After latest update LXC+Docker = broken

O

olsonn

Active Member
Oct 25, 2017
11
0
41
51
the error i get now

Error response from daemon: oci runtime error: container_linux.go:247: starting container process caused "process_linux.go:359: container init caused \"rootfs_linux.go:43: preparing rootfs caused \\\"permission denied\\\"\""

has this something to do with apparmor?
not sure what needs to be in my
/etc/pve/lxc/100.conf to run properly?

this part is not valid anymore...
lxc.aa_profile = unconfined
so
lxc.apparmor.profile = unconfined

but still no go...
please help
 
proxmox-ve: 5.1-42 (running kernel: 4.13.16-2-pve)
pve-manager: 5.1-49 (running version: 5.1-49/1e427a54)
pve-kernel-4.13: 5.1-44
pve-kernel-4.13.16-2-pve: 4.13.16-47
pve-kernel-4.13.16-1-pve: 4.13.16-46
pve-kernel-4.13.13-6-pve: 4.13.13-42
pve-kernel-4.13.13-5-pve: 4.13.13-38
pve-kernel-4.13.8-2-pve: 4.13.8-28
pve-kernel-4.13.4-1-pve: 4.13.4-26
pve-kernel-4.10.17-2-pve: 4.10.17-20
corosync: 2.4.2-pve3
criu: 2.11.1-1~bpo90
glusterfs-client: 3.8.8-1
ksm-control-daemon: 1.2-2
libjs-extjs: 6.0.1-2
libpve-access-control: 5.0-8
libpve-apiclient-perl: 2.0-4
libpve-common-perl: 5.0-30
libpve-guest-common-perl: 2.0-14
libpve-http-server-perl: 2.0-8
libpve-storage-perl: 5.0-18
libqb0: 1.0.1-1
lvm2: 2.02.168-pve6
lxc-pve: 3.0.0-2
lxcfs: 3.0.0-1
novnc-pve: 0.6-4
proxmox-widget-toolkit: 1.0-14
pve-cluster: 5.0-24
pve-container: 2.0-21
pve-docs: 5.1-17
pve-firewall: 3.0-7
pve-firmware: 2.0-4
pve-ha-manager: 2.0-5
pve-i18n: 1.0-4
pve-libspice-server1: 0.12.8-3
pve-qemu-kvm: 2.11.1-5
pve-xtermjs: 1.0-2
qemu-server: 5.0-24
smartmontools: 6.5+svn4324-1
spiceterm: 3.0-5
vncterm: 1.5-3
zfsutils-linux: 0.7.7-pve1~bpo9
 
Some more error output / logs would be useful. Do you see anything in the syslog when doing this (host & guest)?
 
found something:

"'overlay' not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded."

overlay support?


root@traefik:~# journalctl -u docker.service
-- Logs begin at Thu 2018-04-12 20:36:41 UTC, end at Fri 2018-04-13 09:19:01 UTC. --
Apr 12 20:36:41 traefik systemd[1]: docker.service: Failed to reset devices.list: Operation not permitted
Apr 12 20:36:41 traefik systemd[1]: Starting Docker Application Container Engine...
Apr 12 20:36:41 traefik dockerd[111]: time="2018-04-12T20:36:41.873633722Z" level=info msg="libcontainerd: new containerd process, pid: 178"
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.895090657Z" level=warning msg="failed to rename /var/lib/docker/tmp for background deletion: %!s(<nil>). Deleting synchronously"
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.918236369Z" level=error msg="'overlay' not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded."
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.922669010Z" level=error msg="'overlay' not found as a supported filesystem on this host. Please ensure kernel is new enough and has overlay support loaded."
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.973346089Z" level=info msg="Graph migration to content-addressability took 0.00 seconds"
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.978188254Z" level=warning msg="Your kernel does not support cgroup rt period"
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.979083190Z" level=warning msg="Your kernel does not support cgroup rt runtime"
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.982146022Z" level=info msg="Loading containers: start."
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.989615524Z" level=warning msg="Running modprobe bridge br_netfilter failed with message: modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.13.16-2-pve/modules.dep.bin'
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.994355223Z" level=warning msg="Running modprobe nf_nat failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.13.16-2-pve/modules.dep.bin'\nmodprobe:
Apr 12 20:36:42 traefik dockerd[111]: time="2018-04-12T20:36:42.998916922Z" level=warning msg="Running modprobe xt_conntrack failed with message: `modprobe: ERROR: ../libkmod/libkmod.c:586 kmod_search_moddep() could not open moddep file '/lib/modules/4.13.16-2-pve/modules.dep.bin'\nmodp
Apr 12 20:36:43 traefik dockerd[111]: time="2018-04-12T20:36:43Z" level=fatal msg="permission denied"
Apr 12 20:36:43 traefik dockerd[111]: time="2018-04-12T20:36:43.257013690Z" level=error msg="failed to create osl sandbox while trying to restore sandbox 03aca52 for cleanup: namespace creation reexec command failed: exit status 1"
Apr 12 20:36:43 traefik dockerd[111]: time="2018-04-12T20:36:43Z" level=fatal msg="permission denied"
Apr 12 20:36:43 traefik dockerd[111]: time="2018-04-12T20:36:43.419998771Z" level=error msg="failed to create osl sandbox while trying to restore sandbox 2be184f for cleanup: namespace creation reexec command failed: exit status 1"
Apr 12 20:36:43 traefik dockerd[111]: time="2018-04-12T20:36:43.524032537Z" level=
 
started with a new lxc and installed from scratch. now it works.. not sure what went wrong during update.
under investigation
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back