Dockerfile (excerpt)

ENV APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=DontWarn
RUN apt-get update && apt-get install -y \
         software-properties-common \
         build-essential \
         libevent-dev \
         libssl-dev \
         libxml2-dev \
         libyaml-dev \
         libgmp-dev \
         libreadline-dev \
         apt-transport-https \
         iputils-ping \
         git \
         aptitude \
         nano \
         openssh-server \
         && apt-key adv –keyserver keys.gnupg.net –recv-keys 09617FD37CC06B54 \
         && add-apt-repository ‚deb https://dist.crystal-lang.org/apt crystal main‘ \
         && apt-get update \
         && apt-get install -y crystal \
         &&  rm -rf /var/lib/apt/lists/* \
         && mkdir /root/.ssh

The ENV APT_KEY_DONT_WARN_ON_DANGEROUSE_USAGE is needed for apt-key adv not choking on not being run from a terminal.

To add the Crystal repository, the key needs to be installed

W: GPG error: https://dist.crystal-lang.org/apt crystal InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 09617FD37CC06B54
E: The repository ‚https://dist.crystal-lang.org/apt crystal InRelease‘ is not signed.

When you add the key using a Dockerfile, you might get the following error message:

Executing: /tmp/apt-key-gpghome.daecBAEPSJ/gpg.1.sh –keyserver keys.gnupg.net –recv-keys 09617FD37CC06B54
gpg: keyserver receive failed: Cannot assign requested address

This is due to gpg not being able to bind to an IPv6 address. Therefore you have to

enable IPv6 support on your host for Docker:

edit / create /etc/docker/daemon.json

{
  "ipv6": true,
  "fixed-cidr-v6": "2001:db8:1::/64"
}

And restart the docker service:

service docker restart


the fixed-cidr-v6 is NOT optional as https://docs.docker.com/config/daemon/ipv6/ might lead you to believe.

test for IPv6 support:

docker run -it alpine ash -c "ip -6 addr show dev eth0; ip -6 route show"
if it returns nothing, then ipv6 is NOT enabled
sample output with IPv6 enabled:

max@morpheus:~/docker$ docker run -it alpine ash -c „ip -6 addr show dev eth0; ip -6 route show“
163: eth0@if164: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 state UP
     inet6 2001:db8:1::242:ac11:2/64 scope global flags 02
        valid_lft forever preferred_lft forever
     inet6 fe80::42:acff:fe11:2/64 scope link tentative
        valid_lft forever preferred_lft forever
2001:db8:1::/64 dev eth0  metric 256
fe80::/64 dev eth0  metric 256
default via 2001:db8:1::1 dev eth0  metric 1024
ff00::/8 dev eth0  metric 256



Failed to start Docker Application Container Engine.

tail –n 50 /var/log/syslog

Jan 11 21:39:35 morpheus dockerd[697]: time=“2019-01-11T21:39:35.770500563+01:00″ level=warning msg=“Your kernel does not support swap memory limit“
Jan 11 21:39:35 morpheus dockerd[697]: time=“2019-01-11T21:39:35.770617796+01:00″ level=warning msg=“Your kernel does not support cgroup rt period“
Jan 11 21:39:35 morpheus dockerd[697]: time=“2019-01-11T21:39:35.770656361+01:00″ level=warning msg=“Your kernel does not support cgroup rt runtime“

Jan 11 21:39:40 morpheus dockerd[697]: time=“2019-01-11T21:39:40.800355314+01:00″ level=info msg=“Default bridge (docker0) is assigned with an IP address 172.17.0.0/16. Daemon option –bip can be used to set a preferred IP address“

Jan 11 21:39:40 morpheus dockerd[697]: Error starting daemon: Error initializing network controller: Error creating default „bridge“ network: could not find an available, non-overlapping IPv6 address pool among the defaults to assign to the network

If the docker daemon does not start, look at /var/log/syslog to find the reason.

Here it probably means that you have not added the fixed-cidr-v6 as indicated by me above! Docker, since a couple of versions, seems to require this. There is an issue in GitHub about it.

and all this for …

image

References

https://github.com/inversepath/usbarmory-debian-base_image/issues/9

https://docs.docker.com/v17.09/engine/userguide/networking/default_network/ipv6/

https://github.com/moby/moby/issues/36954