我尝试启动的容器失败并出现以下错误:
root@node652 ~ # docker start worker-bfb9e442-de92-4f94-9811-68aa14351983-1
Error response from daemon: OCI runtime cr
----------
eate failed: container_linux.go:380: starting container process caused: error loading seccomp filter into the kernel: loading seccomp filter: errno 524: unknown
主机信息:
- 操作系统:Linux Ubuntu 20.04
- 内核:5.13.0-52-generic
集装箱信息:
- 操作系统:Linux Ubuntu 14.04
以下是检查容器的结果:
root@node652 ~ # docker inspect worker-bfb9e442-de92-4f94-9811-68aa14351983-1
[
{
"Id": "f66f6b1951328155f11cc0a6dd28a1c5ad4a946cee2a4d611f94b5e99b3157ed",
"Created": "2022-11-02T03:55:43.508356534Z",
"Path": "/usr/bin/start.sh",
"Args": [],
"State": {
"Status": "created",
"Running": false,
"Paused": false,
"Restarting": false,
"OOMKilled": false,
"Dead": false,
"Pid": 0,
"ExitCode": 128,
"Error": "OCI runtime create failed: container_linux.go:380: starting container process caused: error loading seccomp filter into the kernel: loading seccomp filter: errno 524: unknown",
"StartedAt": "0001-01-01T00:00:00Z",
"FinishedAt": "0001-01-01T00:00:00Z"
},
"Image": "sha256:c5e39732c153ddc0c480f8db72120aed494d258f86fb52ddce544982ebda8a7e",
"ResolvConfPath": "/var/lib/docker/containers/f66f6b1951328155f11cc0a6dd28a1c5ad4a946cee2a4d611f94b5e99b3157ed/resolv.conf",
"HostnamePath": "/var/lib/docker/containers/f66f6b1951328155f11cc0a6dd28a1c5ad4a946cee2a4d611f94b5e99b3157ed/hostname",
"HostsPath": "/var/lib/docker/containers/f66f6b1951328155f11cc0a6dd28a1c5ad4a946cee2a4d611f94b5e99b3157ed/hosts",
"LogPath": "",
"Name": "/worker-bfb9e442-de92-4f94-9811-68aa14351983-1",
"RestartCount": 0,
"Driver": "overlay2",
"Platform": "linux",
"MountLabel": "",
"ProcessLabel": "",
"AppArmorProfile": "docker-default",
"ExecIDs": null,
"HostConfig": {
"Binds": [
"/var/x/robots:/var/x/robots:rw",
"/etc/x/worker-config.json:/etc/x/config.json:rw"
],
"ContainerIDFile": "",
"LogConfig": {
"Type": "journald",
"Config": {}
},
"NetworkMode": "host",
"PortBindings": null,
"RestartPolicy": {
"Name": "",
"MaximumRetryCount": 0
},
"AutoRemove": false,
"VolumeDriver": "",
"VolumesFrom": null,
"CapAdd": null,
"CapDrop": null,
"CgroupnsMode": "host",
"Dns": null,
"DnsOptions": null,
"DnsSearch": null,
"ExtraHosts": null,
"GroupAdd": null,
"IpcMode": "private",
"Cgroup": "",
"Links": null,
"OomScoreAdj": 0,
"PidMode": "",
"Privileged": false,
"PublishAllPorts": false,
"ReadonlyRootfs": false,
"SecurityOpt": null,
"UTSMode": "",
"UsernsMode": "",
"ShmSize": 67108864,
"Runtime": "runc",
"ConsoleSize": [
0,
0
],
"Isolation": "",
"CpuShares": 800,
"Memory": 6442450944,
"NanoCpus": 0,
"CgroupParent": "",
"BlkioWeight": 0,
"BlkioWeightDevice": null,
"BlkioDeviceReadBps": null,
"BlkioDeviceWriteBps": null,
"BlkioDeviceReadIOps": null,
"BlkioDeviceWriteIOps": null,
"CpuPeriod": 0,
"CpuQuota": 0,
"CpuRealtimePeriod": 0,
"CpuRealtimeRuntime": 0,
"CpusetCpus": "",
"CpusetMems": "",
"Devices": null,
"DeviceCgroupRules": null,
"DeviceRequests": null,
"KernelMemory": 0,
"KernelMemoryTCP": 0,
"MemoryReservation": 0,
"MemorySwap": 12884901888,
"MemorySwappiness": null,
"OomKillDisable": false,
"PidsLimit": null,
"Ulimits": null,
"CpuCount": 0,
"CpuPercent": 0,
"IOMaximumIOps": 0,
"IOMaximumBandwidth": 0,
"MaskedPaths": [
"/proc/asound",
"/proc/acpi",
"/proc/kcore",
"/proc/keys",
"/proc/latency_stats",
"/proc/timer_list",
"/proc/timer_stats",
"/proc/sched_debug",
"/proc/scsi",
"/sys/firmware"
],
"ReadonlyPaths": [
"/proc/bus",
"/proc/fs",
"/proc/irq",
"/proc/sys",
"/proc/sysrq-trigger"
]
},
"GraphDriver": {
"Data": {
"LowerDir": "/var/lib/docker/overlay2/9a3cb65080a965e3c95381ff7066b3eca775dd87efdca18b3bb36872b90454e3-init/diff:/var/lib/docker/overlay2/e7ef55114f82776619eb39fd435f86e7117666d2540942393d03c005a4096cac/diff:/var/lib/docker/overlay2/bdaab58136b9461d07a2defee8999139eba35b6c513b48bb163f6169222e54e9/diff:/var/lib/docker/overlay2/1fcc40a58769204a2b9df20d06bb7a2aca82e2171ad28c2f1558145eba2b76b7/diff:/var/lib/docker/overlay2/d57d3c7be7552fb934be274fa9e176f203eeb62a971259db3fcfd14baa2d4284/diff:/var/lib/docker/overlay2/f259db67a53dc701e8e9573e7095d00b2207b988e1696cfe4a29c5f7f672d585/diff:/var/lib/docker/overlay2/3fe168bff518028075ec679dc8fe2fe5baa6094bfa7c86c4e3303c8b330f8b2d/diff:/var/lib/docker/overlay2/0d9bf2552705944b8877a8a0d1fa3ab86c515e659544580750c304c40d08005c/diff:/var/lib/docker/overlay2/e2c6c66d6c604181cacf3298a78b05c5eab657abf12296dd2f8881830096a50e/diff:/var/lib/docker/overlay2/265f68a27b23e222ea9468e436d39280799e4084e40db4017be6148ac0d32593/diff:/var/lib/docker/overlay2/4de0d69103b8c2c653a00e8caa00474d6234dafa8fc0465409e3d4fa99adc7bb/diff:/var/lib/docker/overlay2/5860027f5ab80369a08f3eb48205b90023f340f7b2e1270fec3e0118d5c14b7f/diff:/var/lib/docker/overlay2/cafb6d5bd165de7e4ec189b9b11e0526197be3099b49b0c398b3bf1151e519e0/diff:/var/lib/docker/overlay2/262f356a30bd36c8525bdec4696a5dabbdd127a837372370fb11b612b489f91a/diff:/var/lib/docker/overlay2/c986c6b16f6d1a60cf7e01164a5a95d2c03ee8d29a343cf6b0c2affaa80b98b2/diff:/var/lib/docker/overlay2/53635808a99e7301c52a41c75df0f040f72879a8f7a65be55ec5643b5bf4dd8b/diff:/var/lib/docker/overlay2/4d972faec22bb4b9229b4cb35876f668788e85913d0bef3c66ed473475793581/diff:/var/lib/docker/overlay2/eaf6f6b20addd5b4df1c805af2078f1ebb7da0b96d996b6969fa4dd4dfac06ef/diff:/var/lib/docker/overlay2/ad904f6965b2a9f693ae139df63ea0452aab734a8c800f2ee63dce0f4f5603f6/diff:/var/lib/docker/overlay2/b6301269a74ee68739be5c1c0a666bb78517f4942094ae1b9311320e2cdb8c23/diff:/var/lib/docker/overlay2/3709fab76fad2a4649a93db9f4f1076b313d6ecc74f20f8ba41ebb7e45a5bab2/diff:/var/lib/docker/overlay2/97fa5baf46ef6c5900d750e667cec939338f293fa3c972aa2fb8b2db70e4f33a/diff:/var/lib/docker/overlay2/1ff06fa8f11516a0e496708ff999b9ece4e40e17405d01a631310aabe66b600e/diff:/var/lib/docker/overlay2/8df95a19a0b36dfa66c29e2312f1f536a8ed522d6db9cae908c3eff5250465e4/diff:/var/lib/docker/overlay2/791a92b8520580cbd0a25bdb8211322d59beeceaf8fe2d2381d7cf6ee2ada4ea/diff:/var/lib/docker/overlay2/a77eddf10c03caf38c793fcc37da8de58b4a3f9e04ca871f7915aad752703397/diff:/var/lib/docker/overlay2/287a95eda64787db2537de2f8e02c9f9be92fc3af658be5a7b783561dfcda19b/diff:/var/lib/docker/overlay2/3b8d8c82690a1275ffd674b4e7d6fc4544d115f3b6895bb91f043762aef9bfbc/diff:/var/lib/docker/overlay2/00428229ca9aa916c22cebb26b45c4a90b98ea6c330062c4138d6b21b0964c37/diff:/var/lib/docker/overlay2/276b557517799dfa36393aa32fc8f56a6d4a04da7d1901cdf1dac9a0ff63a026/diff:/var/lib/docker/overlay2/1c81e46a727793e0ae112fedab2a8b05b5ba2aad9b55e412442f7db18364f6f3/diff:/var/lib/docker/overlay2/81bef9bc3d72527e8ea03c1e2c6820edb795798b636abfc62c9349ae29d977d5/diff:/var/lib/docker/overlay2/bda30fb84fa86d573919e2f8d9ffcc154744add01449b6c1474b0b3c967ae266/diff:/var/lib/docker/overlay2/32deed49edb781b2a0e4fe439b4811e41c215a321d0226d9fa525e742c1e240d/diff:/var/lib/docker/overlay2/da88ac8c1330bbe81d425f7c5c3c582b0c35dae13b13144d811e3280c9b5a238/diff:/var/lib/docker/overlay2/dcf79e806ae7a68793cc52471313d5ef8856e62b06c4707056a1dc61e05a5675/diff:/var/lib/docker/overlay2/e0eba585acfc40c7b8d73d9e9c50e8eb1f50206ca15ae41cb7fac9abb7d4ec0d/diff:/var/lib/docker/overlay2/75be81ae603ac936a8243de875a69c7999ac8c514ecee1f3ccbc6ce9824dc95a/diff:/var/lib/docker/overlay2/48894659391fc28420cbb98273a5c92bea4d5cb67a1762f8e0c2eb35b4599606/diff:/var/lib/docker/overlay2/02865e54bc977ced13de1d1ab94eb26ba69544034819c692df08d87ee40364bf/diff:/var/lib/docker/overlay2/26c1e65dbc3fbebd95e173b4706ad5ea73c0e67603cb42c361d57d0f8869233e/diff:/var/lib/docker/overlay2/b5abdbcdcd11efcbe2dc89bbf968ed44b2601563ba9404d30e060c05b8ab958c/diff:/var/lib/docker/overlay2/1c23f37d243b2229bef881957282acf7815975ec5b084d90d307b6b2537763dc/diff:/var/lib/docker/overlay2/8d73249df459625833352e4bfcf2f4572682d35ea78196067db7a2281afb132e/diff:/var/lib/docker/overlay2/1fbb733820f55ee9937a7d7d7203b88b4c08d9eb943d642b1495dffad7932bcb/diff:/var/lib/docker/overlay2/e0d15ed5b3e23d9fc581d0ba87d5a7463f09a52ae4234c7ccfcb9658635be6b4/diff:/var/lib/docker/overlay2/a63dba1ac69b843cafa2d863b972836e58ccbfe180da268841d5d1ee49c4c350/diff:/var/lib/docker/overlay2/7eac4bffc3a464dacc167f6bb39eaf6baf5403848bf91932eea86ebbce72074b/diff:/var/lib/docker/overlay2/499d010b34bf581bbdd4a54a861b45be837bd3b17952f10e4539e36ef1a2b2db/diff:/var/lib/docker/overlay2/a3e59b9d2d484798edd53b8584db74b0c2034125fa9eed582d090eb0bdc772cb/diff:/var/lib/docker/overlay2/e7439d7260ae9cda648b9ee9d4c2fe7ea20894c58e355775ff95bdee5ba1aaeb/diff:/var/lib/docker/overlay2/55b01bd28a7a246a619e7eb505eae5aaf66fda4f725adcc3bd1fcd99e79b0cba/diff:/var/lib/docker/overlay2/13d8d8d305513868369b3d19da7eab672e18c40515068c207325ca42b228473f/diff:/var/lib/docker/overlay2/6323e33721daf42631175e5f70b57806cee00f08b974138f23717840a28639c7/diff:/var/lib/docker/overlay2/a8a8573be23b9f6ba95f177cd39b26ff7e6c8c07943b39499f7cc37d88c8330c/diff:/var/lib/docker/overlay2/74fa132a0cfdb91474e6d000ebf3883a153ab8095dfc016c5d1a7543e5ecbb95/diff:/var/lib/docker/overlay2/ba665cb763f824204b7edaaaaff9b4df43d3020b555cb23b6b9d0d8dbfec2922/diff:/var/lib/docker/overlay2/9dbb340402b9abc04421ffcc511bb3c56f5f46986508c981f976db973a2c7f82/diff:/var/lib/docker/overlay2/4977eff33c0f46be87f76c7ca0a4eda856b200a8d2d6d7cc101161a750290e3b/diff:/var/lib/docker/overlay2/998ec0162327eaba47bc70e5ecc8400ebdf62d1e423b9e7836e27429301bc5e0/diff:/var/lib/docker/overlay2/03de6cc09a8739d1ef40c12759acb0ec59492755fecf8c9b64a473039cfbf1da/diff:/var/lib/docker/overlay2/7c228833baa9a9530df08413456c3f8e7a492a32dac8a9822a9079c6f66091de/diff:/var/lib/docker/overlay2/3431820b1a8bc049c6fdaf7ff5689f92fdec5a1187ce3158e02069149550df21/diff:/var/lib/docker/overlay2/a8a2743a1e58690b5b2d775e1bb229521b13f132028e4a8b422cf55d7fdd020a/diff:/var/lib/docker/overlay2/fdb5e161046b4e3a895aa3bff8b68fd89fcae98bbee99431e1fd362744448f06/diff:/var/lib/docker/overlay2/034375c186a430398e0a0f46f61b3fc94feffd8fc45f51a0f9f237c977358a8c/diff:/var/lib/docker/overlay2/7f07ec8077333e7ff7b437bee3ca2f7dc3f2f134900bbb0a7fbe7e2e8110d6c3/diff:/var/lib/docker/overlay2/67ab7a56d92b6577071ea7a72948a4f0934ed5ebecce71b6cc1077fbb05ea44e/diff:/var/lib/docker/overlay2/9f4a3e80ca27432ce9643b409a77a0776ad33b53aa13a5ef615fa43a85149f3c/diff:/var/lib/docker/overlay2/4274b22c5905eedd4162dfaf36b534f201fc80b977aa299481b5094c715b8ade/diff:/var/lib/docker/overlay2/eb4b141186d8b156059aee81c5e172a24b539cefaa8cf5b34ff51a7c6e5fc8a2/diff:/var/lib/docker/overlay2/f2868053d7e670aca59fe112864163e56af3e5ec9a951d878d9125c4df7480cd/diff",
"MergedDir": "/var/lib/docker/overlay2/9a3cb65080a965e3c95381ff7066b3eca775dd87efdca18b3bb36872b90454e3/merged",
"UpperDir": "/var/lib/docker/overlay2/9a3cb65080a965e3c95381ff7066b3eca775dd87efdca18b3bb36872b90454e3/diff",
"WorkDir": "/var/lib/docker/overlay2/9a3cb65080a965e3c95381ff7066b3eca775dd87efdca18b3bb36872b90454e3/work"
},
"Name": "overlay2"
},
"Mounts": [
{
"Type": "bind",
"Source": "/var/x/robots",
"Destination": "/var/x/robots",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
},
{
"Type": "bind",
"Source": "/etc/x/worker-config.json",
"Destination": "/etc/x/config.json",
"Mode": "rw",
"RW": true,
"Propagation": "rprivate"
}
],
"Config": {
"Hostname": "node652.production.x.io",
"Domainname": "",
"User": "root:root",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": true,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin",
"NPM_TOKEN=095f4c61-35cf-410f-beab-968bcc2f063e",
"BROWSER_ENGINE=chrome"
],
"Cmd": [
"/usr/bin/start.sh"
],
"Image": "x/scraper-worker-chrome:production",
"Volumes": null,
"WorkingDir": "/node/scraper",
"Entrypoint": null,
"OnBuild": null,
"Labels": {
"x-bot": "",
"resultId": "bfb9e442-de92-4f94-9811-68aa14351983",
"robotType": "SCRAPER"
}
},
"NetworkSettings": {
"Bridge": "",
"SandboxID": "c812a59e3899311037c7000062f5f58ced39e38c23d573613f8d9bb75266ec85",
"HairpinMode": false,
"LinkLocalIPv6Address": "",
"LinkLocalIPv6PrefixLen": 0,
"Ports": {},
"SandboxKey": "/var/run/docker/netns/default",
"SecondaryIPAddresses": null,
"SecondaryIPv6Addresses": null,
"EndpointID": "",
"Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"MacAddress": "",
"Networks": {
"host": {
"IPAMConfig": null,
"Links": null,
"Aliases": null,
"NetworkID": "9cb1448d940d2d1d7986ab75d2e2326bb5107b5ec404c79f93ae5603e70f2787",
"EndpointID": "",
"Gateway": "",
"IPAddress": "",
"IPPrefixLen": 0,
"IPv6Gateway": "",
"GlobalIPv6Address": "",
"GlobalIPv6PrefixLen": 0,
"MacAddress": "",
"DriverOpts": null
}
}
}
}
]
我曾尝试:
- 重启机器
- 将宿主机内核升级到最新内核
什么都没起作用。我在这里迷茫了,因为这个错误没有帮助,而且在网上搜索也找不到任何信息来帮助我理解这个问题。
先感谢您。
此致敬礼,兰多。
答案1
我可以通过在运行容器时添加 --security-opt="seccomp=unconfined" 来解决此问题。例如:
docker run --rm -it --security-opt="seccomp=unconfined" image-name