal/stable arm64 docker-ce-cli arm64 5:20.10.16~3-0~ubuntu-focal [36.1 MB]
Get:6 https://download.docker.com/linux/ubuntu focal/stable arm64 docker-ce arm64 5:20.10.16~3-0~ubuntu-focal [13.5 MB]
Get:7 https://download.docker.com/linux/ubuntu focal/stable arm64 docker-ce-rootless-extras arm64 5:20.10.16~3-0~ubuntu-focal [7289 kB]
Get:8 https://download.docker.com/linux/ubuntu focal/stable arm64 docker-compose-plugin arm64 2.5.0~ubuntu-focal [5608 kB]
Fetched 83.4 MB in 4s (21.5 MB/s)           
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 76, <> line 8.)
debconf: falling back to frontend: Readline
(Reading database ... 11987 files and directories currently installed.)
Removing containerd (1.5.9-0ubuntu1~20.04.4) ...
Removing runc (1.1.0-0ubuntu1~20.04.1) ...
Selecting previously unselected package containerd.io.
(Reading database ... 11931 files and directories currently installed.)
Preparing to unpack .../0-containerd.io_1.6.4-1_arm64.deb ...
Unpacking containerd.io (1.6.4-1) ...
Selecting previously unselected package dbus-user-session.
Preparing to unpack .../1-dbus-user-session_1.12.16-2ubuntu2.2_arm64.deb ...
Unpacking dbus-user-session (1.12.16-2ubuntu2.2) ...
Selecting previously unselected package docker-ce-cli.
Preparing to unpack .../2-docker-ce-cli_5%3a20.10.16~3-0~ubuntu-focal_arm64.deb ...
Unpacking docker-ce-cli (5:20.10.16~3-0~ubuntu-focal) ...
Selecting previously unselected package docker-ce.
Preparing to unpack .../3-docker-ce_5%3a20.10.16~3-0~ubuntu-focal_arm64.deb ...
Unpacking docker-ce (5:20.10.16~3-0~ubuntu-focal) ...
Selecting previously unselected package docker-ce-rootless-extras.
Preparing to unpack .../4-docker-ce-rootless-extras_5%3a20.10.16~3-0~ubuntu-focal_arm64.deb ...
Unpacking docker-ce-rootless-extras (5:20.10.16~3-0~ubuntu-focal) ...
Selecting previously unselected package docker-compose-plugin.
Preparing to unpack .../5-docker-compose-plugin_2.5.0~ubuntu-focal_arm64.deb ...
Unpacking docker-compose-plugin (2.5.0~ubuntu-focal) ...
Selecting previously unselected package libltdl7:arm64.
Preparing to unpack .../6-libltdl7_2.4.6-14_arm64.deb ...
Unpacking libltdl7:arm64 (2.4.6-14) ...
Selecting previously unselected package slirp4netns.
Preparing to unpack .../7-slirp4netns_0.4.3-1_arm64.deb ...
Unpacking slirp4netns (0.4.3-1) ...
Setting up slirp4netns (0.4.3-1) ...
Setting up dbus-user-session (1.12.16-2ubuntu2.2) ...
Setting up containerd.io (1.6.4-1) ...
Setting up docker-compose-plugin (2.5.0~ubuntu-focal) ...
Setting up libltdl7:arm64 (2.4.6-14) ...
Setting up docker-ce-cli (5:20.10.16~3-0~ubuntu-focal) ...
Setting up docker-ce-rootless-extras (5:20.10.16~3-0~ubuntu-focal) ...
Setting up docker-ce (5:20.10.16~3-0~ubuntu-focal) ...
Created symlink /etc/systemd/system/multi-user.target.wants/docker.service → /lib/systemd/system/docker.service.
Created symlink /etc/systemd/system/sockets.target.wants/docker.socket → /lib/systemd/system/docker.socket.
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.
invoke-rc.d: initscript docker, action "start" failed.
● docker.service - Docker Application Container Engine
     Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
     Active: activating (auto-restart) (Result: exit-code) since Sat 2022-05-21 02:23:23 UTC; 17ms ago
TriggeredBy: ● docker.socket
       Docs: https://docs.docker.com
    Process: 2685 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=1/FAILURE)
   Main PID: 2685 (code=exited, status=1/FAILURE)
dpkg: error processing package docker-ce (--configure):
 installed docker-ce package post-installation script subprocess returned error exit status 1
Processing triggers for systemd (245.4-4ubuntu3.17) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...
Errors were encountered while processing:
 docker-ce
E: Sub-process /usr/bin/dpkg returned an error code (1)
Snippets from journalctl -xe
May 21 02:23:22 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:22.786935075Z" level=warning msg="Your kernel does not support CPU CFS scheduler"
May 21 02:23:22 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:22.787008312Z" level=warning msg="Your kernel does not support CPU realtime scheduler"
May 21 02:23:22 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:22.787046271Z" level=warning msg="Your kernel does not support cgroup blkio weight"
May 21 02:23:22 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:22.787083229Z" level=warning msg="Your kernel does not support cgroup blkio weight_device"
...
May 21 02:23:22 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:22.787576332Z" level=info msg="Loading containers: start."
May 21 02:23:23 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:23.195552998Z" level=error msg="could not get initial namespace: no such file or directory"
May 21 02:23:23 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:23.199793326Z" level=error msg="failed to set to initial namespace, readlink /proc/2685/task/2688/ns/net: no such file or directory, initns fd -1: bad file descriptor"
May 21 02:23:23 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:23.200203671Z" level=info msg="Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option --bip can be used to set a preferred IP address"
May 21 02:23:23 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:23.200547179Z" level=error msg="failed to set to initial namespace, readlink /proc/2685/task/2688/ns/net: no such file or directory, initns fd -1: bad file descriptor"
...
May 21 02:23:23 cx-lx2 NetworkManager[1406]: <info>  [1653099803.2035] manager: (docker0): new Bridge device (/org/freedesktop/NetworkManager/Devices/8)
May 21 02:23:23 cx-lx2 systemd-udevd[2762]: Using default interface naming scheme 'v245'.
May 21 02:23:23 cx-lx2 systemd-udevd[2762]: ethtool: autonegotiation is unset or enabled, the speed and duplex are not writable.
...
May 21 02:23:23 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:23.257519213Z" level=info msg="stopping event stream following graceful shutdown" error="<nil>" module=libcontainerd namespace=moby
May 21 02:23:23 cx-lx2 dockerd[2685]: failed to start daemon: Error initializing network controller: Error creating default "bridge" network: Failed to program NAT chain: Failed to inject DOCKER in PREROUTING chain: iptables failed: iptables --wait -t nat -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER: iptables v1.8.4 (legacy): Couldn't load match `addrtype':No such file or directory
May 21 02:23:23 cx-lx2 dockerd[2685]: Try `iptables -h' or 'iptables --help' for more information.
...
May 21 02:23:23 cx-lx2 dockerd[2685]:  (exit status 2)
May 21 02:23:23 cx-lx2 dockerd[2685]: time="2022-05-21T02:23:23.258394901Z" level=info msg="stopping event stream following graceful shutdown" error="context canceled" module=libcontainerd namespace=plugins.moby
May 21 02:23:23 cx-lx2 systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILURE
-- Subject: Unit process exited

The error …
Error creating default "bridge" network: Failed to program NAT chain: Failed to inject DOCKER in PREROUTING chain: iptables failed
… may be significant, but there are other messages, such as the warnings beginning with ‘Your kernel does not support …’ that may be the root of the problem.

Note: the ‘docker0’ interface seem to be created successfully.

I’ve searched the net and found ‘similar’ problems, but the solutions suggested does not work for me. Example attempt on solving the issue. Raspberry Pi solutions won’t work either.

-If anyone has a clue (or can successfully run docker on the CX or Honeycomb), please let me know.

The kernel config is based on the stock arm64 defconfig. This will need to be tweaked to support the iptables, networking, cgroups features required by docker.

1 Like