Tag: Linux

Install docker on Ubuntu 14.04

If you want to play docker on Ubuntu 14.04, please pay attention to the installation instruction: it is “apt-get install docker.io“, not “apt-get install docker“. You can find the difference between them by following command:

# apt-cache search docker
......
docker - System tray for KDE3/GNOME2 docklet applications
......
docker.io - Linux container runtime
......

OK! Since you have set up docker successfully, you can check its process now:

# ps -ef | grep docker
root       4715      1  0 13:22 ?        00:00:00 /usr/bin/docker -d
root       4857   4691  0 13:50 pts/0    00:00:00 grep --color=auto docker
# pstree -ps 4715
init(1)───docker(4715)─┬─{docker}(4717)
                       ├─{docker}(4722)
                       ├─{docker}(4723)
                       ├─{docker}(4724)
                       ├─{docker}(4734)
                       ├─{docker}(4754)
                       ├─{docker}(4762)
                       ├─{docker}(4769)
                       └─{docker}(4793)

You can use “service start docker” and “service stop docker” to start and stop docker daemon.

If your host runs behind proxy, you may meet problems when pulling image:

# docker run hell-world
Unable to find image 'hell-world:latest' locally
Pulling repository hell-world
FATA[0005] Get https://index.docker.io/v1/repositories/library/hell-world/images: x509: certificate is valid for FG3K6C3A15800021, not index.docker.io

The solution is add proxy configurations in /etc/default/docker:

......
# If you need Docker to use an HTTP proxy, it can also be specified here.
export http_proxy="http://web-proxy.corp.xxxxxx.com:8080/"
export https_proxy="https://web-proxy.corp.xxxxxx.com:8080/"
......

Then you can download images successfully:

# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from hello-world
d59cd4c39e50: Pull complete
f1d956dc5945: Pull complete
Digest: sha256:4f32210e234b4ad5cac92efacc0a3d602b02476c754f13d517e1ada048e5a8ba
Status: Downloaded newer image for hello-world:latest

Hello from Docker.
This message shows that your installation appears to be working correctly.
......

Now that all the preparations are ready, please enjoy playing docker!

 

Fix “ORA-03114: not connected to ORACLE” error

I utilize docker-oracle12c to run Oracle in docker, and bind specified CPU and memory:

docker run -d -it --cpuset-cpus=xx-xx,xx-xxx  --cpuset-mems=x,x ...

All containers run OK but one Oracle database is always created failed, and the error log is:

ORA-03114: not connected to ORACLE

After tough debugging, the reason is the memory on specified NUMA node is not enough:

# numactl -H
......
node 2 size: 786432 MB
node 2 free: xxxxx MB

node 3 size: 786432 MB
node 3 free: xxxxx MB

The solution is disable HugePages temporarily:

# cat /etc/sysctl.conf
......
vm.nr_hugepages=0
......
# sysctl -p

After creating database, enable HugePages again:

# cat /etc/sysctl.conf
......
vm.nr_hugepages=xxxxxx
......
# sysctl -p

 

Upgrade Linux kernel on RHEL 7

My OS is RHEL 7.2 (minimal installation version). To use some new kernel features (such as BPF), I need to upgrade kernel to 4.x.

(1) Register the system and apply a subscription:

# subscription-manager register --username <username> --password <password> --auto-attach

(2) Use yum install to install the following software packages:

openssl-devel
ncurses-devel
bc
gcc
perl

BTW, when executing yum install perl, it prompts errors, so I download the source code from perl official website, and build it form scratch:

./configure.gnu
make 
make test
make install

(3) Download the stable kernel from kernel.org and extract it, then build it:

make menuconfig
make 
make modules_install install

According to your requirement, maybe installing the header files is also need:

make INSTALL_HDR_PATH=/usr/local headers_install

(4) Reboot system, and select right kernel on boot time, enjoy it:

# uname -a
Linux localhost.localdomain 4.5.0 #1 SMP Mon Apr 11 09:56:46 EDT 2016 x86_64 x86_64 x86_64 GNU/Linux

 

How to count the line number of a file?

How to count the line number of a file? It seems an easy question for Unix guys: using wc command. Let’s see an example:

# cat test
aaaa
bbbb
cccc
# wc -l test
3 test

It displays right. But wait a minute, let’s check the wc -l option meaning:

# wc --help
......
-l, --lines            print the newline counts
......

wc -l just print the newline counts, so it increases newline count as the line number. Using hexdump to see the content of test:

# hexdump -C test
00000000  61 61 61 61 0a 62 62 62  62 0a 63 63 63 63 0a     |aaaa.bbbb.cccc.|
0000000f

No problem, test contains 3 newlines. But now, the question is here, how about the last line doesn’t contain newline?

Let me do the following experiment:

# echo -n "a" > test
# hexdump -C test
00000000  61                                                |a|
00000001
# wc -l test
0 test

Now the test file only contains 1 character, and no newline. This time, wc -l thinks there is no line in test file.

Based on the previous discussion, maybe awk is a better tool when using to count line number of file. Just one statement:

# awk 'END {print NR}' test
1

It outputs right line number.

SELinux cause “Permission denied” issue in using docker

I am using docker on RHEL 7. After mounting host directory into container, some interesting things happen: Although I am a root user, and seem to have all permissions, but the system will prompt “Permission denied” when executing commands:

# docker run -v /root:/test --rm -it debian ls /test
ls: cannot open directory /test: Permission denied

Through tough investigations, I find the root cause is about SELinux:

# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /sys/fs/selinux
SELinux root directory:         /etc/selinux
Loaded policy name:             targeted
Current mode:                   enforcing
Mode from config file:          enforcing
Policy MLS status:              enabled
Policy deny_unknown status:     allowed
Max kernel policy version:      28

The current mode of SELinux is enforcing, and I get 2 solutions to resolve it now:

(1)

Add --privileged option in docker run command:

# docker run --privileged -v /root:/test --rm -it debian ls /test
Desktop    Pictures   anaconda-ks.cfg       linuxamd64_12102_database_1of2.zip
Documents  Public     database              linuxamd64_12102_database_2of2.zip
Downloads  Templates  docker-oracle12c      sysdig
Music      Videos     initial-setup-ks.cfg

(2)

Set SELinux mode as permissive:

# setenforce 0
# docker run -v /root:/test --rm -it debian ls /test
Desktop    Downloads  Pictures  Templates  anaconda-ks.cfg  docker-oracle12c      linuxamd64_12102_database_1of2.zip  sysdig
Documents  Music      Public    Videos     database         initial-setup-ks.cfg  linuxamd64_12102_database_2of2.zip

References:
Why does docker prompt “Permission denied” when backing up the data volume?;
Why does docker container prompt “Permission denied”?.