Google and some hair pulling usually. but some are docker regulars and pretty much know it inside out
So great as docker was wanting with the Debian image
Anyone got Docker working on 5B with Debian/Ubuntu?
Today I did apt upgrade. Then I got kernel 5.10.66-28.
It looks this version is configured with CGROUP enabled.
Hello Guys,
These are the ones I use (cgroup_enable=cpuset cgroup_enable=memory cgroup_memory=1 swapaccount=1) in the cmdline.txt. I also turn off wifi and bluetooth in the config.txt.
Depending on whether you are using RPiOS or Ubuntu of course
RPiOS - /boot/cmdline.txt and /boot/configtxt
Ubuntu - /boot/firmware/cmdline.txt and /boot/firmware/config.txt
Let me know if you need my exact commands for each file.
I am going to assume you mean Rock Pi 5B as opposed to Rock Pi 4b v1.5?
Good Luck,
Michael
append /boot/extlinux/extlinux.conf with systemd.unified_cgroup_hierarchy=0 is all that seems to be needed as we are not using a Pi.
Yep Rock-5b
Append systemd.unified_cgroup_hierarchy=0
to the /boot/extlinux/extlinux.conf
Install iptables
update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
/etc/sysctl.conf
net.ipv4.ip_forward = 1
reboot
install docker
Thanks to milnepe
感谢,通过这个方法,我的Docker正常工作了
i run most of my software as containers so not ‘weird edge-case’ for me.
I packaged the latest podman version for debian/ubuntu in aarch64, if you want to give it a try. Didn’t really get to taking it for a spin, since the little one got a tough cold. But I don’t see anything problematic. I stopped at the setup of firewalld to redirect to a non-privileged port. But it seems, that netfilter and nftables is problematic in this setup (or, the much more plausible option, the problem is on layer 8… happens a lot with me)
repo for podman:
Prob needed as does docker
https://wiki.debian.org/iptables
After installing iptables
update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
Just checked… apparently the kernel is so old, that its still on iptables/xtables ?!
Its actually the oppisite as we have to swap from nftables to iptables-legacy as that is the problem with Docker as it doesn’t work with the newer nf_tables
That is why you need to
update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
So setting back to legacy iptables from nftables
weird. i shouldnt need iptables (podman instead of docker) i’m using armbian. just installed nftables
andi@rock-5b:~$ sudo nft add rule ip filter INPUT ip saddr 192.0.2.0/24 counter accept
netlink: Error: cache initialization failed: Invalid argument
this doesn’t look right. checking and I can only see iptables/xtables being loaded.
andi@rock-5b:~$ lsmod
Module Size Used by
nfnetlink 16384 0
overlay 106496 0
zstd 16384 8
fuse 106496 1
ip_tables 24576 0
x_tables 32768 1 ip_tables
ipv6 413696 62
panfrost 53248 0
gpu_sched 28672 1 panfrost
pgdrv 16384 0
r8125 139264 0
shouldn’t there be at least some nf* module loaded?
as an example from my rockpro64 running armbian
nf_tables 212992 1567 nft_compat,nft_counter,nft_chain_nat
x_tables is netfilter so is nfnetlink iptables is just the userspace program using them.
Apart from that haven’t a clue as rarely use and was searching for where iptables had gone.
Guess you will have to do some reading of https://wiki.debian.org/nftables as just dunno
I had 2 kernels version listed in /boot/extlinux/extlinux.conf, I updated most recent one by adding
systemd.unified_cgroup_hierarchy=0
to the “append” section.
Not sure why but after rebooting, my network interface disappeared.
Once changes reverted, it was back.
Any idea? Did I correctly updated conf?
Btw, seems like working as I could run sudo docker run hello-world successfully
Dunno as running on 2.5gb ethernet I have no problems with docker or networking.
Same here (using ethernet) was just curious why I had that issue while changing my kernel conf,
But docker is running anyway …now I’m having some image incompatibilities with arm architecture.
Moving to arm is not completely hassle-free 
Docker and miniconda are almost essential with so many version conflicts and not wanting to bloat your system up with dependencies
https://docs.conda.io/en/main/miniconda.html
Docker is what it is and you need to find aarch64 versions but there is.
Things used to be much worse with maybe Raspbian variants but now Apple is Arm with the M1 generally things are getting to near level status.
Well need to run that, and currently it complained about different arch.
Don’t know if there is workaround for that (edit: doesn’t seem to be one yet according to this) so what I did is split my work over 2 different machine, one X86 and the rest on Rock5b for now.
Nope MS Azure doing something x86 only will not tun on Mac M1 either supposedly
/palrun: ERROR: Invalid mapping of address 0x40037d9000 in reserved address space below 0x400000000000. Possible causes:
- The process (itself, or via a wrapper) starts up its own running environment sets the stack size limit to unlimited via syscall setrlimit(2);
- The process (itself, or via a wrapper) adjusts its own execution domain and flag the system its legacy personality via syscall personality(2);
- Sysadmin deliberately sets the system to run on legacy VA layout mode by adjusting a sysctl knob vm.legacy_va_layout.
Hi all! I’m trying to install homeassistant-supervised and getting the error
[warn] Could not find /etc/default/grub or /boot/firmware/cmdline.txt failed to switch to cgroup v1…
I know that I must add the line systemd.unified_cgroup_hierarchy=0 to /boot/config.txt but on armbian there’s no such file. Tried to add this line to armbianEnv.txt but no luck. Can’t anyone help me with this?
1 Like