[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Building Docker images of GuixSD
From: |
Christopher Baines |
Subject: |
Re: Building Docker images of GuixSD |
Date: |
Mon, 27 Nov 2017 22:13:25 +0000 |
User-agent: |
mu4e 0.9.18; emacs 25.3.1 |
Chris Marusich writes:
> Hi Ludo and others following along,
...
> Thanks for reading this far. I look forward to hearing your thoughts!
Awesome stuff Chris, I've tried this myself, on a Debian machine with
Docker installed.
I struggled getting root, as su and sudo didn't seem to work, until I
realised I could just replace alice with root in the "docker exec"
command...
Anyway, when I got root, I could tell that the system hadn't come up
correctly. The problem seemed to be related to cgroups.
address@hidden /# mount -t cgroup /sys/fs/cgroup/cpu
mount: /sys/fs/cgroup/cpu: cgroup already mounted on
/sys/fs/cgroup/systemd.
address@hidden /# herd status
Started:
+ file-system-/sys/fs/cgroup/perf_event
+ file-system-/dev/shm
+ host-name
+ root
+ file-system-/sys/fs/cgroup
+ file-system-/sys/fs/cgroup/cpuset
+ file-system-/dev/pts
+ user-file-systems
+ root-file-system
+ file-system-/gnu/store
+ file-system-/sys/fs/cgroup/freezer
+ file-system-/sys/fs/cgroup/memory
+ file-system-/sys/fs/cgroup/devices
+ file-system-/sys/fs/cgroup/blkio
Stopped:
- file-system-/sys/fs/cgroup/hugetlb
- file-system-/sys/fs/cgroup/cpuacct
- file-system-/sys/fs/cgroup/cpu
- guix-daemon
- file-systems
- syslogd
- urandom-seed
- nscd
- user-homes
- user-processes
address@hidden /# herd start guix-daemon
herd: exception caught while executing 'start' on service
'file-system-/sys/fs/cgroup/cpu':
ERROR: In procedure mount: mount "cgroup" on "///sys/fs/cgroup/cpu": Device
or resource busy
I changed the %base-file-systems in the very-bare-bones system with
%container-file-systems, and then things started working.
I tried without privileged mode, and got a error related to the firmware
service. This isn't included when you build call
operating-system-derivation with the #:container? #t argument, and sure
enough I was able to get the system up without the Docker --privileged
flag. I think Ludo mentioned this in his reply.
Unfortunately, while I could get a shell using "docker exec ...", I had
to start the guix-daemon manually as the shepherd service didn't seem to
work, at least initially. Also, when I had started it, I tried
installing a package, and there was some promising output to start off
with, but then it failed with:
guix package: error: build failed: cloning builder process: Operation
not permitted
Anyway, this is all pretty great! Awesome work getting this far. I'm
very excited to see what services will run this way, as Docker could
provide, albeit with some overhead, a layer of interoperability between
software that can handle Docker containers, and Guix.
Thanks again,
Chris
signature.asc
Description: PGP signature