This morning I woke to find a number of my LXCs where not running some of the applications in their docker containers, and when I re-ran
I would get this error message for every docker instance in every LXC affected.
Digging in to the error mostly seemed to point to build issues for containers, which obviously wasn't the case as they had all been running fine until this morning.
But then I stumbled across this github issue...dated 3 days ago (as of this post)
https://github.com/opencontainers/runc/issues/4968#issuecomment-3503030152
In it the article points out there is an issue with Proxmox LXC containers and apparmor and suggests some config to fix the issue, but I've not seen any mention of this in the proxmox forums so wanted to see if this has been officially tested and approved as a solution. Is it a temporary workaround, are there any limitations in doing it etc.
Not all my docker applications had failed, but my instances of traefik, authentik, immich, pulse and changedetection all needed to be restored from backup to work again.
But why would a restore fix the problem, I haven't made the config change yet.
Appreciate any clear guidance on what is going on here. I never applied any updates myself, no reboots, they just all seemed to go down overnight.
Code:
docker compose up -d
Code:
"Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: open sysctl net.ipv4.ip_unprivileged_port_star"Digging in to the error mostly seemed to point to build issues for containers, which obviously wasn't the case as they had all been running fine until this morning.
But then I stumbled across this github issue...dated 3 days ago (as of this post)
https://github.com/opencontainers/runc/issues/4968#issuecomment-3503030152
In it the article points out there is an issue with Proxmox LXC containers and apparmor and suggests some config to fix the issue, but I've not seen any mention of this in the proxmox forums so wanted to see if this has been officially tested and approved as a solution. Is it a temporary workaround, are there any limitations in doing it etc.
Not all my docker applications had failed, but my instances of traefik, authentik, immich, pulse and changedetection all needed to be restored from backup to work again.
But why would a restore fix the problem, I haven't made the config change yet.
Appreciate any clear guidance on what is going on here. I never applied any updates myself, no reboots, they just all seemed to go down overnight.
