2024年笔记--centos docker离线安装启动失败

Failed to start Docker Application Container Engine

错误如下：

$root@el70 docker$ # systemctl start docker.service

Job for docker.service failed because start of the service was attempted too often. See "systemctl status docker.service" and "journalctl -xe" for details.

To force a start use "systemctl reset-failed docker.service" followed by "systemctl start docker.service" again.

$root@el70 docker$ # journalctl -xe

Feb 06 16:15:36 el70 dockerd $2524$ : time="2024-02-06T16:15:36.044378290+08:00" level=info msg=" $core$ $Channel #1$ Channel deleted" module=grp

Feb 06 16:15:36 el70 dockerd $2524$ : time="2024-02-06T16:15:36.044158542+08:00" level=info msg="stopping event stream following graceful shutdo

Feb 06 16:15:36 el70 dockerd $2524$ : time="2024-02-06T16:15:36.044822884+08:00" level=info msg=" $core$ $Channel #7 SubChannel #8$ Subchannel Co

Feb 06 16:15:36 el70 dockerd $2524$ : time="2024-02-06T16:15:36.044928467+08:00" level=info msg=" $core$ $Channel #7$ Channel Connectivity change

Feb 06 16:15:37 el70 dockerd $2524$ : failed to start daemon: Error initializing network controller: Error creating default "bridge" network: Fa

Feb 06 16:15:37 el70 systemd $1$ : docker.service: main process exited, code=exited, status=1/FAILURE

Feb 06 16:15:37 el70 systemd $1$ : Failed to start Docker Application Container Engine.

-- Subject: Unit docker.service has failed

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

-- Unit docker.service has failed.

-- The result is failed.

Feb 06 16:15:37 el70 systemd $1$ : Unit docker.service entered failed state.

Feb 06 16:15:37 el70 systemd $1$ : docker.service failed.

Feb 06 16:15:37 el70 systemd $1$ : docker.service holdoff time over, scheduling restart.

Feb 06 16:15:37 el70 systemd $1$ : Stopped Docker Application Container Engine.

-- Subject: Unit docker.service has finished shutting down

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

-- Unit docker.service has finished shutting down.

Feb 06 16:15:37 el70 systemd $1$ : start request repeated too quickly for docker.service

Feb 06 16:15:37 el70 systemd $1$ : Failed to start Docker Application Container Engine.

-- Subject: Unit docker.service has failed

-- Defined-By: systemd

-- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

解决分析过程：

再打开一个ssh连接窗口，执行命令tail -200f /var/log/messages

然后在原窗口中执行 systemctl start docker 观察新窗口中的日志。

我这里看到的有关错误日志内容如下：

Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: INVALID_TYPE: structure size mismatch 16 != 13

Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: COMMAND_FAILED: '/sbin/iptables -t filter -C FORWARD -j DOCKER-ISOLATION' failed: iptables v1.4.21: Couldn't load target `DOCKER-ISOLATION':No such file or directory

Try `iptables -h' or 'iptables --help' for more information.

Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: COMMAND_FAILED: '/sbin/iptables -t nat -D PREROUTING -m addrtype --dst-type LOCAL -j DOCKER' failed: iptables: No chain/target/match by that name.

Feb 6 16:22:54 el70 firewalld: 2024-02-06 16:22:54 ERROR: COMMAND_FAILED: '/sbin/iptables -t nat -D OUTPUT -m addrtype --dst-type LOCAL ! --dst 127.0.0.0/8 -j DOCKER' failed: iptables: No chain/target/match by that name.

然后我尝试：

$root@el70 docker$ # service iptables stop

Redirecting to /bin/systemctl stop iptables.service

Failed to stop iptables.service: Unit iptables.service not loaded.

原来这个服务不存在，因为我的环境不需要防火墙，因此，我直接执行service firewalld stop 将防火墙关闭。

再次systemctl start docker 启动正常。

其他错误，修改/etc/docker/daemon.json后，重启docker失败

启动失败，错误为：Feb 6 16:37:34 el70 systemd: Starting Docker Application Container Engine...

Feb 6 16:37:34 el70 dockerd: unable to configure the Docker daemon with file /etc/docker/daemon.json: the following directives are specified both as a flag and in the configuration file: insecure-registries: (from flag: $127.0.0.1$ , from file: $xx.xx.xx.xx:8080$ )

原因：

因为修改了/etc/docker/daemon.json 内容为如下

{

"insecure-registries": $"xx.xx.xx.xx:8080"$

}

而/etc/systemd/system/docker.service 中也配置了ExecStart=/usr/bin/dockerd --selinux-enabled=false --insecure-registry=xx.xx.xx.xx:8080

将ExecStart这一行修改为：

ExecStart=/usr/bin/dockerd --selinux-enabled=false

然后systemctl daemon-reload ，再次 systemctl start docker即可启动

其他错误2：

Feb 6 17:12:34 el70 dockerd: time="2024-02-06T17:12:34.353598727+08:00" level=error msg="Download failed after 1 attempts: error parsing HTTP 408 response body: invalid character '<' looking for beginning of value: \"<html><body><h1>408 Request Time-out</h1>\\nYour browser didn't send a complete request in time.\\n</body></html>

解决方法：

修改配置文件 /etc/docker/daemon.json 增加

"registry-mirrors": $"http://hub-mirror.c.163.com"$

修改后的全内容为：

{

"insecure-registries": $"xx.xx.xx.xx:8080"$ ,

"registry-mirrors": $"http://hub-mirror.c.163.com"$

}

然后重启docker服务，有时候失败了要先执行一下systemctl reset-failed docker.service 清理掉失败状态。再进行systemctl start docker尝试。

参考文章：

Docker启动失败报错Failed to start Docker Application Container Engine的解决办法_docker_脚本之家