runsc runtime not working with centos 7.5

[balasu]

Hi

I was trying to change docker runtime to runsc and spawn a hellow world container .but got some error.

docker: Error response from daemon: OCI runtime create failed: /usr/local/bin/runsc did not terminate sucessfully: unknown.

kindly suggest

below are the infra and software versions

[root@localhost ~]# cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)
[root@localhost ~]# uname -a
Linux localhost.localdomain 3.10.0-862.2.3.el7.x86_64 #1 SMP Wed May 9 18:05:47 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

Docker:

[root@localhost ~]# docker info
Containers: 39
Running: 22
Paused: 0
Stopped: 17
Images: 35
Server Version: 18.03.1-ce
Storage Driver: overlay2
Backing Filesystem: xfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file logentries splunk syslog
Swarm: inactive
Runtimes: runc runsc
Default Runtime: runc
Init Binary: docker-init
containerd version: 773c489c9c1b21a6d78b5c538cd395416ec50f88
runc version: 4fc53a81fb7c994640722ac585fa9ca548971871
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 3.10.0-862.2.3.el7.x86_64
Operating System: CentOS Linux 7 (Core)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 1.786GiB
Name: localhost.localdomain
ID: VUGP:HS3G:AFXL:MO42:B277:5EE5:GFRZ:CTUR:BXZJ:LWPX:C574:BQQN
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false

[root@localhost runsc]# cat /etc/docker/daemon.json
{
"runtimes": {
"runsc": {
"path": "/usr/local/bin/runsc",
"runtimeArgs": [
"--debug-log-dir=/tmp/runsc",
"--debug",
"--strace"
]
}
}
}

error.txt

[balasu]

In error.txt i can see some

W0520 10:33:41.934658 14451 x:0] FATAL ERROR: error creating container: fork/exec /usr/local/bin/runsc: invalid argument

I am just running below command
[root@localhost runsc]# docker run --runtime=runsc hello-world
docker: Error response from daemon: OCI runtime create failed: /var/lib/docker/runtimes/runsc did not terminate sucessfully: unknown.
ERRO[0000] error waiting for container: context canceled
[root@localhost runsc]#

[prattmic]

We require a Linux 3.17+ kernel. It looks like you are on 3.10.

[balasu]

Hi pratt
have upgraded the kernel version to below. And still getting the error
error.txt

[root@localhost ~]# docker info | grep -i kernel
Kernel Version: 4.16.10-1.el7.elrepo.x86_64
[root@localhost ~]# docker run --runtime=runsc hello-world
docker: Error response from daemon: OCI runtime create failed: /var/lib/docker/runtimes/runsc did not terminate sucessfully: unknown.
ERRO[0000] error waiting for container: context canceled

I saw something like below in atatched logs
D0522 11:02:07.615865 6412 x:0] Starting sandbox: /usr/local/bin/runsc [/usr/local/bin/runsc --root=/var/run/docker/runtime-runsc/moby --debug=true --log=/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/659a4bfbbcf8f426e61669ac803a2b86dad3afdc747b68e0ea13853f71ebd393/log.json --log-format=json --debug-log-dir=/tmp/runsc --file-access=proxy --overlay=false --network=sandbox --log-packets=false --platform=ptrace --strace=true --strace-syscalls= --strace-log-size=1024 boot --bundle /var/run/docker/containerd/daemon/io.containerd.runtime.v1.linux/moby/659a4bfbbcf8f426e61669ac803a2b86dad3afdc747b68e0ea13853f71ebd393 --controller-fd=3 --console=false --io-fds=4 --io-fds=5 --io-fds=6 --io-fds=7]
D0522 11:02:07.616527 6412 x:0] Destroy container "659a4bfbbcf8f426e61669ac803a2b86dad3afdc747b68e0ea13853f71ebd393"
W0522 11:02:07.616680 6412 x:0] FATAL ERROR: error creating container: fork/exec /usr/local/bin/runsc: operation not permitted

[vanloswang]

@balasu maybe you should turn off selinux, and make sure that /usr/local/bin/runsc is executable.

[balasu]

yes, it worked after disabled the selinux . let me try other images

[root@localhost ~]# docker run --runtime=runsc hello-world

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:

1. The Docker client contacted the Docker daemon.
2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
   (amd64)
3. The Docker daemon created a new container from that image which runs the
   executable that produces the output you are currently reading.
4. The Docker daemon streamed that output to the Docker client, which sent it
   to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
$ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID: