Skip to content

docker falling to run wasm containers with containerd shims #51673

New issue
New issue
Open
Open
docker falling to run wasm containers with containerd shims#51673
Labels
area/runtimeRuntimekind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triageversion/28.0
@emirhandurmus

Description

@emirhandurmus
emirhandurmus
opened on Dec 9, 2025

Description

Since from last two version of docker, containerd shims doesn't work with docker.

There are also two confirmed issue form spinframework and rancher desktop below.
#rancher-sandbox/rancher-desktop#9476
#spinframework/containerd-shim-spin#378

/etc/docker/daemon.json

{
    "storage-driver": "overlayfs",
    "features": {
        "containerd-snapshotter": true,
        "cdi": true
    },
    "cdi-spec-dirs": [
        "/etc/cdi/",
        "/var/run/cdi"
    ],
    "runtimes": {
        "io.containerd.wasmedge.v1": {
            "path": "/usr/local/bin/containerd-shim-wasmedge-v1"
        },
        "io.containerd.spin.v2": {
            "path": "/usr/local/bin/containerd-shim-spin-v2"
        }
    }
}
root@test:~# ls -l /usr/local/bin/containerd*
-rwxr-xr-x 1 1001 1001  85087584 Nov  1 22:03 /usr/local/bin/containerd-shim-spin-v2
-rwxr-xr-x 1 root root 124977784 Mar  9  2025 /usr/local/bin/containerd-shim-wasmedge-v1
-rwxr-xr-x 1 root root  32763464 Mar  9  2025 /usr/local/bin/containerd-shim-wasmer-v1
-rwxr-xr-x 1 root root  28913104 Mar  9  2025 /usr/local/bin/containerd-shim-wasmtime-v1
root@ip-10-0-37-151:/etc/docker# docker run --name spin --runtime io.containerd.spin.v2 --platform wasi/wasm --publish 8080:80 ghcr.io/spinframework/containerd-shim-spin/examples/spin-rust-hello:v0.22.0 --command /

docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/moby/133254fbac340346273b7b67878e060c1c9a3ee6dbd081b245033b14ccf59999/log.json: no such file or directory): /usr/local/bin/containerd-shim-spin-v2 did not terminate successfully: exit status 134: unknown

Run 'docker run --help' for more information

Same issue also with runwasi wasm shims

root@ip-10-0-37-151:/home/ubuntu# docker run --rm --runtime=io.containerd.wasmedge.v1 --platform=wasi/wasm secondstate/rust-example-hello:latest
docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/moby/0a10974605804b780da2123b752e94ce953f29580b9e5bd633147e6b8c626e0e/log.json: no such file or directory): /usr/local/bin/containerd-shim-wasmedge-v1 did not terminate successfully: exit status 134: unknown

Run 'docker run --help' for more information

Reproduce

/etc/docker/daemon.json

{
    "storage-driver": "overlayfs",
    "features": {
        "containerd-snapshotter": true,
        "cdi": true
    },
    "cdi-spec-dirs": [
        "/etc/cdi/",
        "/var/run/cdi"
    ],
    "runtimes": {
        "io.containerd.wasmedge.v1": {
            "path": "/usr/local/bin/containerd-shim-wasmedge-v1"
        },
        "io.containerd.spin.v2": {
            "path": "/usr/local/bin/containerd-shim-spin-v2"
        }
    }
}
wget https://github.com/spinframework/containerd-shim-spin/releases/download/v0.22.0/containerd-shim-spin-v2-linux-x86_64.tar.gz
tar -xvf containerd-shim-spin-v2-linux-x86_64.tar.gz
sudo mv containerd-shim-spin-v2 /usr/local/bin/
sudo chmod +x /usr/local/bin/containerd-shim-spin-v2
docker run --name spin --runtime io.containerd.spin.v2 --platform wasi/wasm --publish 8080:80 ghcr.io/spinframework/containerd-shim-spin/examples/spin-rust-hello:v0.22.0 --command /
git clone https://github.com/containerd/runwasi.git

cd runwasi
./scripts/setup-linux.sh
make build-wasmedge
INSTALL="sudo install" LN="sudo ln -sf" make install-wasmedge
docker run --rm --runtime=io.containerd.wasmedge.v1 --platform=wasi/wasm secondstate/rust-example-hello:latest

Expected behavior

$ docker run --rm --runtime=io.containerd.wasmedge.v1 --platform=wasi/wasm secondstate/rust-example-hello:latest
Hello WasmEdge!

docker version

root@ip-10-0-37-151:/etc/docker# docker version
Client: Docker Engine - Community
 Version:           29.1.2
 API version:       1.46 (downgraded from 1.52)
 Go version:        go1.25.5
 Git commit:        890dcca
 Built:             Tue Dec  2 21:55:19 2025
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          27.0.1
  API version:      1.46 (minimum version 1.24)
  Go version:       go1.21.11
  Git commit:       ff1e2c0
  Built:            Mon Jun 24 14:58:03 2024
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          v2.2.0
  GitCommit:        1c4457e00facac03ce1d75f7b6777a7a851e5c41
 runc:
  Version:          1.3.4
  GitCommit:        v1.3.4-0-gd6d73eb8
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

root@ip-10-0-37-151:/etc/docker# docker info
Client: Docker Engine - Community
 Version:    29.1.2
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.30.1
    Path:     /usr/libexec/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v5.0.0
    Path:     /usr/libexec/docker/cli-plugins/docker-compose
  model: Docker Model Runner (Docker Inc.)
    Version:  v1.0.3
    Path:     /usr/libexec/docker/cli-plugins/docker-model

Server:
 Containers: 13
  Running: 3
  Paused: 0
  Stopped: 10
 Images: 17
 Server Version: 27.0.1
 Storage Driver: overlayfs
  driver-type: io.containerd.snapshotter.v1
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 CDI spec directories:
  /etc/cdi/
  /var/run/cdi
 Swarm: inactive
 Runtimes: runc io.containerd.runc.v2 io.containerd.spin.v2 io.containerd.wasmedge.v1 io.containerd.wasmer.v1 io.containerd.wasmtime.v1
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 1c4457e00facac03ce1d75f7b6777a7a851e5c41
 runc version: v1.3.4-0-gd6d73eb8
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.14.0-1016-aws
 Operating System: Ubuntu 24.04.3 LTS
 OSType: linux
 Architecture: x86_64
 CPUs: 1
 Total Memory: 1.918GiB
 Name: ip-10-0-37-151
 ID: 0add84d9-353e-412b-acb6-abada691df55
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional Info

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/runtimeRuntimekind/bugBugs are bugs. The cause may or may not be known at triage time so debugging may be needed.status/0-triageversion/28.0

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions