Docker and Proxmox side-by-side

t_b

New Member
Nov 4, 2015
22
2
1
Hello,

I've currenty setup another proxmox instance, which has some special needs.
Since we have heterogenous systems (existing containers) and new docker(-compose) based solutions we try to get them all on one system. Therefore i installed a fresh proxmox system. The second step was to install docker on the proxmox system based on this guide. After install docker-engine docker failed instantly:


Code:
Mar 02 07:21:41 stayyadev systemd[1]: Starting Docker Application Container Engine...
Mar 02 07:21:41 stayyadev dockerd[3322]: time="2017-03-02T07:21:41.755076194+01:00" level=info msg="libcontainerd: new containerd process, pid: 3332"
Mar 02 07:21:42 stayyadev dockerd[3322]: time="2017-03-02T07:21:42.844918639+01:00" level=error msg="'overlay' not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded."
Mar 02 07:21:42 stayyadev dockerd[3322]: time="2017-03-02T07:21:42.846549977+01:00" level=error msg="'overlay' not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded."
Mar 02 07:21:42 stayyadev dockerd[3322]: time="2017-03-02T07:21:42.863674211+01:00" level=warning msg="devmapper: Usage of loopback devices is strongly discouraged for production use. Please use `--storage-opt dm.thinpooldev` or use `man docker` to refer to dm.thinpooldev section."
Mar 02 07:21:42 stayyadev dockerd[3322]: time="2017-03-02T07:21:42.890755884+01:00" level=warning msg="devmapper: XFS is not supported in your system. Either the kernel doesn't support it or mkfs.xfs is not in your PATH. Defaulting to ext4 filesystem"
Mar 02 07:21:42 stayyadev dockerd[3322]: time="2017-03-02T07:21:42.891803849+01:00" level=info msg="devmapper: Creating filesystem ext4 on device docker-251:0-1839095-base"
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.379921976+01:00" level=info msg="devmapper: Successfully created filesystem ext4 on device docker-251:0-1839095-base"
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.470874750+01:00" level=info msg="Graph migration to content-addressability took 0.00 seconds"
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.471166621+01:00" level=warning msg="Your kernel does not support cgroup rt period"
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.471188025+01:00" level=warning msg="Your kernel does not support cgroup rt runtime"
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.471689218+01:00" level=info msg="Loading containers: start."
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.473828208+01:00" level=warning msg="Running modprobe nf_nat failed with message: `modprobe: ERROR: could not insert 'nf_nat': Exec format error\ninsmod /lib/modules/4.4.35-1-pve/kernel/net/netfilter/nf_conntrack.ko`, error: exit status 1"
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.475380551+01:00" level=warning msg="Running modprobe xt_conntrack failed with message: `modprobe: ERROR: could not insert 'xt_conntrack': Exec format error\ninsmod /lib/modules/4.4.35-1-pve/kernel/net/netfilter/nf_conntrack.ko`, error: exit status 1"
Mar 02 07:21:45 stayyadev dockerd[3322]: time="2017-03-02T07:21:45.478151877+01:00" level=info msg="Firewalld running: false"
Mar 02 07:21:45 stayyadev dockerd[3322]: Error starting daemon: Error initializing network controller: error obtaining controller instance: failed to create NAT chain: iptables failed: iptables --wait -t nat -N DOCKER: iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Mar 02 07:21:45 stayyadev dockerd[3322]: Perhaps iptables or your kernel needs to be upgraded.
Mar 02 07:21:45 stayyadev dockerd[3322]: (exit status 3)
Mar 02 07:21:45 stayyadev systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Mar 02 07:21:45 stayyadev systemd[1]: Failed to start Docker Application Container Engine.
Mar 02 07:21:45 stayyadev systemd[1]: Unit docker.service entered failed state.
Mar 02 07:21:45 stayyadev systemd[1]: [/lib/systemd/system/docker.service:24] Unknown lvalue 'Delegate' in section 'Service'

There seem multiple problems: the main problem seems to be the network:

Currently the network interfaces looks like this:

Code:
auto lo
iface lo inet loopback

auto vmbr0
iface vmbr0 inet static
        address x.x.x.x
        netmask 255.255.255.0
        gateway x.x.x.x
        bridge_ports eth0
        bridge_stp off
        bridge_fd 0

Based on this guide i will create a network for the container, but i have no idea if that fixes the docker network problem. Also my question is if it is possible to access the docker container from an lxc container with this config.

The second error message seems to be that "overlay" (i assume overlayFS) is not supported by this kernel. Is it possible to enable this module (e.g. by compiling the module by my self?)
 
We highly recommend to install docker inside a VM.
 
Hi tom, thanks for fast response. Do you mean (K)VM or LXC container? Since the System is already virtualized Server (KVM) it's only possible to create LXC container. Moreover we want to use Portainer for administation of the docker container. There is already another thread with Docker in LXC so i assume it's working. Only the networking and forwarding of serveral services to the real world (from docker to lxc, from lxc to proxmox) make me headache.
 
Yes, I mean a qemu VM.

Running Docker in LXC is not recommended or supported on Proxmox VE (you will run in many issues).
 
did you update your kernel without restarting?
 
seems to be a little bit frustating since i'm not sure how perfomant qemu is (in comparision to an lxc container or the host system). What are the issues that you recommend to install docker inside an vm instead on the host system?
 
Proxmox VE is a platform for LXC and qemu, this is very well supported and tested. And no, qemu is not frustrating, its a lot of fun and very fast.

You can install Docker on Proxmox VE (as its Debian based), but you cannot expect big help here as no-one is using, testing or debug it here.
 
@dcsapak: funny that you are mentioned it, yes
then try again after rebooting, the error you got was probably from mismatching kernel modules (which were not loaded before you upgraded the kernel)
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!