Hi,
I’ve been using @kcollins1 Docker containers for a while, but after attempting to upgrade to 8.1.2, I cannot get it to start.
The container remains in restarting state and I see this in the logs:
Way down in the nanosleep lines this appears:
I’ve even tried to pull and run 8.1.1, but same happens.
This is my run command:
docker run -p 8088:8088 --name RPiIgnitionMaker --restart=always \
-e TZ=Africa/Johannesburg \
-e GATEWAY_ADMIN_USERNAME=<username> \
-e GATEWAY_ADMIN_PASSWORD=<password> \
-v my-ignition-data:/var/lib/ignition/data \
-e IGNITION_EDITION=maker \
-e IGNITION_LICENSE_KEY=<key>\
-e IGNITION_ACTIVATION_TOKEN=<token> \
-e GATEWAY_MODULES_ENABLED=opc-ua,perspective,sfc,tag-historian -d kcollins/ignition:latest
Running on Pi 2.
Please help, even just to get 8.1.1 running again.
Regards,
Deon
This has to do with some system-related issues on Raspberry Pi 32-bit… For the moment, add the extended privileges flag, --privileged
to your run command… I’ll follow-up with more specific guidance.
1 Like
Running again! Thanks!
I’m keen to know more. Even if it means it’s time to upgrade to a Pi 4
The issue with “No monotonic clock was available - timed services may be adversely affected if the time-of-day clock changes” or “nanosleep(100ms) failed. Operation not permitted” (wanted to place those explicit messages in for the search later ) seems to only occur on recent Raspbian 32-bit installations running Docker.
It seems that this issue report discusses the need for libseccomp2
library to be updated to address this issue. This solved the problem for me on a Raspbian 32-bit install:
# Install a few prerequisite packages to be able to do the build
sudo apt install build-essential git gperf
# Download the libseccomp2 release package and unpack
wget https://github.com/seccomp/libseccomp/releases/download/v2.5.1/libseccomp-2.5.1.tar.gz
tar zvxf libseccomp-2.5.1.tar.gz
cd libseccomp-2.5.1
# Build and install
./configure && make
sudo make install
# Preserve the original libraries from the .deb package from the base install
mkdir ~/old-libs
sudo mv /usr/lib/arm-linux-gnuabihf/libseccomp.so.2* ~/old-libs/
# Remove the library cache and rebuild
sudo rm /etc/ld.so.cache
sudo ldconfig
Once I updated libseccomp2
, I was able to start the container without privileged mode. One additional note/disclaimer on the steps above–these updates are being done outside the scope of the package manager and may cause things in the future to break. I couldn’t find the equivalent of a debian backports repo for Raspberry Pi OS; there may be a “more official” way to get that library up-to-date.
Hope this helps!
Kevin C.
1 Like
FWIW, I did all my reproduction steps for this particular issue on a RPi 4.. So you'd have fought it there, too .
Any particular danger in just leaving it priviledged?
I suppose it depends on your use case… Sometimes it can be used for devices like Raspberry Pi in order for the container to interface with host-level devices (like GPIO, for example); these would normally not be visible/accessible from a container.
I am having some similar issues when trying to download Ignition on my Pi 4.
I used
sudo docker run -p 8088:8088 --name my-ignition -e GATEWAY_ADMIN_PASSWORD=password -e IGNITION_EDITION=full -d kcollins/ignition:nightly
which downloaded with no issues. However when I start the container it starts, but after a second it stops with an exit code 1. Is there any help you can offer.
What output do you have from sudo docker logs my-ignition
? Also, are you running on 32-bit Raspbian OS? (output from uname -a
would help)
Here is the output from sudo docker logs
wrapper | nanosleep(100ms) failed. Operation not permitted
sleep: cannot read realtime clockwrapper : Operation not permitted
| nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | Startup failed: Timed out waiting for a signal from the JVM.
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | JVM did not exit on request, termination requested.
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | There were 5 failed launches in a row, each lasting less than 300 seconds. Giving up.
wrapper | There may be a configuration problem: please check the logs.
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | nanosleep(100ms) failed. Operation not permitted
wrapper | --> Wrapper Started as Console
wrapper | Java Service Wrapper Standard Edition 32-bit 3.5.42
wrapper | Copyright (C) 1999-2020 Tanuki Software, Ltd. All Rights Reserved.
wrapper | http://wrapper.tanukisoftware.com
wrapper | Licensed to Inductive Automation for Inductive Automation
wrapper |
wrapper | Wrapper Process has not received any CPU time for 36 seconds. Extending timeouts.
wrapper | Launching a JVM...
jvm 1 | OpenJDK Client VM warning: No monotonic clock was available - timed services may be adversely affected if the time-of-day clock changes
wrapper | JVM received a signal SIGKILL (9).
wrapper | JVM process is gone.
wrapper | JVM exited after being requested to terminate.
wrapper | Reloading Wrapper configuration...
wrapper | Please set wrapper.java.version.output to TRUE, relaunch the Wrapper to print out the Java version output, and send the log file to support@tanukisoftware.com.
wrapper | JVM process is gone.
wrapper | Wrapper Process has not received any CPU time for 23 seconds. Extending timeouts.
wrapper | Launching a JVM...
jvm 2 | OpenJDK Client VM warning: No monotonic clock was available - timed services may be adversely affected if the time-of-day clock changes
wrapper | JVM received a signal SIGKILL (9).
wrapper | JVM process is gone.
wrapper | JVM exited after being requested to terminate.
wrapper | Reloading Wrapper configuration...
wrapper | Please set wrapper.java.version.output to TRUE, relaunch the Wrapper to print out the Java version output, and send the log file to support@tanukisoftware.com.
wrapper | JVM process is gone.
wrapper | Wrapper Process has not received any CPU time for 39 seconds. Extending timeouts.
wrapper | Launching a JVM...
jvm 3 | OpenJDK Client VM warning: No monotonic clock was available - timed services may be adversely affected if the time-of-day clock changes
wrapper | JVM received a signal SIGKILL (9).
wrapper | JVM process is gone.
wrapper | JVM exited after being requested to terminate.
wrapper | Reloading Wrapper configuration...
wrapper | Please set wrapper.java.version.output to TRUE, relaunch the Wrapper to print out the Java version output, and send the log file to support@tanukisoftware.com.
wrapper | JVM process is gone.
wrapper | Wrapper Process has not received any CPU time for 39 seconds. Extending timeouts.
wrapper | Launching a JVM...
jvm 4 | OpenJDK Client VM warning: No monotonic clock was available - timed services may be adversely affected if the time-of-day clock changes
wrapper | JVM received a signal SIGKILL (9).
wrapper | JVM process is gone.
wrapper | JVM exited after being requested to terminate.
wrapper | Reloading Wrapper configuration...
wrapper | JVM process is gone.
wrapper | Wrapper Process has not received any CPU time for 22 seconds. Extending timeouts.
wrapper | Launching a JVM...
jvm 5 | OpenJDK Client VM warning: No monotonic clock was available - timed services may be adversely affected if the time-of-day clock changes
wrapper | JVM received a signal SIGKILL (9).
wrapper | JVM process is gone.
wrapper | JVM exited after being requested to terminate.
wrapper | <-- Wrapper Stopped
And here is the Output from uname -a
Linux raspberrypi 5.10.17-v7l+ #1403 SMP Mon Feb 22 11:33:35 GMT 2021 armv7l GNU/Linux
Yup, looks just like the issue above… Use some of the options mentioned above to get you going… Easiest is just adding the --privileged
flag to your docker run
statement. This particular issue isn’t anything wrong with the container itself, but rather the system-level libraries that the container runtime uses.
That worked thank you. I guess I was just putting --privilaged
in the wrong spot.
–privileged worked for me. Thanks!