Error bringing up contrainers - v4.3.6 #711
Comments
alphaDev23
changed the title
alphaDev23
changed the title
|
Hello @alphaDev23 In the description of the issue, I see that you removed the containers from a previous deployment, but surely the previous volumes are still created. To be able to deploy from scratch again you also have to delete the created volumes: Also if your user is not inside the docker group to be able to use the binary with your user, try not to use the "-E" option for sudo command for deployment. |
|
Hello @alphaDev23 and @vcerenu, For some reason, docker-compose is treating the generated key files and YAML configuration files as directories. My solution was to envelop every relative path under volumes with double quotation marks as such: I hope that helps! |
|
@jedagda Thank you for the suggestion but after adding quotes around the docker volumes that reference individual files, I'm still getting the same issue. @vcerenu Thank you for your suggestion but it did not work. Has the the docker-compose file been tested and if yes, against which docker and compose versions? Server Version: 18.06.1-ce |
|
I get this issue when attempting to: Error: not sure if this is a related issue or what |
|
Hello @alphaDev23 Have you tried to start the stack with In the Another problem that can be generated is when the deployment is done from another OS other than linux or docker does not have root permissions. It is necessary that the docker agent have root permissions to be able to mount the generated certificates, which can only be accessed by this user when they are created. Can you tell me with which OS you are running the stack? |
|
I'm still receiving the same issue using 4.3.10. The certs are generated prior to bringing up the stack per the readme file. I execute docker-compose using sudo. Here is the issue again with the directory listing of the volume referenced in the compose file. Thoughts? ubuntu@bionic-4:~/DevOps/wazuh-docker/single-node$ sudo -E docker-compose up -d ERROR: for single-node_wazuh.manager_1 Cannot start service wazuh.manager: OCI runtime create failed: container_linux.go:348: starting container process caused "process_linux.go:402: container init caused "rootfs_linux.go:58: mounting \"/home/ubuntu/DevOps/wazuh-docker/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem\" to rootfs \"/var/lib/docker/overlay2/8129cd2ff13d6c6dff35feee05c0d05d1f4561d3c28190125d19d089bd9845d9/merged\" at \"/var/lib/docker/overlay2/8129cd2ff13d6c6dff35feee05c0d05d1f4561d3c28190125d19d089bd9845d9/merged/etc/ssl/filebeat.key\" caused \"not a directory\""": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type ERROR: for wazuh.manager Cannot start service wazuh.manager: OCI runtime create failed: container_linux.go:348: starting container process caused "process_linux.go:402: container init caused "rootfs_linux.go:58: mounting \"/home/ubuntu/DevOps/wazuh-docker/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager-key.pem\" to rootfs \"/var/lib/docker/overlay2/8129cd2ff13d6c6dff35feee05c0d05d1f4561d3c28190125d19d089bd9845d9/merged\" at \"/var/lib/docker/overlay2/8129cd2ff13d6c6dff35feee05c0d05d1f4561d3c28190125d19d089bd9845d9/merged/etc/ssl/filebeat.key\" caused \"not a directory\""": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type |
|
Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting rlimits for ready process: error setting rlimit type 8: operation not permitted: unknown |
|
The root cause for this error is you probably ran |
|
You can also try to install the correct docker, I had the same issue https://documentation.wazuh.com/current/deployment-options/docker/docker-installation.html |
Below is the full log of the issue. This may be an issue with the generation of the certs per the following:
ubuntu@bionic-4:~/wazuh-docker/single-node$ sudo ls -al config/wazuh_indexer_ssl_certs/
total 56
dr-x------ 2 root root 4096 Aug 18 04:57 .
drwxrwxr-x 6 ubuntu ubuntu 4096 Aug 18 04:57 ..
-r-------- 1 ubuntu ubuntu 1708 Aug 18 05:01 admin-key.pem
-r-------- 1 ubuntu ubuntu 1119 Aug 18 05:01 admin.pem
-r-------- 1 systemd-resolve systemd-journal 1704 Aug 18 05:01 root-ca-manager.key
-r-------- 1 systemd-resolve systemd-journal 1204 Aug 18 05:01 root-ca-manager.pem
-r-------- 1 ubuntu ubuntu 1704 Aug 18 05:01 root-ca.key
-r-------- 1 ubuntu ubuntu 1204 Aug 18 05:01 root-ca.pem
-r-------- 1 ubuntu ubuntu 1704 Aug 18 05:01 wazuh.dashboard-key.pem
-r-------- 1 ubuntu ubuntu 1261 Aug 18 05:01 wazuh.dashboard.pem
-r-------- 1 ubuntu ubuntu 1704 Aug 18 05:01 wazuh.indexer-key.pem
-r-------- 1 ubuntu ubuntu 1257 Aug 18 05:01 wazuh.indexer.pem
-r-------- 1 systemd-resolve systemd-journal 1704 Aug 18 05:01 wazuh.manager-key.pem
-r-------- 1 systemd-resolve systemd-journal 1257 Aug 18 05:01 wazuh.manager.pem
LOG:
ubuntu@bionic-4:
/wazuh-docker/single-node$ sudo -E docker-compose -f generate-indexer-certs.yml run --rm generator/wazuh-docker/single-node$ sudo rm -f $(sudo docker ps -aq --filter name=wazuh)WARNING: Found orphan containers (single-node_wazuh.manager_1, single-node_wazuh.indexer_1) for this project. If you removed or renamed this service in your compose file, you can run this command with the --remove-orphans flag to clean it up.
Creating single-node_generator_run ... done
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 25130 100 25130 0 0 240k 0 --:--:-- --:--:-- --:--:-- 242k
Cert tool exists in Packages bucket
18/08/2022 05:01:01 INFO: Admin certificates created.
18/08/2022 05:01:01 INFO: Wazuh indexer certificates created.
18/08/2022 05:01:01 INFO: Wazuh server certificates created.
18/08/2022 05:01:02 INFO: Wazuh dashboard certificates created.
Moving created certificates to destination directory
changing certificate permissions
Setting UID indexer and dashboard
Setting UID for wazuh manager and worker
ubuntu@bionic-4:
ubuntu@bionic-4:~/wazuh-docker/single-node$ sudo -E docker-compose up -d
Starting single-node_wazuh.indexer_1 ...
Starting single-node_wazuh.manager_1 ... error
ERROR: for single-node_wazuh.manager_1 Cannot start service wazuh.manager: OCI runtime create failed: container_linux.go:348: starting container process caused "process_linux.go:402: container init caused "rootfs_linux.go:58: mounting \"/home/ubuntu/wazuh-docker/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem\" to rootfs \"/var/lib/docker/overlay2/a528354d356d24e101aadbd1009dc40ead9c39cda4966aba9be2b7721d44e283/merged\" at \"/var/lib/docker/overlay2/a528354d356d24e101aadbd1009dc40Starting single-node_wazuh.indexer_1 ... error
sa)? Check if the specified host path exists and is the expected type
ERROR: for single-node_wazuh.indexer_1 Cannot start service wazuh.indexer: OCI runtime create failed: container_linux.go:348: starting container process caused "process_linux.go:402: container init caused "rootfs_linux.go:58: mounting \"/home/ubuntu/wazuh-docker/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem\" to rootfs \"/var/lib/docker/overlay2/534407e71da0526a40690adeb30eb19bbdb7b35b627ba34608146f2c50e79018/merged\" at \"/var/lib/docker/overlay2/534407e71da0526a40690adeb30eb19bbdb7b35b627ba34608146f2c50e79018/merged/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key\" caused \"not a directory\""": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type
ERROR: for wazuh.manager Cannot start service wazuh.manager: OCI runtime create failed: container_linux.go:348: starting container process caused "process_linux.go:402: container init caused "rootfs_linux.go:58: mounting \"/home/ubuntu/wazuh-docker/single-node/config/wazuh_indexer_ssl_certs/wazuh.manager.pem\" to rootfs \"/var/lib/docker/overlay2/a528354d356d24e101aadbd1009dc40ead9c39cda4966aba9be2b7721d44e283/merged\" at \"/var/lib/docker/overlay2/a528354d356d24e101aadbd1009dc40ead9c39cda4966aba9be2b7721d44e283/merged/etc/ssl/filebeat.pem\" caused \"not a directory\""": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type
ERROR: for wazuh.indexer Cannot start service wazuh.indexer: OCI runtime create failed: container_linux.go:348: starting container process caused "process_linux.go:402: container init caused "rootfs_linux.go:58: mounting \"/home/ubuntu/wazuh-docker/single-node/config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem\" to rootfs \"/var/lib/docker/overlay2/534407e71da0526a40690adeb30eb19bbdb7b35b627ba34608146f2c50e79018/merged\" at \"/var/lib/docker/overlay2/534407e71da0526a40690adeb30eb19bbdb7b35b627ba34608146f2c50e79018/merged/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key\" caused \"not a directory\""": unknown: Are you trying to mount a directory onto a file (or vice-versa)? Check if the specified host path exists and is the expected type
ERROR: Encountered errors while bringing up the project.
The text was updated successfully, but these errors were encountered: