I'm setting a docker to run a application on my custom board,i have made a custom build environment to run docker on my board,and it was successfull.But when i execute docker ps command it shows error
ERROR:Error response from daemon: 404 page not found.
ERROR Message
docker ps
Error response from daemon: 404 page not found
root#salvator-x:~# [ 143.758164] audit_printk_skb: 6 callbacks suppressed
[ 143.763172] audit: type=1325 audit(1553864701.319:13): table=nat family=2 entries=8
[ 143.770891] audit: type=1300 audit(1553864701.319:13): arch=c00000b7 syscall=208 success=yes exit=0 a0=4 a1=0 a2=40 a3=3d8e0a90 items=0 ppid=3345 pid=3374 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="iptables" exe="/usr/sbin/xtables-multi" key=(null)
[ 143.798210] audit: type=1327 audit(1553864701.319:13): proctitle=2F7573722F7362696E2F69707461626C6573002D2D77616974002D74006E6174002D4600444F434B4552
[ 143.815500] audit: type=1325 audit(1553864701.375:14): table=nat family=2 entries=8
at first, check if you have any proxy in your envirement with this command:
env | grep -i proxy
now remove content of this below path:
/var/lib/docker/network/
if it's still not working, reinstall docker.
Related
I deployed the keycloak on the docker by the below command:
docker run -e KEYCLOAK_ADMIN=admin -e KEYCLOAK_ADMIN_PASSWORD=admin -p 8080:8080 quay.io/keycloak/keycloak:17.0.1 start-dev
And I connected to the container using:
docker exec -ti <CONTAINER> bash
And I created a realm config file as /tmp/realm.json
And finally, I ran the command:
/opt/keycloak/bin/kc.sh import --file /tmp/realm.json
But I encountered with the errors as below:
2022-09-26 21:40:37,142 ERROR [org.keycloak.services] (main) KC-SERVICES0010: Failed to add user 'admin' to realm 'master': user with username exists
2022-09-26 21:40:37,447 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Failed to start server in (import_export) mode
2022-09-26 21:40:37,448 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: Unable to start HTTP server
2022-09-26 21:40:37,448 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) ERROR: io.quarkus.runtime.QuarkusBindException
2022-09-26 21:40:37,449 ERROR [org.keycloak.quarkus.runtime.cli.ExecutionExceptionHandler] (main) For more details run the same command passing the '--verbose' option. Also you can use '--help' to see the details about the usage of the particular command.
Hope to hear any suggestions and solutions to the problem, thank you in advance!
I'm trying to setup Airflow debugging environment with VS code using Remote - containers plugin. What I did so far:
docker-compose up the image apache/airflow:2.2.4 with Docker Desktop community 2.4 on macOS 10.13.6
Attach to the running airflow-scheduler container with Remote - containers plugin
Compose a launch.json file with
"version": "0.2.0",
"configurations": [
{
"name": "Airflow Test",
"type": "python",
"request": "launch",
// $ which airflow
"program": "/home/airflow/.local/bin/airflow",
"console": "integratedTerminal",
"args": [
"dags",
"test",
"task_of_middleware",
"2022-04-08"
],
"justMyCode": true
}
]
VS code pops up error below when I start debugging:
The terminal process failed to launch: Path to shell executable "/sbin/nologin" does not exist.
The attached running container shows error:
[1382 ms] Start: Run in container: for pid in `cd /proc && ls -d [0-9]*`; do { echo $pid ; readlink /proc/$pid/cwd ; readlink /proc/$pid/ns/mnt ; cat /proc/$pid/stat | tr "
[1518 ms] Container server: Error: spawn /sbin/nologin ENOENT
at Process.ChildProcess._handle.onexit (node:internal/child_process:282:19)
at onErrorNT (node:internal/child_process:477:16)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
[1525 ms] Error: spawn /sbin/nologin ENOENT
at Process.ChildProcess._handle.onexit (node:internal/child_process:282:19)
at onErrorNT (node:internal/child_process:477:16)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
[1530 ms] Container server: (node:11888) PromiseRejectionHandledWarning: Promise rejection was handled asynchronously (rejection id: 1)
(Use `node --trace-warnings ...` to show where the warning was created)
I think the container runs normally since I'm able to connect to container shell via Docker Desktop and run Airflow test command. Any advice would be appreciated.
Not sure if this is the best practice, I found a way to ease the error and make debugger run normally. Put a config into the Attached container configuration files by select Remote-Containers: Open Container Configuration File from the Command Palette after attaching.
// Container user VS Code should use when connecting
"remoteUser": "root"
Reference here.
the following is an excerpt of a much bigger image factory template that builds a centos:7 docker image. everything works as expected however i get a dbus error on the running container. any help is appreciated!
this same code works if:
i use vmware-iso or virtualbox builders.
i use a centos:6 image
what i have tried with no effect:
switched to chef-client -z
added the /sys/fs/cgroup:/sys/fs/cgroup:ro volume
added privileged to the docker builder
template:
{
"builders": [{
"type": "docker",
"image": "centos:7",
"privileged": true,
"changes": [
"ONBUILD RUN {{ isotime }}"
],
"volumes": {
"/sys/fs/cgroup": "/sys/fs/cgroup:ro"
},
"export_path": "~/tmp/party_parrot.tar"
}],
"provisioners": [{
"cookbook_paths": [
"chef"
],
"prevent_sudo": true,
"run_list": [
"redhat_factory::default"
],
"chef_license": "accept",
"type": "chef-solo"
}]
}
chef cookbook:
package 'tuned'
service 'tuned' do
action %i(start enable)
end
log:
docker: output will be in this color.
==> docker: Creating a temporary directory for sharing data...
==> docker: Pulling Docker image: centos:7
docker: 7: Pulling from library/centos
docker: Digest: sha256:0f4ec88e21daf75124b8a9e5ca03c37a5e937e0e108a255d890492430789b60e
docker: Status: Image is up to date for centos:7
docker: docker.io/library/centos:7
==> docker: Starting docker container...
docker: Run command: docker run --privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro -v /Users/cr2p/.packer.d/tmp727655581:/packer-files -d -i -t --entrypoint=/bin/sh -- centos:7
docker: Container ID: f62d47e257a210442cce7f059a2be3dceb06fbce7673f16e04a52bdf5fa92891
==> docker: Using docker communicator to connect: 172.17.0.4
==> docker: Provisioning with chef-solo
docker: Installing Chef...
==> docker: % Total % Received % Xferd Average Speed Time Time Time Current
==> docker: Dload Upload Total Spent Left Speed
docker: el 7 x86_64
docker: Getting information for chef stable for el...
docker: downloading https://omnitruck.chef.io/stable/chef/metadata?v=&p=el&pv=7&m=x86_64
docker: to file /tmp/install.sh.17/metadata.txt
docker: trying curl...
==> docker: 100 23409 100 23409 0 0 34412 0 --:--:-- --:--:-- --:--:-- 34374
docker: sha1 dffee30e640f443cf1fbf8db17f319db09c1e21e
docker: sha256 b855820c1697dad395d3798f265e8c431b54a3bd29bbbd9ef87995cceaad3f17
docker: url https://packages.chef.io/files/stable/chef/17.2.29/el/7/chef-17.2.29-1.el7.x86_64.rpm
docker: version 17.2.29
docker: downloaded metadata file looks valid...
docker: downloading https://packages.chef.io/files/stable/chef/17.2.29/el/7/chef-17.2.29-1.el7.x86_64.rpm
docker: to file /tmp/install.sh.17/chef-17.2.29-1.el7.x86_64.rpm
docker: trying curl...
docker: Comparing checksum with sha256sum...
docker:
docker: WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
docker:
docker: You are installing a package without a version pin. If you are installing
docker: on production servers via an automated process this is DANGEROUS and you will
docker: be upgraded without warning on new releases, even to new major releases.
docker: Letting the version float is only appropriate in desktop, test, development or
docker: CI/CD environments.
docker:
docker: WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
docker:
docker: Installing chef
docker: installing with rpm...
==> docker: warning: /tmp/install.sh.17/chef-17.2.29-1.el7.x86_64.rpm: Header V4 DSA/SHA1 Signature, key ID 83ef826a: NOKEY
docker: Preparing... ########################################
docker: Updating / installing...
docker: chef-17.2.29-1.el7 ########################################
docker: Thank you for installing Chef Infra Client! For help getting started visit https://learn.chef.io
docker: Creating directory: /tmp/packer-chef-solo
docker: Creating directory: /tmp/packer-chef-solo/cookbooks-0
docker: Creating configuration file 'solo.rb'
docker: Creating JSON attribute file
docker: Executing Chef: chef-solo --no-color -c /tmp/packer-chef-solo/solo.rb -j /tmp/packer-chef-solo/node.json
docker: +---------------------------------------------+
docker: ✔ 2 product licenses accepted.
docker: +---------------------------------------------+
docker: Starting Chef Infra Client, version 17.2.29
docker: Patents: https://www.chef.io/patents
docker: [2021-06-17T15:02:07+00:00] WARN: Plugin Network: unable to detect ipaddress
docker: [2021-06-17T15:02:07+00:00] ERROR: shard_seed: Failed to get dmi property serial_number: is dmidecode installed?
docker: resolving cookbooks for run list: ["redhat_factory::default"]
docker: Synchronizing Cookbooks:
docker: - redhat_factory (1.0.0)
docker: Installing Cookbook Gems:
docker: Compiling Cookbooks...
docker: [2021-06-17T15:02:08+00:00] WARN: Resource yum_package built into Chef Infra Client is being overridden by the resource from a cookbook. Please upgrade your cookbook or remove the cookbook from your run_list.
docker: [2021-06-17T15:02:08+00:00] WARN: Provider yum_package built into Chef Infra Client is being overridden by the provider from a cookbook. Please upgrade your cookbook or remove the cookbook from your run_list.
docker: Converging 4 resources
docker: Recipe: redhat_factory::default
docker: * entitler[entitler] action nothing (skipped due to action :nothing)
docker: Recipe: redhat_factory::dummy
docker: * yum_package[tuned] action install
docker: - install version 0:2.11.0-11.el7_9.noarch of package tuned
docker: * service[tuned] action start
docker: * service[tuned]: No custom command for start specified and unable to locate the init.d script!
docker: ================================================================================
docker: Error executing action `start` on resource 'service[tuned]'
docker: ================================================================================
docker:
docker: Chef::Exceptions::Service
docker: -------------------------
docker: service[tuned]: No custom command for start specified and unable to locate the init.d script!
docker:
docker: Resource Declaration:
docker: ---------------------
docker: # In /tmp/packer-chef-solo/local-mode-cache/cache/cookbooks/redhat_factory/recipes/dummy.rb
docker:
docker: 3: service 'tuned' do
docker: 4: action %i(start enable)
docker: 5: end
docker:
docker: Compiled Resource:
docker: ------------------
docker: # Declared in /tmp/packer-chef-solo/local-mode-cache/cache/cookbooks/redhat_factory/recipes/dummy.rb:3:in `from_file'
docker:
docker: service("tuned") do
docker: action [:start, :enable]
docker: default_guard_interpreter :default
docker: declared_type :service
docker: cookbook_name "redhat_factory"
docker: recipe_name "dummy"
docker: service_name "tuned"
docker: supports {:restart=>nil, :reload=>nil, :status=>nil}
docker: end
docker:
docker: System Info:
docker: ------------
docker: chef_version=17.2.29
docker: platform=centos
docker: platform_version=7.9.2009
docker: ruby=ruby 3.0.1p64 (2021-04-05 revision 0fb782ee38) [x86_64-linux]
docker: program_name=/usr/bin/chef-solo
docker: executable=/opt/chef/bin/chef-solo
docker:
docker:
docker: Running handlers:
docker: [2021-06-17T15:02:37+00:00] ERROR: Running exception handlers
docker: Running handlers complete
docker: [2021-06-17T15:02:37+00:00] ERROR: Exception handlers complete
docker: Chef Infra Client failed. 1 resources updated in 31 seconds
docker: [2021-06-17T15:02:37+00:00] FATAL: Stacktrace dumped to /tmp/packer-chef-solo/local-mode-cache/cache/chef-stacktrace.out
docker: [2021-06-17T15:02:37+00:00] FATAL: Please provide the contents of the stacktrace.out file if you file a bug report
docker: [2021-06-17T15:02:37+00:00] FATAL: Chef::Exceptions::Service: service[tuned] (redhat_factory::dummy line 3) had an error: Chef::Exceptions::Service: service[tuned]: No custom command for start specified and unable to locate the init.d script!
==> docker: Provisioning step had errors: Running the cleanup provisioner, if present...
==> docker: Killing the container: f62d47e257a210442cce7f059a2be3dceb06fbce7673f16e04a52bdf5fa92891
Build 'docker' errored after 48 seconds 995 milliseconds: Error executing Chef: Non-zero exit status: 1
==> Wait completed after 48 seconds 996 milliseconds
==> Some builds didn't complete successfully and had errors:
--> docker: Error executing Chef: Non-zero exit status: 1
==> Builds finished but no artifacts were created.
connecting to the running container:
[root#a74a6b2cfa39 /]# systemctl --system status tuned
Failed to get D-Bus connection: Operation not permitted
[root#a74a6b2cfa39 /]# systemctl --system start tuned
Failed to get D-Bus connection: Operation not permitted
thanks in advance!
i've been able to solve this by modifying my work in the following ways:
modify the run_command specifically the entrypoint attribute
add the tmpfs array
finally modify the staging directory of the chef provisioner
packer template:
{
"builders": [{
"type": "docker",
"image": "centos:7",
"pull": false,
"privileged": true,
"changes": [
"ONBUILD RUN {{ isotime }}"
],
"volumes": {
"/sys/fs/cgroup": "/sys/fs/cgroup:ro"
},
"export_path": "~/tmp/party_parrot.tar",
"tmpfs": [
"/tmp",
"/run"
],
"run_command": ["-d", "-i", "-t", "--entrypoint=/usr/sbin/init", "--", "{{.Image}}"]
}],
"provisioners": [{
"cookbook_paths": [
"chef"
],
"prevent_sudo": true,
"run_list": [
"redhat_factory::default"
],
"chef_license": "accept",
"type": "chef-solo",
"staging_directory": "/chef"
}]
}
The "systemctl" script is small program that just communicates with the systemd dameon on PID 1 in a system. The communication channel is opened by asking d-bus which is also not started. The privledged/cgroup trick had been used for some time until docker containers were able to run the systemd daemon directly.
Personally I'd prefer to use the docker-systemctl-replacement/ in order to get an installer up and running that was not prepared for a docker environment. While it was developed with "ansible" in mind it may be interesting to see it working with "chef" instead.
I am trying to get Docker user namespaces to work with SELinux enabled on Centos 7.5. However, I get this error everytime:
docker run -itd --name temp -p 80:80 httpd
1a83588651b407e547881e15190b6d39692a7a2cf2df73dcaf4f37730ebdca65
docker: Error response from daemon: OCI runtime create failed: container_linux.go:348: starting container process caused "process_linux.go:301: running exec setns process for init caused \"exit status 40\"": unknown.
This does not happen if I turn of SELinux.
Here is my /etc/docker/daemon.json:
{
"userns-remap": "dockerspace",
"hosts": ["unix:///var/run/docker.sock", "tcp://0.0.0.0:2376"],
"tls": true,
"tlscacert": "/etc/pki/tls/certs/docker-ca.pem",
"tlscert": "/etc/pki/tls/certs/docker-cert.pem",
"tlskey": "/etc/pki/tls/private/docker-key.pem",
"tlsverify": true,
"selinux-enabled": true
}
uname -a output:
Linux atlantis.newtarget.net 3.10.0-862.9.1.el7.x86_64 #1 SMP Mon Jul 16 16:29:36 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
cat /proc/cmdline output:
BOOT_IMAGE=/vmlinuz-3.10.0-862.9.1.el7.x86_64 root=/dev/mapper/centos-root ro crashkernel=auto rd.lvm.lv=centos/root rd.lvm.lv=centos/swap rhgb quiet LANG=en_US.UTF-8 namespace.unpriv_enable=1 user_namespace.enable=1
Any help is greatly appreciated. Thanks.
You've got a bit more going on than I do when I was getting that error, but here goes!
Based on your cat /proc/cmdline output it looks like you have already done:
sudo grubby --args="namespace.unpriv_enable=1" --update-kernel=/boot/vmlinuz-$(uname -r)
You might need to restart for this to take effect (if you haven't already).
You also need to make sure the value in /proc/sys/user/max_user_namespaces is at least greater than 0:
echo 12345 > /proc/sys/user/max_user_namespaces
These settings along with configuring [/etc/subuid, /etc/subgid, /etc/docker/daemon.json] correctly it worked for me with selinux enabled. docker documentation on user namespacing, how to configure the above files (must be done manually for each on centos/rhel)
I'm trying to use Packer to build a docker image of the webapp I'm working on. Whenever I run packer build, when it gets to the step that it runs the runit recipe, I would get Build 'docker' errored: Error executing Chef: Non-zero exit status: 137
I looked into 137, and found out this is the exit code commonly associated with a kill -9. In most cases this would imply that the system is running critically low on memory, and the system is attempting to compensate.
I tried to find the smallest possible reproduction, and I came up with this packer configuration:
{
"builders":[{
"type": "docker",
"pull": false,
"image": "silkstart/basic_server",
"export_path": "image.tar",
"run_command":[
"-d",
"-i",
"-t",
"--memory-reservation",
"1G",
"{{.Image}}",
"/bin/bash"
]
}],
"provisioners":[
{
"type": "chef-solo",
"cookbook_paths": ["cookbooks", "vendor/cookbooks"],
"data_bags_path": "data_bags",
"roles_path": "roles",
"environments_path": "environments",
"run_list": [
"recipe[runit]"
]
}
],
"post-processors": [
{
"type": "docker-import",
"repository": "silkstart/docker_test",
"tag": "0.1"
}
]
}
When I run packer build on this configuration, this is my output:
TMPDIR=/opt/shared packer build packer_files/docker_test.json
docker output will be in this color.
==> docker: Creating a temporary directory for sharing data...
==> docker: Starting docker container...
docker: Run command: docker run -v /opt/shared/packer-docker484290992:/packer-files -d -i -t --memory-reservation 1G silkstart/basic_server /bin/bash
docker: Container ID: 1f87b0cf1fe71f07b580ae6b18415a79c23a1a32a40f5f0366be90f160977a50
==> docker: Provisioning with chef-solo
docker: Installing Chef...
docker: % Total % Received % Xferd Average Speed Time Time Time Current
docker: Dload Upload Total Spent Left Speed
docker: 100 20022 100 20022 0 0 45092 0 --:--:-- --:--:-- --:--:-- 45196
docker: Getting information for chef stable for ubuntu...
docker: downloading https://omnitruck-direct.chef.io/stable/chef/metadata?v=&p=ubuntu&pv=14.04&m=x86_64
docker: to file /tmp/install.sh.23/metadata.txt
docker: trying curl...
docker: url https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/14.04/x86_64/chef_12.6.0-1_amd64.deb
docker: md5 5cfc19d5a036b3f7860716bc9795a85e
docker: sha256 e0b42748daf55b5dab815a8ace1de06385db98e29a27ca916cb44f375ef65453
docker: version 12.6.0downloaded metadata file looks valid...
docker: downloading https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/14.04/x86_64/chef_12.6.0-1_amd64.deb
docker: to file /tmp/install.sh.23/chef_12.6.0-1_amd64.deb
docker: trying curl...
docker: Comparing checksum with sha256sum...
docker:
docker: WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
docker:
docker: You are installing an omnibus package without a version pin. If you are installing
docker: on production servers via an automated process this is DANGEROUS and you will
docker: be upgraded without warning on new releases, even to new major releases.
docker: Letting the version float is only appropriate in desktop, test, development or
docker: CI/CD environments.
docker:
docker: WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
docker:
docker: Installing chef
docker: installing with dpkg...
docker: Selecting previously unselected package chef.
docker: (Reading database ... 17195 files and directories currently installed.)
docker: Preparing to unpack .../chef_12.6.0-1_amd64.deb ...
docker: Unpacking chef (12.6.0-1) ...
docker: Setting up chef (12.6.0-1) ...
docker: Thank you for installing Chef!
docker: Creating directory: /tmp/packer-chef-solo
docker: Creating directory: /tmp/packer-chef-solo/cookbooks-0
docker: Creating directory: /tmp/packer-chef-solo/cookbooks-1
docker: Creating directory: /tmp/packer-chef-solo/roles
docker: Creating directory: /tmp/packer-chef-solo/data_bags
docker: Creating directory: /tmp/packer-chef-solo/environments
docker: Creating configuration file 'solo.rb'
docker: Creating JSON attribute file
docker: Executing Chef: sudo chef-solo --no-color -c /tmp/packer-chef-solo/solo.rb -j /tmp/packer-chef-solo/node.json
docker: [2016-01-29T06:42:48+00:00] INFO: Forking chef instance to converge...
docker: [2016-01-29T06:42:48+00:00] INFO: *** Chef 12.6.0 ***
docker: [2016-01-29T06:42:48+00:00] INFO: Chef-client pid: 207
docker: [2016-01-29T06:42:50+00:00] INFO: Setting the run_list to ["recipe[runit]"] from CLI options
docker: [2016-01-29T06:42:50+00:00] INFO: Run List is [recipe[runit]]
docker: [2016-01-29T06:42:50+00:00] INFO: Run List expands to [runit]
docker: [2016-01-29T06:42:50+00:00] INFO: Starting Chef Run for 1f87b0cf1fe7
docker: [2016-01-29T06:42:50+00:00] INFO: Running start handlers
docker: [2016-01-29T06:42:50+00:00] INFO: Start handlers complete.
docker: [2016-01-29T06:42:52+00:00] INFO: Processing service[runit] action nothing (runit::default line 20)
docker: [2016-01-29T06:42:52+00:00] INFO: Processing execute[start-runsvdir] action nothing (runit::default line 24)
docker: [2016-01-29T06:42:52+00:00] INFO: Processing execute[runit-hup-init] action nothing (runit::default line 33)
docker: [2016-01-29T06:42:52+00:00] INFO: Processing apt_package[runit] action install (runit::default line 64)
docker: [2016-01-29T06:42:55+00:00] INFO: Processing cookbook_file[/var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed] action create (dynamically defined)
docker: [2016-01-29T06:42:55+00:00] INFO: cookbook_file[/var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed] created file /var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed
docker: [2016-01-29T06:42:55+00:00] INFO: cookbook_file[/var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed] updated file contents /var/chef/cache/preseed/runit/runit-2.1.1-6.2ubuntu3.seed
docker: [2016-01-29T06:42:55+00:00] INFO: apt_package[runit] pre-seeding package installation instructions
==> docker: Killing the container: 1f87b0cf1fe71f07b580ae6b18415a79c23a1a32a40f5f0366be90f160977a50
Build 'docker' errored: Error executing Chef: Non-zero exit status: 137
I'm not entirely sure what is causing the code 137, and any help would be appreciated.
Update 1
I'm including a gist of the full debug output from Chef. It's much more verbose, mainly due it would seem to all of the attempts Ohai makes to get information.
https://gist.github.com/jrstarke/4c5f3b432aaee70c7f77
No references in here seem to suggest an out of memory error, at least on the docker host.
After much much digging, I found the problem. The underlying problem, and the solution were both found on an issue in cloudfoundry-incubator/garden-linux.
Apparently as part of the setup process one of the post init scripts for runit executes a kill -s HUP 1. Why I'm not entirely sure, but as they noted there, doing a trap '' HUP right before my apt-get install runit and a trap HUP afterwards totally solved my problem.
Check the OOM log on the host machine. Also you can use the execute_command configuration value to turn the log level to debug.
This answer seemed to work for me: https://stackoverflow.com/a/42398166/2878244
I had to increase the memory resources assigned to docker by going to the Docker Tab > Preferences > Advanced