I'm working through the official Docker CE (version 18.03.1-ce, build 9ee9f40) tutorial on Ubuntu 17.10, and I'm having problems running services as described here. The service won't start, but Docker won't tell me why.
When I start the service, this is what happens:
$ docker stack deploy -c ./docker-compose.yml compose-example
Creating network compose-example_webnet
Creating service compose-example_web
$
No errors are returned, the exit status is 0, and nothing looks unusual. However, when getting info about the stack...
$ docker stack ps compose-example
ID NAME IMAGE NODE DESIRED STATE CURRENT STATE ERROR PORTS
cc01b85bh1si compose-example_web.1 jessetg/example:2.1 jesse-ubuntu Ready Rejected 3 seconds ago "container ingress-sbox is alr…"
z0hleui2rnai \_ compose-example_web.1 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 18 seconds ago "container ingress-sbox is alr…"
w47ajzunn7it \_ compose-example_web.1 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 43 seconds ago "container ingress-sbox is alr…"
yca0lx87oasq \_ compose-example_web.1 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 53 seconds ago "container ingress-sbox is alr…"
uvpvaperhcek \_ compose-example_web.1 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected about a minute ago "container ingress-sbox is alr…"
qgfvmdrysirb compose-example_web.2 jessetg/example:2.1 jesse-ubuntu Ready Rejected 3 seconds ago "container ingress-sbox is alr…"
zgek1ga179a9 \_ compose-example_web.2 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 18 seconds ago "container ingress-sbox is alr…"
ybuzkik6rqqn \_ compose-example_web.2 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 48 seconds ago "container ingress-sbox is alr…"
yx71seu5cxzx \_ compose-example_web.2 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected about a minute ago "container ingress-sbox is alr…"
yrdlrc5jwdyu \_ compose-example_web.2 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected about a minute ago "container ingress-sbox is alr…"
yuoegbfvo190 compose-example_web.3 jessetg/example:2.1 jesse-ubuntu Ready Rejected 3 seconds ago "container ingress-sbox is alr…"
zqft052r2len \_ compose-example_web.3 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 28 seconds ago "container ingress-sbox is alr…"
zbpjg0yqrhon \_ compose-example_web.3 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 53 seconds ago "container ingress-sbox is alr…"
y4cj9qlrlvkn \_ compose-example_web.3 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 58 seconds ago "container ingress-sbox is alr…"
x3yljiu07mkq \_ compose-example_web.3 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected about a minute ago "container ingress-sbox is alr…"
nibomw8zsx6y compose-example_web.4 jessetg/example:2.1 jesse-ubuntu Ready Rejected 3 seconds ago "container ingress-sbox is alr…"
we2uwo0gaka8 \_ compose-example_web.4 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 13 seconds ago "container ingress-sbox is alr…"
y5gs1uooes2b \_ compose-example_web.4 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 38 seconds ago "container ingress-sbox is alr…"
w1dozapp04pv \_ compose-example_web.4 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected 48 seconds ago "container ingress-sbox is alr…"
wc9weak6gzfi \_ compose-example_web.4 jessetg/example:2.1 jesse-ubuntu Shutdown Rejected about a minute ago "container ingress-sbox is alr…"
$
The CURRENT STATE column is filled entirely with rejections. The truncated errors all say "container ingress-sbox is already present in sandbox ingress_sbox". Listing the individual containers looks like this:
$ docker container ls -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
3c42933ddabe jessetg/example:2.1 "python3 app.py" About a minute ago Created compose-example_web.4.b6r18eot53o23afx2csl0dnqi
59f6073c3ebd jessetg/example:2.1 "python3 app.py" 12 minutes ago Created compose-example_web.2.hi2m5am7dsf6rumecr69kxv3t
$
However, running the container alone (i.e. not in a swarm or a stack) works exactly as expected.
Dockerfile# Use an official Python runtime as a parent image
FROM python:3.6-slim
# Set the working directory to /app
WORKDIR /app
# Copy the current directory contents into the container at /app
ADD . /app
# Install any needed packages specified in requirements.txt
RUN pip3 install --trusted-host pypi.python.org -r requirements.txt
# Make port 80 available to the world outside this container
EXPOSE 80
# Define environment variable
ENV NAME World
# Run app.py when the container launches
CMD ["python3", "app.py"]
docker-compose.ymlversion: "3"
services:
web:
image: jessetg/example:2.1
deploy:
replicas: 4
resources:
limits:
cpus: "0.1"
memory: 64M
restart_policy:
condition: on-failure
ports:
- "80:4001"
networks:
- webnet
networks:
webnet:
app.py#!/usr/bin/env python3
from flask import Flask
from redis import Redis, RedisError
import os
import socket
# Connect to Redis
redis = Redis(host="redis", db=0, socket_connect_timeout=2, socket_timeout=2)
app = Flask(__name__)
@app.route("/")
def hello():
try:
visits = redis.incr("counter")
except RedisError:
visits = "<i>cannot connect to Redis, counter disabled</i>"
html = "<h3>Hello {name}!</h3>" \
"<b>Hostname:</b> {hostname}<br/>" \
"<b>Visits:</b> {visits}"
return html.format(name=os.getenv("NAME", "world"), hostname=socket.gethostname(), visits=visits)
if __name__ == "__main__":
app.run(host='0.0.0.0', port=80)
When you get an error about creating a network like the one you're experiencing, "container ingress-sbox is already present in sandbox ingress_sbox", it's worth checking your Linux kernel.
Things to look out for on the kernel side include:
In the case of a mismatch, a reboot will usually get you running your newly installed kernel package, which means you'll actually be able to load the necessary modules.
In the case that the kernel you are running simply has the feature disabled entirely, you may need to switch to a different kernel altogether.