install docker on debian - 'overlay' is not supported over overlayfs

Question

I created a docker image for my build pipeline and I am trying to run docker build -t someTag .

However, I am getting this error.

DEBU[0000] Listener created for HTTP on unix (/var/run/docker.sock)
INFO[0000] libcontainerd: new containerd process, pid: 1026
DEBU[0000] Permission denied writing "-500" to /proc/1026/oom_score_adj
DEBU[0000] containerd: grpc api on /var/run/docker/libcontainerd/docker-containerd.sock
DEBU[0000] containerd: read past events                  count=0
DEBU[0000] containerd: supervisor running                cpus=2 memory=976 runtime=docker-runc runtimeArgs=[] stateDir="/var/run/docker/libcontainerd/containerd"
DEBU[0000] libcontainerd: containerd health check returned error: rpc error: code = 14 desc = grpc: the connection is unavailable
DEBU[0001] Permission denied writing "-500" to /proc/self/oom_score_adj
DEBU[0001] Using default logging driver json-file
DEBU[0001] Golang's threads limit set to 6840
DEBU[0001] [zfs] zfs command is not available: exec: "zfs": executable file not found in $PATH
ERRO[0001] 'overlay' is not supported over overlayfs
DEBU[0001] Using graph driver vfs
DEBU[0001] Max Concurrent Downloads: 3
DEBU[0001] Max Concurrent Uploads: 5
INFO[0001] Graph migration to content-addressability took 0.00 seconds
INFO[0001] Loading containers: start.
DEBU[0001] Option Experimental: false
DEBU[0001] Option DefaultDriver: bridge
DEBU[0001] Option DefaultNetwork: bridge
WARN[0001] Running modprobe bridge br_netfilter failed with message: , error: exec: "modprobe": executable file not found in $PATH
WARN[0001] Running modprobe nf_nat failed with message: ``, error: exec: "modprobe": executable file not found in $PATH
WARN[0001] Running modprobe xt_conntrack failed with message: ``, error: exec: "modprobe": executable file not found in $PATH
DEBU[0001] Fail to initialize firewalld: Failed to connect to D-Bus system bus: dial unix /var/run/dbus/system_bus_socket: connect: no such file or directory, using raw iptables instead
DEBU[0001] /usr/sbin/iptables, [-t nat -D PREROUTING -m addrtype --dst-type LOCAL -j DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -D OUTPUT -m addrtype --dst-type LOCAL ! --dst 127.0.0.0/8 -j DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -D OUTPUT -m addrtype --dst-type LOCAL -j DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -D PREROUTING]
DEBU[0001] /usr/sbin/iptables, [-t nat -D OUTPUT]
DEBU[0001] /usr/sbin/iptables, [-t nat -F DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -X DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t filter -F DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t filter -X DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t filter -F DOCKER-ISOLATION]
DEBU[0001] /usr/sbin/iptables, [-t filter -X DOCKER-ISOLATION]
DEBU[0001] /usr/sbin/iptables, [-t nat -n -L DOCKER]
DEBU[0001] /usr/sbin/iptables, [-t nat -N DOCKER]
DEBU[0001] start clean shutdown of all containers with a 15 seconds timeout...
DEBU[0001] Cleaning up old mountid : start.
DEBU[0001] Cleaning up old mountid : done.

Here is the info of my Dockerfile that is installing docker. I found these steps here .

FROM debian:latest

ENV DEBIAN_FRONTEND noninteractive
ENV JENKINS_HOME /var/jenkins_home

USER root

WORKDIR $JENKINS_HOME

RUN apt-get update
RUN apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg2 \
    software-properties-common -y
RUN curl -fsSL https://download.docker.com/linux/debian/gpg | apt-key add -
RUN apt-get install -y iptables
RUN wget https://download.docker.com/linux/debian/dists/jessie/pool/stable/amd64/docker-ce_17.06.0~ce-0~debian_amd64.deb
RUN dpkg -i docker-ce_17.06.0~ce-0~debian_amd64.deb

What I have tried:

I have tried starting dockerd . From my best guess, it looks like I need dockerd to start.

root@90302deb48a0:/var/jenkins_home# ps -ef | grep docker
root          6      1  0 14:47 ?        00:00:00 grep docker

I have looked into updating

I have tried updating my iptables

root@e898473347a2:/var/jenkins_home# apt-get install -y iptables
Reading package lists... Done
Building dependency tree
Reading state information... Done
iptables is already the newest version (1.6.0+snapshot20161117-6).
0 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.

I have verified that I am root and the directories are owned by root .

root@e898473347a2:/var/jenkins_home# whoami
root

I have tried to research where to post this. Please tell me if this needs to be moved somewhere else. I will kindly move this if this doesn't classify as "programming".

Answer 1

It sounds like you are trying to do Docker in Docker (DinD). It requires some hacks and changing the storage driver (you can't do overlay on overlay). See the Dockerfile and entrypoint script at https://github.com/docker-library/docker/tree/a73d96e731e2dd5d6822c99a9af4dcbfbbedb2be/19.03/dind for more information. It has information on where it gets the dind script and the necessary entrypoint changes to run dockerd .

However, there are official dind tagged images on Docker Hub that you may be better off building from. See https://hub.docker.com/_/docker/ . You could just use image docker:17.05.0-dind or base your image off of it if you need customizations.