Hello all,

I am trying to add Docker to an image built under Yocto and hence am attempting to use the meta-virtualization layer.

The target processor is an NXP imx8mq evk board and I am basing everything on the NXP BSP v4.9.51, which is based on Yocto morty.

I have git cloned the morty branch of the meta-virtualization layer to the top level of our Yocto project and added the layer to the build/bblayers.conf file and added DISTRO_FEATURES_append = " virtualization" to the build/local.conf file. I have a custom layer with a custom image (based on core-image) that includes docker (i.e. IMAGE_INSTALL += " docker”). A complete re-build of the image using bitbake is successful, and when the image is transferred to the target (on an sd card) and booted, the docker daemon starts up OK. However if I then try running “docker run hello-world” to test out the installation, it will pull the hello-world image, but fails with a daemon error:

Unable to find image 'hello-world:latest' locally

latest: Pulling from library/hello-world

3b4173355427: Pulling fs layer

3b4173355427: Verifying Checksum

3b4173355427: Download complete

3b4173355427: Pull complete

Digest: sha256:2557e3c07ed1e38f26e389462d03ed943586f744621577a99efb77324b0fe535

Status: Downloaded newer image for hello-world:latest

docker: Error response from daemon: operation not supported.

See 'docker run --help'.

Other images give similar results (e.g. busybox or alpine).

It seems that the pull works, and images are downloaded OK, but they do not run.

I’d be grateful if you have any advice on how to get this branch of docker working?

For information:

“docker info” gives:

Containers: 0

Running: 0

Paused: 0

Stopped: 0

Images: 1

Server Version: 1.12.5

Storage Driver: overlay

Backing Filesystem: extfs

Logging Driver: json-file

Cgroup Driver: cgroupfs

Plugins:

Volume: local

Network: host bridge overlay null

Swarm: inactive

Runtimes: runc

Default Runtime: runc

Security Options:

Kernel Version: 4.9.51-imx_4.9.51_imx8m_ga+g6df7474

Operating System: NXP i.MX Release Distro 4.9.51-mx8-ga (morty)

OSType: linux

Architecture: aarch64

CPUs: 4

Total Memory: 2.928 GiB

Name: Test-imx8

ID: L4G3:4SLL:UO75:25FS:6OO6:NOPG:SGF7:DXVC:GN5P:7DZK:4O2D:3K4L

Docker Root Dir: /var/lib/docker

Debug Mode (client): false

Debug Mode (server): false

Registry: https://index.docker.io/v1/

Insecure Registries:

http://localhost:5000

127.0.0.0/8

Downloading and running “check-config.sh” gives:

info: reading kernel config from /proc/config.gz ...

Generally Necessary:

- cgroup hierarchy: properly mounted [/sys/fs/cgroup]

- CONFIG_NAMESPACES: enabled

- CONFIG_NET_NS: enabled

- CONFIG_PID_NS: enabled

- CONFIG_IPC_NS: enabled

- CONFIG_UTS_NS: enabled

- CONFIG_CGROUPS: enabled

- CONFIG_CGROUP_CPUACCT: enabled

- CONFIG_CGROUP_DEVICE: enabled

- CONFIG_CGROUP_FREEZER: missing

- CONFIG_CGROUP_SCHED: enabled

- CONFIG_CPUSETS: enabled

- CONFIG_MEMCG: enabled

- CONFIG_KEYS: enabled

- CONFIG_VETH: enabled (as module)

- CONFIG_BRIDGE: enabled (as module)

- CONFIG_BRIDGE_NETFILTER: enabled (as module)

- CONFIG_NF_NAT_IPV4: enabled (as module)

- CONFIG_IP_NF_FILTER: enabled (as module)

- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)

- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)

- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)

- CONFIG_NETFILTER_XT_MATCH_IPVS: missing

- CONFIG_IP_NF_NAT: enabled (as module)

- CONFIG_NF_NAT: enabled (as module)

- CONFIG_NF_NAT_NEEDED: enabled

- CONFIG_POSIX_MQUEUE: enabled

Optional Features:

- CONFIG_USER_NS: enabled

- CONFIG_SECCOMP: enabled

- CONFIG_CGROUP_PIDS: enabled

- CONFIG_MEMCG_SWAP: enabled

- CONFIG_MEMCG_SWAP_ENABLED: enabled

    (cgroup swap accounting is currently enabled)

- CONFIG_BLK_CGROUP: enabled

- CONFIG_BLK_DEV_THROTTLING: missing

- CONFIG_IOSCHED_CFQ: enabled

- CONFIG_CFQ_GROUP_IOSCHED: missing

- CONFIG_CGROUP_PERF: enabled

- CONFIG_CGROUP_HUGETLB: enabled

- CONFIG_NET_CLS_CGROUP: missing

- CONFIG_CGROUP_NET_PRIO: missing

- CONFIG_CFS_BANDWIDTH: missing

- CONFIG_FAIR_GROUP_SCHED: enabled

- CONFIG_RT_GROUP_SCHED: missing

- CONFIG_IP_NF_TARGET_REDIRECT: missing

- CONFIG_IP_VS: missing

- CONFIG_IP_VS_NFCT: missing

- CONFIG_IP_VS_PROTO_TCP: missing

- CONFIG_IP_VS_PROTO_UDP: missing

- CONFIG_IP_VS_RR: missing

- CONFIG_EXT3_FS: enabled

- CONFIG_EXT3_FS_XATTR: missing

- CONFIG_EXT3_FS_POSIX_ACL: missing

- CONFIG_EXT3_FS_SECURITY: missing

    (enable these ext3 configs if you are using ext3 as backing filesystem)

- CONFIG_EXT4_FS: enabled

- CONFIG_EXT4_FS_POSIX_ACL: enabled

- CONFIG_EXT4_FS_SECURITY: missing

    enable these ext4 configs if you are using ext4 as backing filesystem

- Network Drivers:

  - "overlay":

    - CONFIG_VXLAN: missing

      Optional (for encrypted networks):

      - CONFIG_CRYPTO: enabled

      - CONFIG_CRYPTO_AEAD: enabled

      - CONFIG_CRYPTO_GCM: enabled

      - CONFIG_CRYPTO_SEQIV: enabled

      - CONFIG_CRYPTO_GHASH: enabled

      - CONFIG_XFRM: enabled

      - CONFIG_XFRM_USER: missing

      - CONFIG_XFRM_ALGO: missing

      - CONFIG_INET_ESP: missing

      - CONFIG_INET_XFRM_MODE_TRANSPORT: enabled

  - "mipvlan":

    - CONFIG_IPVLAN: missing

  - "macvlan":

    - CONFIG_MACVLAN: enabled (as module)

    - CONFIG_DUMMY: missing

  - "ftp,tftp client in container":

    - CONFIG_NF_NAT_FTP: missing

    - CONFIG_NF_CONNTRACK_FTP: missing

    - CONFIG_NF_NAT_TFTP: missing

    - CONFIG_NF_CONNTRACK_TFTP: missing

- Storage Drivers:

  - "aufs":

    - CONFIG_AUFS_FS: missing

  - "btrfs":

    - CONFIG_BTRFS_FS: enabled (as module)

    - CONFIG_BTRFS_FS_POSIX_ACL: enabled

  - "devicemapper":

    - CONFIG_BLK_DEV_DM: missing

    - CONFIG_DM_THIN_PROVISIONING: missing

  - "overlay":

    - CONFIG_OVERLAY_FS: enabled (as module)

  - "zfs":

    - /dev/zfs: missing

    - zfs command: missing

    - zpool command: missing

Limits:

- /proc/sys/kernel/keys/root_maxkeys: 1000000

“docker –version” gives:

Docker version 1.12.5, build 7392c3b

From the config output, I see that some variables are not enabled. Could this be an issue?

Kind regards,

Russell