LXC container snapshot restore breaks container running Docker

[CFlix]

Hi,

in the process of automating LXC Docker container installation I came across a problem that makes the container fail to start Docker after restoring a snapshot of the container.
Basically I want to setup Docker inside a LXC container and deploy several images using Ansible. I tried to break down the steps into different playbooks that I wanted to test separately but a restore of the container makes containerd service inside the container not start anymore.

Steps that lead to the error:
1) Set up a LXC container and Docker environnement inside that container (works).
2) Take a snapshot of the container with the "clean" Docker installation (works)
3) Run a Docker container (e.g. hello world) (works)
4) Restore previous taken snapshot (restore works, container starts but the containerd service inside the container fails to start)

I narrowed the error down to the restore action by rebooting the container several times at several steps before restoring and the containerd service always starts until the snapshot of the container is restored.
Why is the restored snapshot different than the freshly set up container? Are there some parts of the container not backed up that could break the containerd service?

 

[oguz]

hi,

maybe you haven't enabled the containerd service before you take the snapshot?

 

[CFlix]

Hi,
sorry, my description was probably not clear enough. The service is enabled but containerd errors on start, even if you try to start manually. When rebooting the container before restoring a snapshot everything works as expected including automatic start.

So my actual question is what parts of an LXC container are not backed up or restored that could possibly break containerd.
The container is unprivileged and is created with the following features: keyctl=1,nesting=1

Infortunately I did not find the time to look deeper into the startup and compare the working with the non working setup.