Since upgrading to F35 I’ve found that the docker daemon won’t start.
journalctl -xeu docker.service produces the following:
Dec 10 20:34:45 picard systemd[1]: Stopped Docker Application Container Engine.
░░ Subject: A stop job for unit docker.service has finished
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A stop job for unit docker.service has finished.
░░
░░ The job identifier is 891766 and the job result is done.
Dec 10 20:34:45 picard systemd[1]: docker.service: Start request repeated too q>
Dec 10 20:34:45 picard systemd[1]: docker.service: Failed with result 'exit-cod>
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ The unit docker.service has entered the 'failed' state with result 'exit-cod>
Dec 10 20:34:45 picard systemd[1]: Failed to start Docker Application Container>
░░ Subject: A start job for unit docker.service has failed
░░ Defined-By: systemd
░░ Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
░░
░░ A start job for unit docker.service has finished with a failure.
░░
░░ The job identifier is 891766 and the job result is failed.
When I start docker manually from the CLI by simply typing dockerd with no arguments, it works. But in /usr/lib/systemd/system/docker.service I see that systemd is starting docker with /usr/bin/dockerd --host=fd:// --exec-opt native.cgroupdriver=systemd $OPTIONS. And I found that /usr/bin/dockerd --host=fd:// produces the following output:
INFO[2021-12-10T20:37:43.619764372-05:00] Starting up
failed to load listeners: no sockets found via socket activation: make sure the service was started by systemd
So it seems that the option --host=fd:// specified in docker.service might be triggering the problem somehow. But I’m not sure what this option does. Have others run into this problem?
I didn’t see that. It answers the question of what --host=fd:// is supposed to do. But I’m still not sure why Docker won’t run when started by systemd.
Is there a way to get Docker (or any other systemd service, for that matter) to produce more helpful error messages than the simple “Failed with result ‘exit-code’”?
I added --debug to the OPTIONS variable in /etc/sysconfig/docker. But even with that, I see no additional information in the output. I’ve seen this with other programs too. It seems that systemctl and/or journald are dropping most of the log messages. Is there an option for systemctl/journald to address this?
It doesn’t look like an selinux issue to me. I haven’t gotten any alerts from setroubleshoot, and if I put selinux in non-enforcing mode with setenforce 0 and then try to start dockerd I get the same output from systemctl status docker and journalctl -xeu docker.
I found this Fedora Magazine article which says you need to remove the systemd.unified_cgroup_hierarchy=0 kernel workaround which was required on earlier versions of Fedora:
I uninstalled moby-engine and installed docker-ce according to the instructions at Install Docker Engine on Fedora. Weird that the third party docker-ce package works when the moby-engine package from the Fedora repos won’t even start, but at least I can use Docker again. Thanks @ilikelinux for your help in troubleshooting this!