Fedora 31 and Container (Docker-ce, Moby-engine) Start Systemd Problem

Upgraded from Fedora 30 to Fedora 31 via DNF, in previous release works fine… the upgrade was sucessfull…

systemctl status docker.service                                                                                
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/docker.service.d
           └─docker-storage.conf
   Active: failed (Result: exit-code) since Wed 2019-09-25 11:13:09 CEST; 16min ago
     Docs: https://docs.docker.com
  Process: 116527 ExecStart=/usr/bin/dockerd -H fd:// --data-root=/run/media/hhlp/samsung/docker (code=exited, status=1/FAILURE)
 Main PID: 116527 (code=exited, status=1/FAILURE)
      CPU: 137ms

sep 25 11:13:07 dockerd[116527]: failed to start daemon: Devices cgroup isn't mounted
sep 25 11:13:07 systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILURE
sep 25 11:13:07 systemd[1]: docker.service: Failed with result 'exit-code'.
sep 25 11:13:07 systemd[1]: Failed to start Docker Application Container Engine.
sep 25 11:13:09 systemd[1]: docker.service: Service RestartSec=2s expired, scheduling restart.
sep 25 11:13:09 systemd[1]: docker.service: Scheduled restart job, restart counter is at 3.
sep 25 11:13:09 systemd[1]: Stopped Docker Application Container Engine.
sep 25 11:13:09 systemd[1]: docker.service: Start request repeated too quickly.
sep 25 11:13:09 systemd[1]: docker.service: Failed with result 'exit-code'.
sep 25 11:13:09 systemd[1]: Failed to start Docker Application Container Engine.
sudo systemctl start docker                                                           
Job for docker.service failed because the control process exited with error code.
See "systemctl status docker.service" and "journalctl -xe" for details.

-- Subject: A start job for unit docker.socket has begun execution
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- A start job for unit docker.socket has begun execution.
-- 
-- The job identifier is 9699.
sep 25 11:37:03 hhlp systemd[1]: Listening on Docker Socket for the API.
-- Subject: A start job for unit docker.socket has finished successfully
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- A start job for unit docker.socket has finished successfully.
-- 
-- The job identifier is 9699.
sep 25 11:37:03 hhlp systemd[1]: docker.service: Start request repeated too quickly.
sep 25 11:37:03 hhlp systemd[1]: docker.service: Failed with result 'exit-code'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- The unit docker.service has entered the 'failed' state with result 'exit-code'.
sep 25 11:37:03 hhlp systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: A start job for unit docker.service has failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- A start job for unit docker.service has finished with a failure.
-- 
-- The job identifier is 9577 and the job result is failed.
sep 25 11:37:03 hhlp systemd[1]: docker.socket: Failed with result 'service-start-limit-hit'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
-- 
-- The unit docker.socket has entered the 'failed' state with result 'service-start-limit-hit'.

ref: https://github.com/docker/for-linux/issues/792

  1. The Docker repo for fedora 31 is ready:
  1. :fedora: 31 migrate to cgroup1 to cgroup2 version, that is the reason the service doesn’t start sucesfull:

  2. What is cgroup2?

Is a control and maximize resource utilization, A Linux kernel mechanism to group and structure workloads, and control the amount of system resources assigned to each group.

WORKAROUND


  1. open /etc/default/grub as admin
  2. Append value of GRUB_CMDLINE_LINUX with systemd.unified_cgroup_hierarchy=0
    sudo grub2-mkconfig > /boot/efi/EFI/fedora/grub.cfg or
    sudo grub2-mkconfig > /boot/grub2/grub.cfg
  1. reboot

NOTE


You can also switch to Podman, which is compatible with Docker. Also, it supports groupsV2.

Explanation


The major difference between Docker and Podman is that there is no daemon in Podman. It uses container runtimes as well for example runc but the launched containers are direct descendants of the podman process. This kind of architecture has its advantages such as the following:

Applied Cgroups or security constraints still control the container: Whatever cgroup constraints you apply on the podman command, the containers launched will receive those same constraints directly.

Advanced features of systemd can be utilized using this model: This can be done by placing podman into a systemd unit file and hence achieving more.

Ref->:

Regards.,

3 Likes