2024年笔记--centos docker离线安装启动失败
Failed to start Docker Application Container Engine
错误如下:
[root@el70 docker]# systemctl start docker.service
Job for docker.service failed because start of the service was attempted too often. See "systemctl status docker.service" and "journalctl -xe" for details.
To force a start use "systemctl reset-failed docker.service" followed by "systemctl start docker.service" again.
[root@el70 docker]# journalctl -xe
Feb 06 16:15:36 el70 dockerd[2524]: time="2024-02-06T16:15:36.044378290+08:00" level=info msg="[core] [Channel #1] Channel deleted" module=grp
Feb 06 16:15:36 el70 dockerd[2524]: time="2024-02-06T16:15:36.044158542+08:00" level=info msg="stopping event stream following graceful shutdo
Feb 06 16:15:36 el70 dockerd[2524]: time="2024-02-06T16:15:36.044822884+08:00" level=info msg="[core] [Channel #7 SubChannel #8] Subchannel Co
Feb 06 16:15:36 el70 dockerd[2524]: time="2024-02-06T16:15:36.044928467+08:00" level=info msg="[core] [Channel #7] Channel Connectivity change
Feb 06 16:15:37 el70 dockerd[2524]: failed to start daemon: Error initializing network controller: Error creating default "bridge" network: Fa
Feb 06 16:15:37 el70 systemd[1]: docker.service: main process exited, code=exited, status=1/FAILURE
Feb 06 16:15:37 el70 systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has failed.
--
-- The result is failed.
Feb 06 16:15:37 el70 systemd[1]: Unit docker.service entered failed state.
Feb 06 16:15:37 el70 systemd[1]: docker.service failed.
Feb 06 16:15:37 el70 systemd[1]: docker.service holdoff time over, scheduling restart.
Feb 06 16:15:37 el70 systemd[1]: Stopped Docker Application Container Engine.
-- Subject: Unit docker.service has finished shutting down
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- Unit docker.service has finished shutting down.
Feb 06 16:15:37 el70 systemd[1]: start request repeated too quickly for docker.service
Feb 06 16:15:37 el70 systemd[1]: Failed to start Docker Application Container Engine.
-- Subject: Unit docker.service has failed
-- Defined-By: systemd
-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
解决分析过程:
再打开一个ssh连接窗口,执行命令tail -200f /var/log/messages
然后在原窗口中执行 systemctl start docker 观察新窗口中的日志。
我这里看到的有关错误日志内容如下:
Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: INVALID_TYPE: structure size mismatch 16 != 13
Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: COMMAND_FAILED: '/sbin/iptables -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables v1.4.21: Couldn't load target `DOCKER-ISOLATION':No such file or directory
Try `iptables -h' or 'iptables --help' for more information.
Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: COMMAND_FAILED: '/sbin/iptables -t nat -D PREROUTING -m addrtype --dst-type LOCAL -j DOCKER' failed: iptables: No chain/target/match by that name.
Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: COMMAND_FAILED: '/sbin/iptables -t nat -D OUTPUT -m addrtype --dst-type LOCAL ! --dst 127.0.0.0/8 -j DOCKER' failed: iptables: No chain/target/match by that name.
然后我尝试:
[root@el70 docker]# service iptables stop
Redirecting to /bin/systemctl stop iptables.service
Failed to stop iptables.service: Unit iptables.service not loaded.
原来这个服务不存在,因为我的环境不需要防火墙,因此,我直接执行service firewalld stop 将防火墙关闭。
再次systemctl start docker 启动正常。
---------------------------------
其他错误,修改/etc/docker/daemon.json后,重启docker失败
启动失败,错误为:Feb 6 16:37:34 el70 systemd: Starting Docker Application Container Engine...
Feb 6 16:37:34 el70 dockerd: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: insecure-registries: (from flag: [127.0.0.1], from file: [xx.xx.xx.xx:8080])
原因:
因为修改了/etc/docker/daemon.json 内容为如下
{
"insecure-registries":["xx.xx.xx.xx:8080"]
}
而/etc/systemd/system/docker.service 中也配置了ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=xx.xx.xx.xx:8080
将ExecStart这一行修改为:
ExecStart=/usr/bin/dockerd --selinux-enabled=false
然后systemctl daemon-reload ,再次 systemctl start docker即可启动
----------
其他错误2:
Feb 6 17:12:34 el70 dockerd: time="2024-02-06T17:12:34.353598727+08:00" level=error msg="Download failed after 1 attempts: error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: \"<html><body><h1>408 Request Time-out</h1>\\nYour browser didn't send a complete request in time.\\n</body></html>
解决方法:
修改配置文件 /etc/docker/daemon.json 增加
"registry-mirrors": ["http://hub-mirror.c.163.com"]
修改后的全内容为:
{
"insecure-registries":["xx.xx.xx.xx:8080"],
"registry-mirrors": ["http://hub-mirror.c.163.com"]
}
然后重启docker服务,有时候失败了要先执行一下systemctl reset-failed docker.service 清理掉失败状态。再进行systemctl start docker尝试。
参考文章:
Docker启动失败报错Failed to start Docker Application Container Engine的解决办法_docker_脚本之家