Home Explore Blog CI



docker
7th chunk of `content/manuals/engine/daemon/troubleshoot.md`
fe203e7f84f19eb58696d242729e0433d8c209c90754d06a0000000100000c3e
[`cloud-init`](https://cloudinit.readthedocs.io/en/latest/index.html), you may
need to apply a custom configuration to prevent `netplan` from overriding the
network manager configuration:

1. Follow the steps in [Un-manage Docker interfaces](#un-manage-docker-interfaces)
   for creating the network manager configuration.
2. Create a `netplan` configuration file under `/etc/netplan/50-cloud-init.yml`.

   The following example configuration file is a starting point.
   Adjust it to match the interfaces you want to un-manage.
   Incorrect configuration can lead to network connectivity issues.

   ```yaml {title="/etc/netplan/50-cloud-init.yml"}
   network:
     ethernets:
       all:
         dhcp4: true
         dhcp6: true
         match:
           # edit this filter to match whatever makes sense for your system
           name: en*
     renderer: networkd
     version: 2
   ```

3. Apply the new Netplan configuration.

   ```console
   $ sudo netplan apply
   ```

4. Restart the Docker daemon:

   ```console
   $ sudo systemctl restart docker
   ```

5. Verify that the Docker interfaces have the `unmanaged` state.

   ```console
   $ networkctl
   ```

## Volumes

### Unable to remove filesystem

```text
Error: Unable to remove filesystem
```

Some container-based utilities, such
as [Google cAdvisor](https://github.com/google/cadvisor), mount Docker system
directories, such as `/var/lib/docker/`, into a container. For instance, the
documentation for `cadvisor` instructs you to run the `cadvisor` container as
follows:

```console
$ sudo docker run \
  --volume=/:/rootfs:ro \
  --volume=/var/run:/var/run:rw \
  --volume=/sys:/sys:ro \
  --volume=/var/lib/docker/:/var/lib/docker:ro \
  --publish=8080:8080 \
  --detach=true \
  --name=cadvisor \
  google/cadvisor:latest
```

When you bind-mount `/var/lib/docker/`, this effectively mounts all resources of
all other running containers as filesystems within the container which mounts
`/var/lib/docker/`. When you attempt to remove any of these containers, the
removal attempt may fail with an error like the following:

```none
Error: Unable to remove filesystem for
74bef250361c7817bee19349c93139621b272bc8f654ae112dd4eb9652af9515:
remove /var/lib/docker/containers/74bef250361c7817bee19349c93139621b272bc8f654ae112dd4eb9652af9515/shm:
Device or resource busy
```

The problem occurs if the container which bind-mounts `/var/lib/docker/`
uses `statfs` or `fstatfs` on filesystem handles within `/var/lib/docker/`
and does not close them.

Typically, we would advise against bind-mounting `/var/lib/docker` in this way.
However, `cAdvisor` requires this bind-mount for core functionality.

If you are unsure which process is causing the path mentioned in the error to
be busy and preventing it from being removed, you can use the `lsof` command
to find its process. For instance, for the error above:

```console
$ sudo lsof /var/lib/docker/containers/74bef250361c7817bee19349c93139621b272bc8f654ae112dd4eb9652af9515/shm
```

To work around this problem, stop the container which bind-mounts
`/var/lib/docker` and try again to remove the other container.
Title: Resolving "Unable to remove filesystem" Error in Docker
Summary
This section addresses the "Unable to remove filesystem" error encountered when removing Docker containers. The error typically arises when a container, such as Google cAdvisor, bind-mounts Docker system directories like `/var/lib/docker/`, which exposes the filesystems of other running containers. When cAdvisor uses `statfs` or `fstatfs` without closing handles, removal attempts of those containers fail. The solution involves identifying the process causing the issue with `lsof` and stopping the container bind-mounting `/var/lib/docker` before retrying the removal of the other container.