This question already has answers here:
Cannot start docker container In docker CE on oracle linux
(5 answers)
Closed 3 years ago.
I am trying to build an agent on the linux machine using docker. Everything was working fine and i was able to create the agent. But suddenly it was showing offline. When i tried to recreate the agent it was throwing below error:-
ERROR: for build-agent_dl-build-agent_1 Cannot start service dl-build-agent: OCI runtime create failed: container_linux.go:345: starting container process caused "process_linux.go:430: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknown
ERROR: for dl-build-agent Cannot start service dl-build-agent: OCI runtime create failed: container_linux.go:345: starting container process caused "process_linux.go:430: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknown
ERROR: Encountered errors while bringing up the project.
even if i am trying to run a simple docker command 'docker run hello-world' i am getting below error,
docker: Error response from daemon: OCI runtime create failed: container_linux.go:345: starting container process caused "process_linux.go:430: container init caused \"write /proc/self/attr/keycreate: permission denied\"": unknown.
ERRO[0000] error waiting for container: context cancelled
Any suggestions?
Below command solved my issue,
sudo semanage permissive -a container_runtime_t
Please follow below link for more details,
Cannot start docker container In docker CE on oracle linux
Thanks #leopal for suggestion.
Related
since today i have got an error message with various docker commands. Unfortunately I don't really know what to do with it. Does anyone have any idea what the problem could be and how I fix it?
Error:
OCI runtime exec failed: exec failed: container_linux.go:370: starting container process caused: process_linux.go:95: starting setns process caused: fork/exec /proc/self/exe: resource temporarily unavailable: unknown
Another Error:
ERROR: for hosting_mail_1 Cannot start service mail: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/moby/5fabf9edf67fbd6455bdc955c56c063683aa78e8e31514660661799aaa867391/log.json: no such file or directory): runc did not terminate successfully: unknown
ERROR: for mail Cannot start service mail: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/moby/5fabf9edf67fbd6455bdc955c56c063683aa78e8e31514660661799aaa867391/log.json: no such file or directory): runc did not terminate successfully: unknown
ERROR: Encountered errors while bringing up the project.
I don't know if you solved your problem finally, but this really looks like bad file system authorization that may have been corrupted from an update on the file systems.
Regarding the error : container_linux.go:370:,/run/containerd/io.containerd.runtime.v2.task/moby/5fabf9edf67fbd6455bdc955c56c063683aa78e8e31514660661799aaa867391/log.json
I can see that :
docker manage to initiate a volume ID
did not manage to mount that volume on the disk
0/ Check docker basic command
docker ps
docker images
docker pull ubuntu:latest
If one of these commands is failing, you are up to review docker installation, seems that maybe docker is not installed properly.
1/
To check if you need to completely re-install docker, you may try the following basic command
docker run --name checkDocker -it ubuntu:latest bash
If this is not displaying any docker shell, then you have a problem on running a container, not necessarly docker installation.
2/
Check your docker volumes and rights, I don't have your installation setup, but It seems you are using docker-compose and maybe there is some conflicts when mounting the volume of your containers with specific rights and the host's rights and user id
3/
If you are ending up here you should follow that work around of re-installation, which would be the fatest solution to restore your application if you have backup (hope you have )
docker: Error response from daemon:
OCI runtime create failed: container_linux.go:349:
starting container process caused “process_linux.go:449:
container init caused \“write /proc/self/attr/keycreate:
permission denied\“”: unknown.
ERRO[0000] error waiting for container: context canceled
I got this error when set up Docker on Centos7. My partner find out a solution here
My solution is running this command:
sudo setenforce Permissive
I am using
$ sudo docker start <Container Id>
Below error I received
Error response from daemon: OCI runtime create failed: container_linux.go:348: starting container process caused "exec: \"-f\": executable file not found in $PATH": unknown
Error: failed to start containers: 885dccbc45d1
I solved this by deleting the most recent docker image - it would seem that a failure in the previous image is being persisted into the next build.
Run docker images to see a list of docker images on your machine. Then run docker rmi -f <most_recent_image_ID> and try building again.
I'm using meteor-up to deploy to docker instances inside an LXD container. When it attempts to bring up a MongoDB docker instance, it fails with the following error:
docker: Error response from daemon: oci runtime error: container_linux.go:265: starting container process caused "process_linux.go:368: container init caused \"rootfs_linux.go:57: mounting \\\"proc\\\" to rootfs \\\"/var/lib/docker/vfs/dir/20a621a73755db3f4030bc67bbf7ff9540bd1d63bb348d8be440d8ca63d3c922\\\" at \\\"/proc\\\" caused \\\"permission denied\\\"\"".
I've tried deploying as the ubuntu user to my LXD container, and as root, and that hasn't helped. There's obviously some permissions issue here, but I don't know where to start debugging this problem.
According to https://discuss.linuxcontainers.org/t/having-trouble-using-docker/383 it sounds like you might need to set security.nesting=true. Stop the container (lxc stop deploy-container), configure nesting on (lxc config set deploy-container security.nesting true as per https://insights.ubuntu.com/2015/10/30/nested-containers-in-lxd) and lxc start deploy-container.
For Proxmox users: https://www.youtube.com/watch?v=79KiCBNbsbg
Enable Nesting feature on the container to fix the following error
ERROR: for mysql-8.0 Cannot start service mysql-8.0:
failed to create shim: OCI runtime create failed:
container_linux.go:380: starting container process caused: process_linux.go:545:
container init caused: rootfs_linux.go:76: mounting "proc" to rootfs at
"/proc" caused: mount through procfd: permission denied: unknown
But other users Proxmox users say to enable keyctl too.
If you still have errors you may need to remove domain_name and hostname from the docker-compose config to fix the following errors as said here.
ERROR: for mariadb10-4 Cannot start service mariadb10-4: failed to create shim: OCI runtime create failed: container_linux.go:380:
starting container process caused: process_linux.go:545:
container init caused: write sysctl key kernel.domainname:
open /proc/sys/kernel/domainname: permission denied: unknown
I updated docker and compose to
Docker version 17.06.0-ce, build 02c1d87
docker-compose version 1.14.0, build c7bdf9e
Now when I am running container with docker run it works fine. But I have 10+ services defined in compose file. For last 1 year it was working file and after update and restarting docker service it suddenly giving me -
ERROR: for extremis_maxwell_1 Cannot start service maxwell: oci runtime error: container_linux.go:262: starting container process caused "process_linux.go:339: container init caused \"read init-p: connection reset by peer\""
ERROR: for maxwell Cannot start service maxwell: oci runtime error: container_linux.go:262: starting container process caused "process_linux.go:339: container init caused \"read init-p: connection reset by peer\""
I tried re-installing everything but error remains the same.
I was facing the same issue in case I use memory limit on CentOS 7.2. All you need to do is update your RedHat or CentOS kernel to -514 patch or wait for docker 17.06.1.
yum update kernel
See https://github.com/moby/moby/issues/34046