13

I tried to deploy a stack (contains one service) with docker stack deploy command and run 2 instance from my application on swarm! here is my docker-compose file:

version: "3"
services:
  server:
    image: makbn/thumbnailer-server:v1
    deploy:
      replicas: 2
      update_config:
        parallelism: 2
      resources:
        limits:
          cpus: "0.1"
          memory: 1024M
      restart_policy:
        condition: on-failure
    ports:
      - 8080:8080
    networks: 
      - server_network
networks: 
  server_network:

After running sudo docker stack deploy -c ./docker-compose.yml ts command, My stack successfully deployed to swarm, But here is my docker stack ps ts output:

ID                  NAME                IMAGE                         NODE                DESIRED STATE       CURRENT STATE             ERROR                              PORTS
8zmjp6wt47ki        ts_server.1         makbn/thumbnailer-server:v1   fanap9-lp           Ready               Rejected 2 seconds ago    "mkdir /var/lib/docker: permis…"   
88vizpnabbi8         \_ ts_server.1     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 7 seconds ago    "mkdir /var/lib/docker: permis…"   
609hl7hy7tnu         \_ ts_server.1     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 12 seconds ago   "mkdir /var/lib/docker: permis…"   
gif8fvbgdhpy         \_ ts_server.1     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 17 seconds ago   "mkdir /var/lib/docker: permis…"   
x60x9c6albe5         \_ ts_server.1     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 22 seconds ago   "mkdir /var/lib/docker: permis…"   
ugvbw1gpdp8e        ts_server.2         makbn/thumbnailer-server:v1   fanap9-lp           Ready               Rejected 2 seconds ago    "mkdir /var/lib/docker: permis…"   
p34x1kp55ch8         \_ ts_server.2     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 7 seconds ago    "mkdir /var/lib/docker: permis…"   
3exxflukrl4y         \_ ts_server.2     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 12 seconds ago   "mkdir /var/lib/docker: permis…"   
ud83xfj5nefj         \_ ts_server.2     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 17 seconds ago   "mkdir /var/lib/docker: permis…"   
ws35na8up793         \_ ts_server.2     makbn/thumbnailer-server:v1   fanap9-lp           Shutdown            Rejected 22 seconds ago   "mkdir /var/lib/docker: permis…"

And the full error message is mkdir /var/lib/docker: permission denied

And the other problem is when i tried to create stack with docker service create command services deployed and running successfully but i cant access to the service from my localhost! i have 2 questions:

  1. what is the problem with deploy stack from compose file and why i get mkdir /var/lib/docker: permission denied error?
  2. how to configure my service networke k to accessible from host?
Mehdi Akbarian Rastaghi
  • 485
  • 6
  • 26

2 Answers2

11

(Note: only relevant to users who may have installed docker via snap)

I experienced this issue because I had snap installed docker, which meant that docker-compose was confused about my docker installation. The /var/lib/docker was giving file permission errors because my system was actually using docker at /snap/bin/docker

To check whether this is the case for you, you can run which docker. If it returns /usr/bin/docker, you've done the normal app install. If it returns something at the path /snap/ that means you've installed from the snap docker package (which is no longer maintained. Ref: https://github.com/docker/docker-snap)

To fix the issue, I first uninstalled the snap docker install using snap remove docker and then installed it through the docker setup instructions at https://docs.docker.com/install/linux/docker-ce/ubuntu/#docker-ee-customers. Once I did that, I could deploy stacks without issue.

I can't remember where the idea came into my head to snap install docker instead, but installing by setting up repositories and then running sudo apt install docker.io seems to be the way to go.

Robert Townley
  • 3,414
  • 3
  • 28
  • 54
  • @dios231 please check this answer and let me know if solved your problem! I changed my os and can't confirm this answer right now – Mehdi Akbarian Rastaghi Nov 30 '18 at 20:22
  • I took a similar approach, but for Docker CE, on Ubuntu 16.04 LTS x86_64. I noticed that the "type" command only indicated snap for docker-compose, but not for docker. I installed from a package instead of repository, described here: https://docs.docker.com/install/linux/docker-ce/ubuntu/#install-from-a-package. I also changed version entry in docker-compose.yml to 3.7 before doing a new build. It then worked fine! docker-compose must be installed separately, see https://docs.docker.com/compose/install, and run sudo chmod a+rx /usr/local/bin/docker-compose afterwards! – Rein May 07 '19 at 18:38
0

I was troubleshooting this issue for a few hours earlier where the containers would display as being rejected and shutdown due to the same Permission Denied error. I also had the same context of being able to manually create+scale a service but not being able to achieve the same results with my .yml.

Following the getting started guide, in their docker-compose.yml example they use version: "3" but do not go on to say that's supposed to match your corresponding Compose File Format number. My number ended up being "3.7" based on the version of Docker I installed and after I changed it in docker-compose.yml accordingly my containers were able to replicate as intended via docker stack deploy -c docker-compose.yml some-name.

Compose File Format (CFF) : Docker Engine Release (DCR) 

CFF     DCR
3.7     18.06.0+
3.6     18.02.0+
3.5     17.12.0+
3.4     17.09.0+
3.3     17.06.0+
3.2     17.04.0+
3.1     1.13.1+
3.0     1.13.0+
2.4     17.12.0+
2.3     17.06.0+
2.2     1.13.0+
2.1     1.12.0+
2.0     1.10.0+
1.0     1.9.1.+

Reference doc available (here)

Example of Invalid to Valid Change

# From the Example
version: "3"
services:
  web:
    image: username/repo:tag

# What's actually required (in my case, because I'm using docker version 18.09.2)
version: "3.7"
services:
  web:
    image: username/repo:tag

Results After Change

owner@test_server:~/myyml$ docker service ls
ID                  NAME                MODE                REPLICAS            IMAGE                               PORTS
baxip2g6xgzy        first-swarm_web     replicated          5/5                 [username]/getting-started:my-serv   *:4000->80/tcp

owner@test_server:~/myyml$ docker service ps first-swarm_web
ID                  NAME                IMAGE                               NODE                DESIRED STATE       CURRENT STATE            ERROR               PORTS
ss6jn07htkhp        first-swarm_web.1   [username]/getting-started:my-serv   test_server         Running             Running 37 minutes ago                       
n5eael5ae3jl        first-swarm_web.2   [username]/getting-started:my-serv   test_server         Running             Running 37 minutes ago                       
kzb3l1hzdpet        first-swarm_web.3   [username]/getting-started:my-serv   test_server         Running             Running 37 minutes ago                       
6ijgoebvhhdg        first-swarm_web.4   [username]/getting-started:my-serv   test_server         Running             Running 37 minutes ago                       
h0mbz1fp1id6        first-swarm_web.5   [username]/getting-started:my-serv   test_server         Running             Running 37 minutes ago
sanigirl
  • 433
  • 3
  • 19