Develop Reference

process_linux.go:458: setting cgroup config for procHooks process caused: can't load program: operation not permitted: unknown (Docker))

I'm trying to deploy a docker container to perform some testings with gitlab runners but when I'm doing the docker-compose up command I get the following output:
admin#runners-test:~/runner-test$ sudo docker-compose up -d
Starting gitlab-runner ... error
ERROR: for gitlab-runner Cannot start service gitlab-runner: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: process_linux.go:458: setting cgroup config for procHooks process caused: can't load program: operation not permitted: unknown
ERROR: for gitlab-runner Cannot start service gitlab-runner: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: process_linux.go:458: setting cgroup config for procHooks process caused: can't load program: operation not permitted: unknown
ERROR: Encountered errors while bringing up the project.
Abd this is the output of journalctl:
Sep 23 07:23:24 runners-test dockerd[231]: time="2022-09-23T07:23:24.560275437Z" level=error msg="stream copy error: reading from a closed fifo"
Sep 23 07:23:24 runners-test dockerd[231]: time="2022-09-23T07:23:24.577270402Z" level=error msg="stream copy error: reading from a closed fifo"
Sep 23 07:23:24 runners-test dockerd[231]: time="2022-09-23T07:23:24.675282811Z" level=error msg="0cd3bbb779a947012c9059921f092b569eb088bb2fe0bf99a8ae3266ec43abbd cleanup: failed to delete container from containerd: no such container"
Sep 23 07:23:24 runners-test dockerd[231]: time="2022-09-23T07:23:24.675625496Z" level=error msg="Handler for POST /v1.25/containers/0cd3bbb779a947012c9059921f092b569eb088bb2fe0bf99a8ae3266ec43abbd/start returned error: OCI runtime create failed: container_linux.go:367: starting container process caused: process_linux.go:495: container init caused: process_linux.go:458: setting cgroup config for procHooks process caused: can't load program: operation not permitted: unknown"
And the docker-compose file:
version: '3'
services:
gitlab-runner:
container_name: gitlab-runner
image: 'gitlab/gitlab-runner:latest'
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./config:/etc/gitlab-runner
restart:
unless-stopped
This error occurs with any container I try to lift, even doing a simple docker run hello-world...
I also take a look to this post on proxmox forum but I don't know how to add kernel command line parameters for a lxc container, I'v been trying editing the /etc/default/grub file but update-grub command doesn't work as I want inside the lxc, I get the following output:
admin#runners-test:/$ sudo update-grub
[sudo] password for admin:
/usr/sbin/grub-probe: error: failed to get canonical path of `/dev/mapper/pve-vm--1010118--disk--0'.
I'm really stuck with this, so any kind of help would be welcome :) Thanks!

I referenced many other links when finally discovering doing a (on CentOS) update did the trick. So:
yum update -y
reboot
After the reboot, the system came back online and I proceeded to run my docker container, in this case a docker registry:
[root#server ~]# docker run -d --name registry registry:2
c40941bf42c853709bcca05bad4e8914df1f4932a355607f37b55f7e0ed01e60
[root#server ~]# docker ps -a
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS
NAMES
c40941bf42c8 registry:2 "/entrypoint.sh /e..." 3 seconds ago Up 2 seconds 5000/tcp
The docker container booted up fine.
So, also here are reference pages I checked out, and I did not have to change anything in /boot/boot.txt as this one references, but is good info:
https://my-take-on.tech/2021/05/07/fix-docker-cgroup-errors-after-systemd-248-update/
and this one, which after I read it, it had me finally trying to do a yum update for fix:
docker-compose throws errors by starting mariadb for an private nextcloud installation

VS Code not recognizing Docker in WSL

I was previously able to run Remote Containers inside VS Code without any errors. For some unknown reason, today it stopped working with this error when I try to reopen in a container. Error is: Docker Desktop WSL 2 backend required.
In the Windows Powershell, I can see that docker is indeed installed.
PS C:\Users\Me> wsl docker --version
Docker version 20.10.14, build a224086
I tried to reinstall and follow the instructions in Docker Desktop WSL 2 backend setup.
Use WSL 2 based engine is checked
Integration with the Ubuntu distro is enabled
Inside the Ubuntu command line, I can also run docker ps with no problem at all.
It's just inside VS Code that's having issues. Here's the trace log to help out more:
[1491047 ms] Host server: Error: spawn /usr/local/bin/docker ENOENT
at Process.ChildProcess._handle.onexit (node:internal/child_process:282:19)
at onErrorNT (node:internal/child_process:477:16)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
[1491049 ms] Start: Run in Host: /usr/local/bin/docker version --format {{.Server.APIVersion}}
[1491049 ms] Host server: (node:3238) PromiseRejectionHandledWarning: Promise rejection was handled asynchronously (rejection id: 1)
(Use `node --trace-warnings ...` to show where the warning was created)
[1491051 ms] Host server: Error: spawn /usr/local/bin/docker ENOENT
at Process.ChildProcess._handle.onexit (node:internal/child_process:282:19)
at onErrorNT (node:internal/child_process:477:16)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
[1491052 ms] Stop (3 ms): Run in Host: /usr/local/bin/docker version --format {{.Server.APIVersion}}
[1491052 ms] spawn /usr/local/bin/docker ENOENT

Command failed docker-compose in VScode Devcontainer

I've just started using Docker on an already existing project (it runs into a Docker container). I don't have a lot of Docker background - I've been using it only from the GUI, by pressing the "play" button.
Now I have a project which runs into a container, and I'm having trouble starting it.
I'm getting this error:
[2022-03-31T15:30:27.408Z] Error: Command failed: docker-compose -f c:\Users\Octavian\Desktop\django-analyzer\docker-compose.dev.yml config
[2022-03-31T15:30:27.408Z] at Ru (c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js:209:813)
[2022-03-31T15:30:27.408Z] at processTicksAndRejections (node:internal/process/task_queues:96:5)
[2022-03-31T15:30:27.408Z] at async dR (c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js:181:643)
[2022-03-31T15:30:27.408Z] at async hR (c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js:178:2075)
[2022-03-31T15:30:27.408Z] at async RR (c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js:223:2195)
[2022-03-31T15:30:27.408Z] at async Jw (c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js:223:3221)
[2022-03-31T15:30:27.409Z] at async TR (c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js:223:13880)
[2022-03-31T15:30:27.409Z] at async FR (c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js:223:13605)
[2022-03-31T15:30:27.417Z] Stop (3507 ms): Run: C:\Users\Octavian\AppData\Local\Programs\Microsoft VS Code\Code.exe c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js up --container-data-folder .vscode-server/data/Machine --container-system-data-folder /var/vscode-server --workspace-folder c:\Users\Octavian\Desktop\django-analyzer --workspace-mount-consistency cached --id-label vsch.local.folder=c:\Users\Octavian\Desktop\django-analyzer --id-label vsch.quality=stable --log-level debug --config c:\Users\Octavian\Desktop\django-analyzer\.devcontainer\devcontainer.json --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root true
[2022-03-31T15:30:27.417Z] Exit code 1
[2022-03-31T15:30:27.420Z] Command failed: C:\Users\Octavian\AppData\Local\Programs\Microsoft VS Code\Code.exe c:\Users\Octavian\.vscode\extensions\ms-vscode-remote.remote-containers-0.231.1\dist\spec-node\devContainersSpecCLI.js up --container-data-folder .vscode-server/data/Machine --container-system-data-folder /var/vscode-server --workspace-folder c:\Users\Octavian\Desktop\django-analyzer --workspace-mount-consistency cached --id-label vsch.local.folder=c:\Users\Octavian\Desktop\django-analyzer --id-label vsch.quality=stable --log-level debug --config c:\Users\Octavian\Desktop\django-analyzer\.devcontainer\devcontainer.json --mount type=volume,source=vscode,target=/vscode,external=true --skip-post-create --update-remote-user-uid-default on --mount-workspace-git-root true
[2022-03-31T15:30:27.421Z] Exit code 1
Here's my docker-compose.yml (if it helps)
version: '3.7'
services:
redis:
//data
postgres:
//data
django:
//data
volumes:
db-data:
Where can this error come from and how can I fix it?
Thanks.

It looks like you're trying to VS Code devcontainers. The error output is not super helpful here.
docker-compose seems to not like the format of your docker-compose.dev.yml file because it errors out on:
docker-compose -f c:\Users\Octavian\Desktop\django-analyzer\docker-compose.dev.yml config
Try running that command at your command line and it should give you better info on why your docker-compose.dev.yml is invalid.

I just ran into this problem myself and the issue was that my compose file wasn't compatible with the V1 compose command-line. Going into the Docker Desktop general preferences and enabling "Use Docker Compose V2" fixed it.

Try to check your docker version. then select the appropriate compactibility version from HERE then try this for official HERE or you can try this one for template compose file HERE
Make sure your docker is propery installed on your local machine.

Live migration of a jboss/wildfly container with CRIU failed

I've tried to live migrate a wildfly-container to another host like described here. The example with the np container works well. When I replace the example with a simple jboss/wildfly container, I just received this error when criu tries to restore the container on the other host :
Error response from daemon: Cannot restore container <CONTAINER-ID>: criu failed: type NOTIFY errno 0
Error: failed to restore one or more containers
Because I didn't found a solution to this error, I've compiled the linux kernel like described on the criu website and here.
After that sudo criu check prints:
Warn (criu/libnetlink.c:54): ERROR -2 reported by netlink
Warn (criu/libnetlink.c:54): ERROR -2 reported by netlink
Warn (criu/sockets.c:711): The current kernel doesn't support packet_diag
Warn (criu/libnetlink.c:54): ERROR -2 reported by netlink
Warn (criu/sockets.c:721): The current kernel doesn't support netlink_diag
Info prctl: PR_SET_MM_MAP_SIZE is not supported
Looks good.
criu --version
Version: 2.11
docker --version
Docker version 1.6.2, build 7c8fca2
Checkpoint/Restore for an example shell script example worked very well. But when I want to checkpoint a container
docker run -d --name looper busybox /bin/sh -c 'i=0; while true; do echo $i; i=$(expr $i + 1); sleep 1; done'
with
criu dump -t $PID --images-dir /tmp/looper
I receive this output
Error (criu/sockets.c:132): Diag module missing (-2)
Error (criu/sockets.c:132): Diag module missing (-2)
Error (criu/sockets.c:132): Diag module missing (-2)
Error (criu/mount.c:701): mnt: 87:./etc/hosts doesn't have a proper root mount
Error (criu/cr-dump.c:1641): Dumping FAILED.`
I can't find some solutions with these errors. Is there any known solution to live migrate a wildfly-container?
Thanks in advance

Packer docker build exits code 137 when running runit cookbook

I'm trying to use Packer to build a docker image of the webapp I'm working on. Whenever I run packer build, when it gets to the step that it runs the runit recipe, I would get Build 'docker' errored: Error executing Chef: Non-zero exit status: 137
I looked into 137, and found out this is the exit code commonly associated with a kill -9. In most cases this would imply that the system is running critically low on memory, and the system is attempting to compensate.
I tried to find the smallest possible reproduction, and I came up with this packer configuration:
{
"builders":[{
"type": "docker",
"pull": false,
"image": "silkstart/basic_server",
"export_path": "image.tar",
"run_command":[
"-d",
"-i",
"-t",
"--memory-reservation",
"1G",
"{{.Image}}",
"/bin/bash"
]
}],
"provisioners":[
{
"type": "chef-solo",
"cookbook_paths": ["cookbooks", "vendor/cookbooks"],
"data_bags_path": "data_bags",
"roles_path": "roles",
"environments_path": "environments",
"run_list": [
"recipe[runit]"
]
}
],
"post-processors": [
{
"type": "docker-import",
"repository": "silkstart/docker_test",
"tag": "0.1"
}
]
}
When I run packer build on this configuration, this is my output:
TMPDIR=/opt/shared packer build packer_files/docker_test.json
docker output will be in this color.
==> docker: Creating a temporary directory for sharing data...
==> docker: Starting docker container...
docker: Run command: docker run -v /opt/shared/packer-docker484290992:/packer-files -d -i -t --memory-reservation 1G silkstart/basic_server /bin/bash
docker: Container ID: 1f87b0cf1fe71f07b580ae6b18415a79c23a1a32a40f5f0366be90f160977a50
==> docker: Provisioning with chef-solo
docker: Installing Chef...
docker: % Total % Received % Xferd Average Speed Time Time Time Current
docker: Dload Upload Total Spent Left Speed
docker: 100 20022 100 20022 0 0 45092 0 --:--:-- --:--:-- --:--:-- 45196
docker: Getting information for chef stable for ubuntu...
docker: downloading https://omnitruck-direct.chef.io/stable/chef/metadata?v=&p=ubuntu&pv=14.04&m=x86_64
docker: to file /tmp/install.sh.23/metadata.txt
docker: trying curl...
docker: url https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/14.04/x86_64/chef_12.6.0-1_amd64.deb
docker: md5 5cfc19d5a036b3f7860716bc9795a85e
docker: sha256 e0b42748daf55b5dab815a8ace1de06385db98e29a27ca916cb44f375ef65453
docker: version 12.6.0downloaded metadata file looks valid...
docker: downloading https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/14.04/x86_64/chef_12.6.0-1_amd64.deb
docker: to file /tmp/install.sh.23/chef_12.6.0-1_amd64.deb
docker: trying curl...
docker: Comparing checksum with sha256sum...
docker:
docker: WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
docker:
docker: You are installing an omnibus package without a version pin. If you are installing
docker: on production servers via an automated process this is DANGEROUS and you will
docker: be upgraded without warning on new releases, even to new major releases.
docker: Letting the version float is only appropriate in desktop, test, development or
docker: CI/CD environments.
docker:
docker: WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
docker:
docker: Installing chef
docker: installing with dpkg...
docker: Selecting previously unselected package chef.
docker: (Reading database ... 17195 files and directories currently installed.)
docker: Preparing to unpack .../chef_12.6.0-1_amd64.deb ...
docker: Unpacking chef (12.6.0-1) ...
docker: Setting up chef (12.6.0-1) ...
docker: Thank you for installing Chef!
docker: Creating directory: /tmp/packer-chef-solo
docker: Creating directory: /tmp/packer-chef-solo/cookbooks-0
docker: Creating directory: /tmp/packer-chef-solo/cookbooks-1
docker: Creating directory: /tmp/packer-chef-solo/roles
docker: Creating directory: /tmp/packer-chef-solo/data_bags
docker: Creating directory: /tmp/packer-chef-solo/environments
docker: Creating configuration file 'solo.rb'
docker: Creating JSON attribute file
docker: Executing Chef: sudo chef-solo --no-color -c /tmp/packer-chef-solo/solo.rb -j /tmp/packer-chef-solo/node.json
docker: [2016-01-29T06:42:48+00:00] INFO: Forking chef instance to converge...
docker: [2016-01-29T06:42:48+00:00] INFO: *** Chef 12.6.0 ***
docker: [2016-01-29T06:42:48+00:00] INFO: Chef-client pid: 207
docker: [2016-01-29T06:42:50+00:00] INFO: Setting the run_list to ["recipe[runit]"] from CLI options
docker: [2016-01-29T06:42:50+00:00] INFO: Run List is [recipe[runit]]
docker: [2016-01-29T06:42:50+00:00] INFO: Run List expands to [runit]
docker: [2016-01-29T06:42:50+00:00] INFO: Starting Chef Run for 1f87b0cf1fe7
docker: [2016-01-29T06:42:50+00:00] INFO: Running start handlers
docker: [2016-01-29T06:42:50+00:00] INFO: Start handlers complete.
docker: [2016-01-29T06:42:52+00:00] INFO: Processing service[runit] action nothing (runit::default line 20)
docker: [2016-01-29T06:42:52+00:00] INFO: Processing execute[start-runsvdir] action nothing (runit::default line 24)
docker: [2016-01-29T06:42:52+00:00] INFO: Processing execute[runit-hup-init] action nothing (runit::default line 33)
docker: [2016-01-29T06:42:52+00:00] INFO: Processing apt_package[runit] action install (runit::default line 64)
docker: [2016-01-29T06:42:55+00:00] INFO: Processing cookbook_file[/var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed] action create (dynamically defined)
docker: [2016-01-29T06:42:55+00:00] INFO: cookbook_file[/var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed] created file /var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed
docker: [2016-01-29T06:42:55+00:00] INFO: cookbook_file[/var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed] updated file contents /var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed
docker: [2016-01-29T06:42:55+00:00] INFO: apt_package[runit] pre-seeding package installation instructions
==> docker: Killing the container: 1f87b0cf1fe71f07b580ae6b18415a79c23a1a32a40f5f0366be90f160977a50
Build 'docker' errored: Error executing Chef: Non-zero exit status: 137
I'm not entirely sure what is causing the code 137, and any help would be appreciated.
Update 1
I'm including a gist of the full debug output from Chef. It's much more verbose, mainly due it would seem to all of the attempts Ohai makes to get information.
https://gist.github.com/jrstarke/4c5f3b432aaee70c7f77
No references in here seem to suggest an out of memory error, at least on the docker host.

After much much digging, I found the problem. The underlying problem, and the solution were both found on an issue in cloudfoundry-incubator/garden-linux.
Apparently as part of the setup process one of the post init scripts for runit executes a kill -s HUP 1. Why I'm not entirely sure, but as they noted there, doing a trap '' HUP right before my apt-get install runit and a trap HUP afterwards totally solved my problem.

Check the OOM log on the host machine. Also you can use the execute_command configuration value to turn the log level to debug.

This answer seemed to work for me: https://stackoverflow.com/a/42398166/2878244
I had to increase the memory resources assigned to docker by going to the Docker Tab > Preferences > Advanced