我们在Dockerfiles 中使用了 buildkit 的一些实验性功能,最显着的是缓存挂载。今天,所有构建都停止使用消息:
requested experimental feature exec.meta.security is not supported by build server, please update
以下是 的相关输出journalctl -u docker:
Apr 27 12:50:42 laptop systemd[1]: Started Docker Application Container Engine.
Apr 27 13:05:07 laptop dockerd[17029]: time="2019-04-27T13:05:07.302466366+02:00" level=info msg="parsed scheme: \"\"" module=grpc
Apr 27 13:05:07 laptop dockerd[17029]: time="2019-04-27T13:05:07.302489224+02:00" level=info msg="scheme \"\" not registered, fallback to default scheme" module=grpc
Apr 27 13:05:07 laptop dockerd[17029]: time="2019-04-27T13:05:07.302545282+02:00" level=info msg="ccResolverWrapper: sending new addresses to cc: [{ 0 <nil>}]" module=grpc
Apr 27 13:05:07 laptop dockerd[17029]: time="2019-04-27T13:05:07.302556961+02:00" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Apr 27 13:05:07 laptop dockerd[17029]: time="2019-04-27T13:05:07.302595944+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc420d068e0, CONNECTING" module=grpc
Apr 27 13:05:07 laptop dockerd[17029]: time="2019-04-27T13:05:07.302697663+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc420d068e0, READY" module=grpc
Apr 27 13:05:08 laptop dockerd[17029]: time="2019-04-27T13:05:08.096360518+02:00" level=info msg="No non-localhost DNS nameservers are left in resolv.conf. Using default external servers: [nameserv
Apr 27 13:05:08 laptop dockerd[17029]: time="2019-04-27T13:05:08.096425639+02:00" level=info msg="IPv6 enabled; Adding default IPv6 external servers: [nameserver 2001:4860:4860::8888 nameserver 200
Apr 27 13:05:09 laptop dockerd[17029]: time="2019-04-27T13:05:09.164531606+02:00" level=info msg="ignoring event" module=libcontainerd namespace=moby topic=/tasks/delete type="*events.TaskDelete"
Apr 27 13:05:10 laptop dockerd[17029]: time="2019-04-27T13:05:10.134327397+02:00" level=info msg="Layer sha256:c5436d94671d3b039ae327cbd70bcc7247156b1db1a94c6b5c96d20eb5306fe0 cleaned up"
Apr 27 13:05:10 laptop dockerd[17029]: time="2019-04-27T13:05:10.264799407+02:00" level=warning msg="grpc: addrConn.createTransport failed to connect to { 0 <nil>}. Err :connection error: desc = \
Apr 27 13:05:10 laptop dockerd[17029]: time="2019-04-27T13:05:10.264831645+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc420d068e0, TRANSIENT_FAILURE" module=grpc
Apr 27 13:05:10 laptop dockerd[17029]: time="2019-04-27T13:05:10.264898501+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc420d068e0, CONNECTING" module=grpc
Apr 27 13:05:10 laptop dockerd[17029]: time="2019-04-27T13:05:10.264926781+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc420d068e0, TRANSIENT_FAILURE" module=grpc
Apr 27 13:05:10 laptop dockerd[17029]: time="2019-04-27T13:05:10.302876165+02:00" level=warning msg="grpc: addrConn.transportMonitor exits due to: context canceled" module=grpc
Apr 27 13:06:00 laptop dockerd[17029]: time="2019-04-27T13:06:00.415336758+02:00" level=info msg="parsed scheme: \"\"" module=grpc
Apr 27 13:06:00 laptop dockerd[17029]: time="2019-04-27T13:06:00.415358861+02:00" level=info msg="scheme \"\" not registered, fallback to default scheme" module=grpc
Apr 27 13:06:00 laptop dockerd[17029]: time="2019-04-27T13:06:00.415401731+02:00" level=info msg="ccResolverWrapper: sending new addresses to cc: [{ 0 <nil>}]" module=grpc
Apr 27 13:06:00 laptop dockerd[17029]: time="2019-04-27T13:06:00.415420573+02:00" level=info msg="ClientConn switching balancer to \"pick_first\"" module=grpc
Apr 27 13:06:00 laptop dockerd[17029]: time="2019-04-27T13:06:00.415455123+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc42075b950, CONNECTING" module=grpc
Apr 27 13:06:00 laptop dockerd[17029]: time="2019-04-27T13:06:00.415512072+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc42075b950, READY" module=grpc
Apr 27 13:06:03 laptop dockerd[17029]: time="2019-04-27T13:06:03.557274713+02:00" level=info msg="No non-localhost DNS nameservers are left in resolv.conf. Using default external servers: [nameserv
Apr 27 13:06:03 laptop dockerd[17029]: time="2019-04-27T13:06:03.557342307+02:00" level=info msg="IPv6 enabled; Adding default IPv6 external servers: [nameserver 2001:4860:4860::8888 nameserver 200
Apr 27 13:06:05 laptop dockerd[17029]: time="2019-04-27T11:06:05Z" level=error msg="fatal error: requested experimental feature exec.meta.security is not supported by build server, please update \
Apr 27 13:06:05 laptop dockerd[17029]: panic: requested experimental feature exec.meta.security is not supported by build server, please update
Apr 27 13:06:05 laptop dockerd[17029]: goroutine 1 [running]:
Apr 27 13:06:05 laptop dockerd[17029]: main.main()
Apr 27 13:06:05 laptop dockerd[17029]: /src/frontend/dockerfile/cmd/dockerfile-frontend/main.go:26 +0x34f
Apr 27 13:06:05 laptop dockerd[17029]: time="2019-04-27T13:06:05.835385263+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc42075b950, TRANSIENT_FAILURE" module=grpc
Apr 27 13:06:05 laptop dockerd[17029]: time="2019-04-27T13:06:05.835517263+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc42075b950, CONNECTING" module=grpc
Apr 27 13:06:05 laptop dockerd[17029]: time="2019-04-27T13:06:05.835541307+02:00" level=warning msg="grpc: addrConn.createTransport failed to connect to { 0 <nil>}. Err :connection error: desc = \
Apr 27 13:06:05 laptop dockerd[17029]: time="2019-04-27T13:06:05.835658016+02:00" level=info msg="pickfirstBalancer: HandleSubConnStateChange: 0xc42075b950, TRANSIENT_FAILURE" module=grpc
Apr 27 13:06:06 laptop dockerd[17029]: time="2019-04-27T13:06:06.415833044+02:00" level=warning msg="grpc: addrConn.transportMonitor exits due to: context canceled" module=grpc
除此之外,我在系统日志中看不到任何有趣的东西,syslog也没有dmesg。
Docker CE 是使用此过程(来自官方 docker repos)安装的,并且是最新的。系统信息:
me@laptop:/tmp/test$ docker --version
Docker version 18.09.5, build e8ff056
me@laptop:/tmp/test$ uname -a
Linux laptop 4.4.0-146-generic #172-Ubuntu SMP Wed Apr 3 09:00:08 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
除了例行的系统升级外,最近没有系统变化。昨天可能有内核升级,IIRC。
我尝试过的事情:
- 将 docker 升级和降级到多个版本;
- 建立一个简单
Dockerfile的DOCKER_BUILDKIT=1 docker build .(给出上面的错误):
# syntax=docker/dockerfile:experimental
FROM ubuntu:16.04
RUN \
--mount=type=cache,target=/data \
echo hello
--mount从Dockerfile和构建中删除行DOCKER_BUILDKIT=1 docker build .(给出上面的错误);- 建筑(显然没有
--mount)与docker build .(这有效)。
所以问题只出在buildkit上。还有其他人看到这个和/或有建议吗?
这可能与 docker hub 漏洞有关: https ://news.ycombinator.com/item?id=19763413
BuildKit 回购错误
也开始发生在我身上,通过在实验语法行上设置版本来修复: