How to install docker from cloud-init user-data on fedora-cloud

asked 2015-11-23 11:45:46 -0500

rafaeldff gravatar image

We are trying to provision a fedora-cloud 22 virtual machine on a Fedora host. The VM boots normally and reads cloud-init metadata and user-data correctly. The problem is that it fails when installing a package from user-data.

My user-data file is as follows:

#cloud-config
password: ******
chpasswd: {expire: False}
ssh_pwauth: True
runcmd:
  - [ dnf, repolist, all ]
  - [ dnf, -v, -y, install, docker ]

I see the following error lines on journalctl:

Nov 23 17:40:33 localhost audit[809]: <audit-1400> avc:  denied  { transition } for  pid=809 comm="dnf" path="/usr/sbin/ldconfig" dev="vda1" ino=4512 scontext=system_u:system_r:cloud_init_t:s0 tcontext=system_u:system_r:rpm_script_t:s0 tclass=process permissive=0
Nov 23 17:40:33 localhost cloud-init[738]: Installing  : device-mapper-event-libs-1.02.93-3.fc22.x86_64              1/9
Nov 23 17:40:33 localhost cloud-init[738]: warning: Unable to get systemd shutdown inhibition lock
Nov 23 17:40:33 localhost cloud-init[738]: warning: %post(device-mapper-event-libs-1.02.93-3.fc22.x86_64) scriptlet failed, exit status 127
...    
Nov 23 17:40:41 localhost audit[816]: <audit-1400> avc:  denied  { transition } for  pid=816 comm="dnf" path="/usr/bin/bash" dev="vda1" ino=4844 scontext=system_u:system_r:cloud_init_t:s0 tcontext=system_u:system_r:rpm_script_t:s0 tclass=process permissive=0
Nov 23 17:40:41 localhost cloud-init[738]: error: %prein(docker-1.8.2-7.gitcb216be.fc22.x86_64) scriptlet failed, exit status 127
Nov 23 17:40:41 localhost cloud-init[738]: Error in PREIN scriptlet in rpm package docker
Nov 23 17:40:41 localhost cloud-init[738]: Warning: scriptlet or other non-fatal errors occurred during transaction.
Nov 23 17:40:41 localhost cloud-init[738]: docker-1.8.2-7.gitcb216be.fc22.x86_64 was supposed to be installed but is not!

(A larger log excerpt can be fount at https://gist.github.com/rafaeldff/a81... )

I am able to install other packages via user-data, so I guess the problem is that Docker PREIN script is trying to do something fancy.

If I log in to the VM and try to install docker with

sudo dnf -y install docker

it just works.

Any idea on how to proceed?

edit retag flag offensive close merge delete