安装#

在安装docker-rootless时，输出如下

1
➜  ~ dockerd-rootless-setuptool.sh install
2
[INFO] Creating /home/lolli/.config/systemd/user/docker.service
3
[INFO] starting systemd service docker.service
4
+ systemctl --user start docker.service
5
+ sleep 3
6
+ systemctl --user --no-pager --full status docker.service
7
● docker.service - Docker Application Container Engine (Rootless)
8
   Loaded: loaded (/home/lolli/.config/systemd/user/docker.service; disabled; vendor preset: enabled)
9
   Active: activating (auto-restart) (Result: exit-code) since Fri 2022-05-27 07:09:54 EDT; 919ms ago
10
     Docs: https://docs.docker.com/go/rootless/
11
  Process: 7211 ExecStart=/usr/bin/dockerd-rootless.sh (code=exited, status=1/FAILURE)
12
 Main PID: 7211 (code=exited, status=1/FAILURE)
13
+ set +x
14
[ERROR] Failed to start docker.service. Run `journalctl -n 20 --no-pager --user --unit docker.service` to show the error log.
15
[ERROR] Before retrying installation, you might need to uninstall the current setup: `/usr/bin/dockerd-rootless-setuptool.sh uninstall -f ; /usr/bin/rootlesskit rm -rf /home/lolli/.local/share/docker`
16
No journal files were opened due to insufficient permissions.

使用journalctl命令检查，发现无输出
随后检查docker.sevice

1
➜  ~ cat .config/systemd/user/docker.service
2
[Unit]
3
Description=Docker Application Container Engine (Rootless)
4
Documentation=https://docs.docker.com/go/rootless/
5

6
[Service]
7
Environment=PATH=/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/bin:/bin:/usr/games:/usr/local/go/bin
8
ExecStart=/usr/bin/dockerd-rootless.sh
9
ExecReload=/bin/kill -s HUP $MAINPID
10
TimeoutSec=0
11
RestartSec=2
12
Restart=always
13
StartLimitBurst=3
14
StartLimitInterval=60s
15
LimitNOFILE=infinity
16
LimitNPROC=infinity
17
LimitCORE=infinity
18
TasksMax=infinity
19
Delegate=yes
20
Type=simple
21
KillMode=mixed
22

23
[Install]
24
WantedBy=default.target

发现是由/usr/bin/dockerd-rootless.sh启动的，随后执行，输出如下

1
➜  ~ /usr/bin/dockerd-rootless.sh
2
+ [ -w /run/user/1000 ]
3
+ [ -d /home/lolli ]
4
+ rootlesskit=
5
+ command -v docker-rootlesskit
6
+ command -v rootlesskit
7
+ rootlesskit=rootlesskit
8
+ break
9
+ [ -z rootlesskit ]
10
+ :
11
+ :
12
+ : builtin
13
+ : auto
14
+ : auto
15
+ net=
16
+ mtu=
17
+ [ -z  ]
18
+ command -v slirp4netns
19
+ slirp4netns --help
20
+ [ -z  ]
21
+ command -v vpnkit
22
+ echo Either slirp4netns (>= v0.4.0) or vpnkit needs to be installed
23
Either slirp4netns (>= v0.4.0) or vpnkit needs to be installed
24
+ exit 1

找到了关键问题

1
+ slirp4netns --help
2
+ [ -z  ]
3
+ command -v vpnkit
4
+ echo Either slirp4netns (>= v0.4.0) or vpnkit needs to be installed
5
Either slirp4netns (>= v0.4.0) or vpnkit needs to be installed
6
+ exit 1

随后尝试

1
➜  ~ sudo apt install slirp4netns
2
Reading package lists... Done
3
Building dependency tree
4
Reading state information... Done
5
The following NEW packages will be installed:
6
  slirp4netns
7
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
8
Need to get 44.8 kB of archives.
9
After this operation, 105 kB of additional disk space will be used.
10
Get:1 http://mirrors.tuna.tsinghua.edu.cn/debian buster/main amd64 slirp4netns amd64 0.2.3-1 [44.8 kB]
11
Fetched 44.8 kB in 1s (49.4 kB/s)
12
Selecting previously unselected package slirp4netns.
13
(Reading database ... 34855 files and directories currently installed.)
14
Preparing to unpack .../slirp4netns_0.2.3-1_amd64.deb ...
15
Unpacking slirp4netns (0.2.3-1) ...
16
Setting up slirp4netns (0.2.3-1) ...
17
Processing triggers for man-db (2.8.5-2) ...

但是安装的是v0.2.3-1，不符合版本要求，卸载了刚安装的旧版本。

随后在GitHub找到了二进制

前去下载后，chmod +x slirp4netns，再放入/usr/bin

卸载刚刚未完成安装的残留

1
➜  ~ /usr/bin/dockerd-rootless-setuptool.sh uninstall -f ; /usr/bin/rootlesskit rm -rf /home/lolli/.local/share/docker
2
+ systemctl --user stop docker.service
3
+ systemctl --user disable docker.service
4
[INFO] Uninstalled docker.service
5
[INFO] This uninstallation tool does NOT remove Docker binaries and data.
6
[INFO] To remove data, run: `/usr/bin/rootlesskit rm -rf /home/lolli/.local/share/docker`

随后再次尝试安装

1
➜  ~ dockerd-rootless-setuptool.sh install
2
[INFO] Creating /home/lolli/.config/systemd/user/docker.service
3
[INFO] starting systemd service docker.service
4
+ systemctl --user start docker.service
5
+ sleep 3
6
+ systemctl --user --no-pager --full status docker.service
7
● docker.service - Docker Application Container Engine (Rootless)
8
   Loaded: loaded (/home/lolli/.config/systemd/user/docker.service; disabled; vendor preset: enabled)
9
   Active: active (running) since Fri 2022-05-27 07:11:10 EDT; 3s ago
10
     Docs: https://docs.docker.com/go/rootless/
11
 Main PID: 7519 (rootlesskit)
12
   CGroup: /user.slice/user-1000.slice/[email protected]/docker.service
13
           ├─7519 rootlesskit --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --disable-host-loopback --port-driver=builtin --copy-up=/etc --copy-up=/run --propagation=rslave /usr/bin/dockerd-rootless.sh
14
           ├─7530 /proc/self/exe --net=slirp4netns --mtu=65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --disable-host-loopback --port-driver=builtin --copy-up=/etc --copy-up=/run --propagation=rslave /usr/bin/dockerd-rootless.sh
15
           ├─7549 slirp4netns --mtu 65520 -r 3 --disable-host-loopback --enable-sandbox --enable-seccomp 7530 tap0
16
           ├─7556 dockerd
17
           └─7576 containerd --config /run/user/1000/docker/containerd/containerd.toml --log-level info
18
+ DOCKER_HOST=unix:///run/user/1000/docker.sock /usr/bin/docker version
19
Client: Docker Engine - Community
20
 Version:           20.10.16
21
 API version:       1.41
22
 Go version:        go1.17.10
23
 Git commit:        aa7e414
24
 Built:             Thu May 12 09:17:38 2022
25
 OS/Arch:           linux/amd64
26
 Context:           default
27
 Experimental:      true
28

29
Server: Docker Engine - Community
30
 Engine:
31
  Version:          20.10.16
32
  API version:      1.41 (minimum version 1.12)
33
  Go version:       go1.17.10
34
  Git commit:       f756502
35
  Built:            Thu May 12 09:15:44 2022
36
  OS/Arch:          linux/amd64
37
  Experimental:     false
38
 containerd:
39
  Version:          1.6.4
40
  GitCommit:        212e8b6fa2f44b9c21b2798135fc6fb7c53efc16
41
 runc:
42
  Version:          1.1.1
43
  GitCommit:        v1.1.1-0-g52de29d
44
 docker-init:
45
  Version:          0.19.0
46
  GitCommit:        de40ad0
47
+ systemctl --user enable docker.service
48
Created symlink /home/lolli/.config/systemd/user/default.target.wants/docker.service → /home/lolli/.config/systemd/user/docker.service.
49
[INFO] Installed docker.service successfully.
50
[INFO] To control docker.service, run: `systemctl --user (start|stop|restart) docker.service`
51
[INFO] To run docker.service on system startup, run: `sudo loginctl enable-linger lolli`
52

53
[INFO] Creating CLI context "rootless"
54
Successfully created context "rootless"
55

56
[INFO] Make sure the following environment variables are set (or add them to ~/.bashrc):
57

58
export PATH=/usr/bin:$PATH
59
export DOCKER_HOST=unix:///run/user/1000/docker.sock

成功