Re: [atomic-devel] New-lines in /etc/sysconfig/docker cause docker daemon to break. Env bug in our systemd file?

[Matt Micene <nzwulfin gmail com>]

Charlie,

You can use a systemd drop-in file to override the distro systemd unit file in /usr/lib.

If you're working on a new provisioner, like the one for CoreOS, it looks like you could use 'engineConfigTmpl' to manage the drop-in.  Those look better formed, for one, and it would provide you more control over trying to work around something that's stuffing new lines into ENV variables.

Cheers,

- Matt M

On Tue, Mar 15, 2016 at 12:20 PM, Charlie Drage <cdrage redhat com> wrote:

(this is for Fedora 22 and above of Atomic Host and CentOS 7)

Modifying params within /etc/sysconfig/docker to params with new lines
cause the Docker daemon to break.

For example:

SystemD file:

[Unit]
Description=Docker Application Container Engine
Documentation=http://docs.docker.com
After=network.target
Wants=docker-storage-setup.service

[Service]
Type=notify
EnvironmentFile=-/etc/sysconfig/docker
EnvironmentFile=-/etc/sysconfig/docker-storage
EnvironmentFile=-/etc/sysconfig/docker-network
Environment=GOTRACEBACK=crash
ExecStart=/usr/bin/docker -d $DOCKER_OPTIONS
LimitNOFILE=1048576
LimitNPROC=1048576
LimitCORE=infinity
MountFlags=slave

[Install]
WantedBy=multi-user.target

/etc/sysconfig/docker file:
DOCKER_OPTIONS='-H tcp://0.0.0.0:2376
-H unix:///var/run/docker.sock
--storage-driver overlay
--tlsverify
--tlscacert /etc/docker/ca.pem
--tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=generic'


SystemD status:
[centos cloud ~]$ sudo systemctl status docker
docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled)
  Drop-In: /usr/lib/systemd/system/docker.service.d
           └─flannel.conf
   Active: failed (Result: exit-code) since Tue 2016-03-15 16:05:16 UTC; 11s ago
     Docs: http://docs.docker.com
  Process: 4251 ExecStart=/usr/bin/docker -d $DOCKER_OPTIONS (code=exited, status=1/FAILURE)
 Main PID: 4251 (code=exited, status=1/FAILURE)

Mar 15 16:05:16 test systemd[1]: Starting Docker Application Container Engine...
Mar 15 16:05:16 test docker[4251]: time="2016-03-15T16:05:16.467507082Z" level=info msg="Listening for HTTP on unix (....sock)"
Mar 15 16:05:16 test docker[4251]: time="2016-03-15T16:05:16.502458296Z" level=error msg="WARNING: No --storage-opt d...on use"
Mar 15 16:05:16 test docker[4251]: time="2016-03-15T16:05:16.607528181Z" level=fatal msg="Error starting daemon: erro...IVER>)"
Mar 15 16:05:16 test systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Mar 15 16:05:16 test systemd[1]: Failed to start Docker Application Container Engine.
Mar 15 16:05:16 test systemd[1]: Unit docker.service entered failed state.
Hint: Some lines were ellipsized, use -l to show in full.


Now... Using:

DOCKER_OPTIONS='-H tcp://0.0.0.0:2376 -H unix:///var/run/docker.sock --storage-driver overlay --tlsverify -tlscacert /etc/docker/ca.pem --tlscert /etc/docker/server.pem --tlskey /etc/docker/server-key.pem --label provider=generic'

Works perfectly fine.

I want to bring this to atomic-devel's attention since I don't know if there is something that we can improve on our end (put env variables in curly braces when specifying them in systemd? ex. ${OPTIONS}). Since /usr/lib/ is managed by rpm-ostree.

The reason for bringing this up is since I'm working on a generic driver for atomic hosts upstream on docker-machine. Seems that the generic driver they have for rhel-based OS' over there uses this type of param output :)

Another thing to note is that docker-machine and docker's recommended env variable is DOCKER_OPTS rather than what we have (I think $OPTIONS within systemd for our first line?)

--

Charlie Drage
Red Hat - OSAS Team / Project Atomic
4096R / 0x9B3B446C
http://pgp.mit.edu/pks/lookup?op=get&search=0x622CDF119B3B446C