All my docker instances are not working anymore because the following error message appears right after the latest containerd updates:
Feb 4 14:16:19 ngs-he-site-03 dockerd[830]: time="2023-02-04T14:16:19.524452673Z" level=error msg="failed to start container" container=6f8e87238300e1082f1e8e86d03233ed31018ac3d6d0d205bcd7fd4ffb847539 error="AppArmor enabled on system but the docker-default profile could not be loaded: running apparmor_parser apparmor_parser --version failed with output: \nerror: exec: "apparmor_parser": executable file not found in $PATH"
anyone else who sees the same error?
you can fix the problem by
apt install apparmor apparmor-utils
but before, everything stops working...
why nobody test those updates before releasing them to the world?
and the problem appears on every host, who has the containerd service running.
Man you saved many hours of my life! Thank you!
apt install apparmor apparmor-utils
This is fix all!
Related
I'm having issues now with my portainer. I run ubuntu with docker and portainer and I ran the apt-get upgrade and install command through the terminal to update some things. now when I go to the portainer all my containers are gone and when I go to deploy them again I get the:
failed to deploy a stack: Creating Container xxxxx Starting Error response from daemon: error while creating mount source path '/docker/ghost/mysql': mkdir /docker: read-only file system
At the time the only thing I could think of that maybe had created this issue was went ubuntu said there were updates to be installed so I let it install and then also ran the apt-get commands in terminal:
apt-get upgrade
apt-get install
My ubuntu storage has 80GB free (someone said may be a storage issue)
I was on the portainer slack channel trying to get help from a staff member he had me try "docker ps" which didn't work I had to try "sudo docker ps" which gave me that second error message listed above.https://docs.docker.com/engine/install/linux-postinstall/
permission denied while trying to connect to the docker daemon socket at unix:///var/run/docker.sock: Get "http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/json": dial unix /var/run/docker.sock: connect: permissions denied
I also went and tried the docker group add from the docker docs and tried adding the $USER to the docker group. I have done that also, it lets me run the hello-world from the terminal but still doesn't let me deploy on portainer.
I still get the same deploy error from portainer:
failed to deploy a stack: Creating Container xxxxx Starting Error response from daemon: error while creating mount source path '/docker/ghost/mysql': mkdir /docker: read-only file system
This was from one of the stacks I tried to redeploy since it has the /docker/"ghost"/mysql. Also, doesnt let me redeploy any other stacks tried that too.
Really unsure what to do and how to fix it since it basically now doesn't let me use any of those containers. Any help will be really appreciated, quite on edge right now! Thanks
I was kinda expecting not to have any of these issues. Not event entirely sure how it happened, I'm assuming maybe when I was using the "apt-get" commands. I don't really know myself. I would just like this fixed so I can get my data and containers back up and going on portainer. Yes, I also know portainer and docker are different and portainer is only a utility for docker.
edit: to add to this I have also re-installed portainer and docker not a full docker refresh but the standard one where it keeps some of the files since I dont want to remove some of the directories where some containers keep there configs and data files
I have an Azure VM on which I am trying to install docker. The installation proceeds smoothly. When I try to run the hello world example of docker, I get this error docker: Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?.
This is the procedure I followed. I have run the docker with sudo. I can't figure out what is causing the problem. Any helps on figuring out this would be much appreciated. I have scoured the internet on fixing this issue. Nothing has worked. I have uninstalled docker completely, and reinstalled it again. Nothing seems to work.
EDIT: I have narrowed down the problem to the fact that the daemon has to be started manually. How do I ensure the daemon starts running as soon as the machine is up or docker is started? Running sudo dockerd and then running docker run hello-world seems to work.
It looks like you are trying to run docker commands as a non-root user.
To achieve that you have to add your user to the docker group, but bear in mind that this can be a security risk, as this group grants root equivalent privileges.
You can find the detailed configuration steps in the post-installation for Linux and information about the risks in the Docker daemon attack surface description
Seems like you daemon isnt running - which VM did you create? Linux based? if so there are few thing regarding to the daemon you must do in order to make the docker work - You need to configure your "daemon.json" or create one if you dont have - Here's the docker documentation that might help you with it -
https://docs.docker.com/config/daemon/
Best of luck!
I am trying to set up a Ceph storage cluster using the quick start guide found here: http://docs.ceph.com/docs/master/start/quick-ceph-deploy/
When I try to deploy a manager daemon using this command:
ceph-deploy mgr create enickel7
I get this error:
[ceph_deploy.mgr][ERROR ] OSError: [Errno 2] No such file or directory: '/var/lib/ceph/mgr/ceph-enickel7'
[ceph_deploy][ERROR ] GenericError: Failed to create 1 MGRs
(enickel7 is the name of the node I'm using - the Ceph documentation calls the nodes node1, node2, and node3.) I tried to manually create the directory /var/lib/ceph/mgr, then ran the command again. Then I got this error:
[enickel7][ERROR ] Error EACCES: access denied
[enickel7][ERROR ] exit code from command was: 13
[ceph_deploy.mgr][ERROR ] could not create mgr
[ceph_deploy][ERROR ] GenericError: Failed to create 1 MGRs
Does anyone know what this error means, or how to fix it? ceph-deploy definitely has sudo permissions, and the mgr directory has the same permissions as other directories in /var/lib/ceph.
Thank you for your time!
It's because your ceph version is not Luminous >=12.2.0, you must use ceph-deploy to install ceph as the document said, the default version installed by ceph-deploy is 10.2.10 Jewel for now.
If you want to create a manager daemon process, you need to upgrade your ceph to Luminous 12.2.1. The doc is here: http://docs.ceph.com/docs/master/release-notes/#v12-2-1-luminous
I just ran into this same issue on ubuntu 16.04 trying to deploy kraken with ceph-deploy version 1.5.39.
Ceph-deploy automatically created the directories for me but they were not owned correctly. It looks like the keyring it created in /var/lib/ceph/bootstrap-mgr along with that directory is owned by root. I chowned it to ceph. and that got me past that error.
In your case I would guess that the directory is owned by your user instead of "ceph". I hope this helps.
please test a below command:
chown ceph:ceph /var/lib/ceph
and
what ceph version used?
please use a latest version (mimic 13.2)
and ceph-deploy 2
Faced the same issue. As Michael Meepo said it was version problem.
On admin node I registered the ceph repo for luminous & installed ceph-deploy.
But when I tried to use it ceph-deploy installed the default version (Jewel) on remote node.
To install specific version you should ask for it:
ceph-deploy install master --release luminous
To use the ceph-deploy version matching your distribution's, as from https://github.com/ceph/ceph-deploy page, use ceph repositories. For instance, as Debian stretch provides Jewel (Ceph v. 10), use the following repository: http://ceph.com/debian-jewel by creating a /etc/apt/source.list.d/ceph-deploy.list file containing:
deb http://download.ceph.com/debian-jewel/ stretch main
Install the keys:
wget -q -O- 'https://download.ceph.com/keys/release.asc' | sudo apt-key add -
Then proceed with
apt-get install ceph-deploy
From there it should work as expected.
I am running Centos 6.5 (Kernel Linux jspring 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux) and I was wondering if someone could assist - Im installing Fail2Ban through yum however when I go to run it I am getting the following error;
service fail2ban start
Starting fail2ban: ERROR Directory /var/run/fail2ban exists but not accessible for writing
[FAILED]
If anyone could advise me how to fix this that would be great.
Thanks!
There are several things that could be causing this.
First make sure the permissions and ownership are correct as the other answers state. The directory permissions should be drwxr-xr-x (a.k.a. 644) and it should be owned by root:root.
Now make sure you are attempting to run the start command with the proper authority. If service fail2ban start does not work, try sudo service fail2ban start. Using sudo is recommended but you could also switch to or login as the root user.
You may also want to reboot after you get it running and then run sudo service fail2ban status to make sure it successfully started up again.
You need to set the appropriate rights on the mentioned directory:
drwxr-xr-x root:root
You should set the permissions like this: chmod -R 644 /var/run/fail2ban/
As people have mentioned, this is clearly a permissions issue. I'm not sure if this applies to your version but fail2ban in 2018 has a client, run as:
sudo fail2ban-client start
(or restart or status). It must be run as sudo though.
As is documented in the official commands list here the command fail2ban start <jail> is clearly used to start jails and not to start fail2ban. So you completely missunderstood it's usage.
Try to first stop and then quickly start again the jail sshd that is enabled by default:
fail2ban-client stop sshd
fail2ban-client start sshd
Hey! It works!
I have hhvm installed on my server and it was working perfect until I had restart the server. On the log of hhvm i see this error:
Unable to read pid file /var/run/hhvm/pid for any meaningful pid
I tried to give permission to that file doing
sudo chmod +rw /var/run/hhvm/pid
bu still that problem occured. I really need to fix this issue but i have no idea what i have to do :(
any help will be really appreciated,
My OS is ubuntu 12.4
If HHVM isn't running, you can just delete that file. The error is saying that it doesn't contain a valid PID, most likely because it wasn't cleaned up properly on reboot so it still has the old PID in it.
I had the same problem. It turned out that another service was listening on port 9000.
Typical launch command:
hhvm --mode daemon -d hhvm.server.type=fastcgi -d hhvm.server.port=9000 -c /etc/hhvm/server.ini