Upgrading the underlying operating system for the Docker executor

Announcements
1

We are upgrading the version of the operating system that we use to run customer containers as part of the Docker executor on CircleCI.

This change should be mostly invisible to you, but you might notice this change if you are, for example, relying on a specific kernel version in your jobs.

We are slowly rolling out this change for all Docker executor customers, and we expect the rollout to be complete by April 1st, 2019.

Here are the facts:

  • A small portion of the Docker executor jobs are now executing on the machines with the upgraded OS. We will increase that portion slowly over the coming weeks.

  • Most of the underlying OS changes will not be visible to the Docker executor jobs, as those are isolated in their own containers. However, the upgrade includes a new kernel version which will be visible.

  • Some kernel-specific or OS-specific changes to data structures exported in virtual filesystems (such as /proc/self/cgroup) will be visible in the Docker executor jobs.

  • The new version of the kernel is GNU/Linux 4.15.

  • The Docker version in the Docker executor is being upgraded from 17.05 to 18.09.

Please comment on this post if you have any questions about this change. Thank you!

1 Like
2

We’ve been getting continuous repeated errors on previously passing tests since Friday March 15. The tests are using the docker image circleci/node:11-browsers and using puppeteer-core to run the browser tests. I’m curious if our issues (bug report here) might be related to this upgrade, since both started to happen around the same time.

1 Like
3

Hi Kate, thanks for reporting this. We’ll investigate and update this thread and your bug report with more information. Thanks for your patience.

1 Like
4

We have identified a possible cause of this issue. We won’t run any jobs on the upgraded OS before the fix is out. So your affected jobs should now work fine again.

We’ll update here once the fix is rolled out. Thanks for your patience.

1 Like
5

Our builds have started failing today, were passing yesterday

we use

    machine:
      image: circleci/classic:latest

could this be the reason?

6

also… where can I find a list of available tags for the circleci/classic image? so I can try something other than latest

7

the only list of classic tags I could find is here:
https://circleci.com/docs/2.0/configuration-reference/#machine

is this up to date?

if a new version was released today shouldn’t it be on that list?

8

These changes we’re making will only affect people using the docker executor type.

1 Like
9

We had disabled the new image for a few days after reports of issues running Chrome in containers hitting security errors.

We have resolved those issues and are now continuing our rollout.

1 Like
10

I’m seeing some new and unexpected errors using the circleci/elixir:1.7.3-node-browsers image.

Is there any way for me to check which executor version I’m on to see if 18.09 is breaking my build or not?

11

I’ll defer to Glen, but you could add a step that runs lsb_release -a to check what version of linux you are on.

12

@drazisil 'm not familiar with this command. Is that something on the elixir image?

13

It’s a debian/ubuntu command. It does work under the docker executor through.

Edit: To address your confusion, this is about the machine executor. If you are using the docker executor this would not affect you.

14

Update: The version upgrade of the operating system is currently under review, with security reviews slated to be completed over the coming weeks. This version of the operating system runs on customer containers as part of the Docker executor on CircleCI.

Please note - this change should be mostly invisible to you, but you might notice this change if you are, for example, relying on a specific kernel version in your jobs.

1 Like