Home > Net >  Downgrading Docker on the host to match container's older GLIBC: doable / good idea?
Downgrading Docker on the host to match container's older GLIBC: doable / good idea?

Time:10-19

After migrating our build server's OS to the latest Ubuntu LTS (ubuntu:jammy) I quickly run into GLIBC incompatibility issue with the latest Debian (debian:bullseye) used in the latest official pre-built Jenkins containers (jenkins/jenkins:jdk17), a problem already described here. This is expected, because that would require forward compatibility to work: container-installed dependencies (GLIBC 2.31) are older than the host-installed software (docker built under and expecting GLIBC 2.35).

Since there are no regularly maintained Jenkins Docker images using GLIBC version 2.35 compatible with the latest Ubuntu LTS (they would have to be using Debian Bookworm as a base or even Jammy itself) is it a) possible and b) a good idea (stability-, and security-wise) to downgrade docker on the host to match Debian container's older GLIBC version (2.31)? That would save me from reinstalling the entire host OS to the previous Ubuntu LTS and from maintaining custom Jenkins containers based on Debian Bookworm for its GLIBC 2.35 (possibly for a long time).

CodePudding user response:

Answering the first part of the question: not doable.

First, after the downgrade, docker would run into the same C API compatibility issues on the host itself (the docker would be only usable inside Jenkins containers). Second, there are no installation candidates for such a deep downgrade. In other words, supported docker versions gap between the two systems (host vs. container) is too wide (respectively 20.10.13 vs. 20.10.5).


More info

# host:
$ sudo apt update && sudo apt-cache madison docker-ce
[..]
 docker-ce | 5:20.10.19~3-0~ubuntu-jammy | https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages
 docker-ce | 5:20.10.18~3-0~ubuntu-jammy | https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages
 docker-ce | 5:20.10.17~3-0~ubuntu-jammy | https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages
 docker-ce | 5:20.10.16~3-0~ubuntu-jammy | https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages
 docker-ce | 5:20.10.15~3-0~ubuntu-jammy | https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages
 docker-ce | 5:20.10.14~3-0~ubuntu-jammy | https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages
 docker-ce | 5:20.10.13~3-0~ubuntu-jammy | https://download.docker.com/linux/ubuntu jammy/stable amd64 Packages

# container:
$ docker exec -it jenkins_jenkins bash -c "apt-cache madison docker.io"
 docker.io | 20.10.5 dfsg1-1 deb11u2 | http://deb.debian.org/debian bullseye/main amd64 Packages

CodePudding user response:

I finally solved the problem by doing the exact opposite: upgrading the container system to make its libc version match the newer one from the host, as described here.

  • Related