文章目录
说明
- 同样是离线安装,其实下面这篇文章中已经已经有说明详细安装了,所以我这不多累赘安装方法,安装都不会有问题,但安装后run容器的时候会报错而已,这篇文章主要是对run容器报错进行处理。
docker的离线安装方法和网络源安装方法、内网环境linux脚本批量安装docker、安装docker-compose
docker run 报错及处理方式
- 说明,我出现下面报错的原因是因为系统版本是centos7.0和centos7.2的,内核是3.10的。我其他centos7.6以上的环境到bclinux(centos8.0以上)用上面的20.1的安装包都没有问题。
[root@node-4 ~]# cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
[root@node-4 ~]#
[root@computer1 ~]# uname -a
Linux computer1 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
docker run 报错1 说明
- 下面报错呢,是libseccomp库的问题,这个库要么没有要么版本太低
[root@computer1 ~]# docker run -dit --name=centos_cpu --restart=always hub.c.163.com/library/centos
5035f90f6758cd0854a3b5dd56c09fd9e2fd6044c61ba81c10de71a206f34264
docker: Error response from daemon: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/moby/5035f90f6758cd0854a3b5dd56c09fd9e2fd6044c61ba81c10de71a206f34264/log.json: no such file or directory): runc did not terminate successfully: runc: symbol lookup error: runc: undefined symbol: seccomp_version
: unknown.
[root@computer1 ~]#
处理方案
- 查看是否有libseccomp这个包,如果没有,直接安装即可,如下,我这有2.2版本的包,那我升级到2.3即可
[root@computer1 ~]# rpm -qa | grep libseccomp
libseccomp-2.2.1-1.el7.x86_64
[root@computer1 ~]#
- 包准备好以后,直接
rpm -ivhU libseccomp-2.3.1-4.el7.x86_64.rpm
即可,如下,是升级后的样子
[root@node-4 ~]#
[root@node-4 ~]# ls | grep lib
libseccomp-2.3.1-4.el7.x86_64.rpm
[root@node-4 ~]#
[root@node-4 ~]# ls | grep libseccomp
libseccomp-2.3.1-4.el7.x86_64.rpm
[root@node-4 ~]#
验证
问题没解决,但报错确实已经变了,接着处理下一个报错
[root@node-4 ~]# docker run -dit --restart=always hub.c.163.com/library/centos
b149c2fd361b013c4a55e89d634114c44422807237b1f746ab83ea4f1b17f7a5
docker: Error response from daemon: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/var/lib/docker/containers/b149c2fd361b013c4a55e89d634114c44422807237b1f746ab83ea4f1b17f7a5/resolv.conf" to rootfs at "/etc/resolv.conf" caused: mount through procfd: possibly malicious path detected -- refusing to operate on /etc/resolv.conf: unknown.
[root@node-4 ~]#
docker run 报错2 说明
现在报错如下
[root@node-4 ~]# docker run -dit --restart=always hub.c.163.com/library/centos
b149c2fd361b013c4a55e89d634114c44422807237b1f746ab83ea4f1b17f7a5
docker: Error response from daemon: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:76: mounting "/var/lib/docker/containers/b149c2fd361b013c4a55e89d634114c44422807237b1f746ab83ea4f1b17f7a5/resolv.conf" to rootfs at "/etc/resolv.conf" caused: mount through procfd: possibly malicious path detected -- refusing to operate on /etc/resolv.conf: unknown.
[root@node-4 ~]#
处理方案【docker19.03和26.1.4的rpm安装包】
-
其实我在当前内网环境验证过很多方法了,都没有结果,后面实再没办法后我在本地安装了一个centos7.2版本的镜像,有外网的环境中折腾了下,错误过程也就不展示了,最终怎么弄都不行我就想着升级docker版本到最新或者降低版本(因为7.6的环境没问题,7.2和7.0环境出问题了),我想着先降低版本试下,然后发现,降低版本后,欸,可以了。。。。。
-
所以你应该明白我说的了吧? 出现上面错误后,尝试降低版本或者更新版本应该问题就解决了。
-
我前面安装文档中提供的包是20.1的,现在可以降低到19.03或者升级到最新的即可,自己去弄docker的安装包,如果不想折腾,可以直接下载我的,我这搞了19.03和26.1.4两个版本的安装包。
对了,如果下载后不会使用,参考说明中的docker离线安装哈。
docker19.03+docker26.1.4的安装包
-
之前20.10的docker只有9个包,现在19.03有28个包,26.1.4有34个包,额。。。差异还挺大的
-
[root@localhost ~]# ls /docker19.03 | wc -l
28
[root@localhost ~]#
[root@localhost ~]#
[root@localhost ~]# ls /docker26.1.4/ | wc -l
34
[root@localhost ~]#
- 废话不多说,外网测试机上可以了,把包放到内网环境开始实验
安装并启动docker服务
[root@computer2 docker-package]# ls | wc -l
28
[root@computer2 docker-package]# rpm -ivhU * --nodeps --force
warning: audit-2.8.5-4.el7.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
warning: containerd.io-1.6.33-3.1.el7.x86_64.rpm: Header V4 RSA/SHA512 Signature, key ID 621e9f35: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:libsepol-2.5-10.el7 ################################# [ 2%]
2:libselinux-2.5-15.el7 ################################# [ 4%]
3:audit-libs-2.8.5-4.el7 ################################# [ 7%]
4:libsemanage-2.5-14.el7 ################################# [ 9%]
5:libselinux-utils-2.5-15.el7 ################################# [ 11%]
6:policycoreutils-2.5-34.el7 ################################# [ 13%]
7:selinux-policy-3.13.1-268.el7_9.2################################# [ 16%]
8:lz4-1.8.3-1.el7 ################################# [ 18%]
9:systemd-libs-219-78.el7_9.9 ################################# [ 20%]
10:libseccomp-2.3.1-4.el7 ################################# [ 22%]
11:selinux-policy-targeted-3.13.1-26################################# [ 24%]
12:libsemanage-python-2.5-14.el7 ################################# [ 27%]
13:audit-libs-python-2.8.5-4.el7 ################################# [ 29%]
14:libselinux-python-2.5-15.el7 ################################# [ 31%]
15:setools-libs-3.3.8-4.el7 ################################# [ 33%]
16:python-IPy-0.75-6.el7 ################################# [ 36%]
17:docker-ce-cli-1:19.03.4-3.el7 ################################# [ 38%]
18:cryptsetup-libs-2.0.3-6.el7 ################################# [ 40%]
19:systemd-219-78.el7_9.9 warning: /etc/systemd/logind.conf created as /etc/systemd/logind.conf.rpmnew
################################# [ 42%]
20:libcgroup-0.41-21.el7 ################################# [ 44%]
21:systemd-sysv-219-78.el7_9.9 ################################# [ 47%]
22:checkpolicy-2.5-8.el7 ################################# [ 49%]
23:policycoreutils-python-2.5-34.el7################################# [ 51%]
24:container-selinux-2:2.119.2-1.911################################# [ 53%]
setsebool: SELinux is disabled.
25:containerd.io-1.6.33-3.1.el7 ################################# [ 56%]
26:docker-ce-3:19.03.4-3.el7 ################################# [ 58%]
27:audit-2.8.5-4.el7 warning: /etc/audit/auditd.conf created as /etc/audit/auditd.conf.rpmnew
################################# [ 60%]
28:libgudev1-219-78.el7_9.9 ################################# [ 62%]
Cleaning up / removing...
29:audit-2.4.1-5.el7 ################################# [ 64%]
30:selinux-policy-targeted-3.13.1-60################################# [ 67%]
31:selinux-policy-3.13.1-60.el7 ################################# [ 69%]
32:systemd-sysv-219-19.el7 ################################# [ 71%]
33:policycoreutils-2.2.5-20.el7 ################################# [ 73%]
34:libsemanage-2.1.10-18.el7 ################################# [ 76%]
35:libselinux-utils-2.2.2-6.el7 ################################# [ 78%]
36:libselinux-python-2.2.2-6.el7 ################################# [ 80%]
37:libgudev1-219-19.el7 ################################# [ 82%]
38:libcgroup-0.41-8.el7 ################################# [ 84%]
39:systemd-219-19.el7 ################################# [ 87%]
40:systemd-libs-219-19.el7 ################################# [ 89%]
41:libselinux-2.2.2-6.el7 ################################# [ 91%]
42:libsepol-2.1.9-3.el7 ################################# [ 93%]
43:audit-libs-2.4.1-5.el7 ################################# [ 96%]
44:cryptsetup-libs-1.6.7-1.el7 ################################# [ 98%]
45:libseccomp-2.2.1-1.el7 ################################# [100%]
[root@computer2 docker-package]#
[root@computer2 docker-package]#
[root@computer2 docker-package]# systemctl enable docker --now
Created symlink from /etc/systemd/system/multi-user.target.wants/docker.service to /usr/lib/systemd/system/docker.service.
[root@computer2 docker-package]#
- 可以看到现在版本是19.03
[root@computer2 ~]# docker version
Client: Docker Engine - Community
Version: 19.03.4
API version: 1.40
Go version: go1.12.10
Git commit: 9013bf583a
Built: Fri Oct 18 15:52:22 2019
OS/Arch: linux/amd64
Experimental: false
Server: Docker Engine - Community
Engine:
Version: 19.03.4
API version: 1.40 (minimum version 1.12)
Go version: go1.12.10
Git commit: 9013bf583a
Built: Fri Oct 18 15:50:54 2019
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.6.33
GitCommit: d2d58213f83a351ca8f528a95fbd145f5654e957
runc:
Version: 1.1.12
GitCommit: v1.1.12-0-g51d5e94
docker-init:
Version: 0.18.0
GitCommit: fec3683
[root@computer2 ~]#
验证
- 见证奇迹的时刻到了~~~~~
成功。。。。。nice。
[root@computer2 ~]# docker run -dit --name=centos_cpu --restart=always hub.c.163.com/library/centos
b897aac85fdfd831386fa35402dd9c17149d06b577032795ddf44f2b73460645
[root@computer2 ~]#
[root@computer2 ~]#
[root@computer2 ~]#
[root@computer2 ~]#
[root@computer2 ~]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b897aac85fdf hub.c.163.com/library/centos "/bin/bash" 7 seconds ago Up 6 seconds centos_cpu
[root@computer2 ~]#
[root@computer2 ~]#
- 对了 当前libseccomp库的版本是2.3.1
[root@computer2 ~]# rpm -qa | grep libseccomp
libseccomp-2.3.1-4.el7.x86_64
[root@computer2 ~]#
tar包离线安装docker流程
docker的tar包准备
- 下载地址
Index of linux/static/stable/x86_64/
直接下载自己需要的版本即可
- 我这预防链接失效,各版本都下载了一个
doc