bd96500e110b49cbb3cd949968f18be7.png

I'm trying to run docker but it still fails. Here is what i get

root@c1170137:~# docker run hello-world

Unable to find image 'hello-world:latest' locally

latest: Pulling from library/hello-world

c04b14da8d14: Extracting 974 B/974 B

docker: failed to register layer: ApplyLayer exit status 1 stdout: stderr: permission denied.

See 'docker run --help'.

kernel: 4.4.16-1-pve

i'm using debian jessie

Distributor ID: Debian

Description: Debian GNU/Linux 8.5 (jessie)

Release: 8.5

Codename: jessie

docker info

root@c1177124:~# docker info

Containers: 0

Running: 0

Paused: 0

Stopped: 0

Images: 0

Server Version: 1.12.1

Storage Driver: vfs

Logging Driver: json-file

Cgroup Driver: cgroupfs

Plugins:

Volume: local

Network: host bridge null overlay

Swarm: inactive

Runtimes: runc

Default Runtime: runc

Security Options:

Kernel Version: 4.4.16-1-pve

Operating System: Debian GNU/Linux 8 (jessie)

OSType: linux

Architecture: x86_64

CPUs: 32

Total Memory: 2 GiB

Name: c1177124

ID: 4YUJ:OL2E:WLJC:23WJ:5HRW:LRY3:QHKC:MKXO:JDWO:VWOQ:JMWN:V52W

Docker Root Dir: /var/lib/docker

Debug Mode (client): false

Debug Mode (server): false

Registry: https://index.docker.io/v1/

WARNING: bridge-nf-call-iptables is disabled

WARNING: bridge-nf-call-ip6tables is disabled

Insecure Registries:

127.0.0.0/8

By the way, the problem could be caused by the kernel.

Thank you for any idea or solution

解决方案

Use lxc.apparmor.profile: unconfined

Just put at the end of an /etc/pve/lxc/ID.conf file and restart your LXC container.

Using lxc.aa_profile: unconfined is deprecated as was renamed.

Logo

魔乐社区(Modelers.cn) 是一个中立、公益的人工智能社区,提供人工智能工具、模型、数据的托管、展示与应用协同服务,为人工智能开发及爱好者搭建开放的学习交流平台。社区通过理事会方式运作,由全产业链共同建设、共同运营、共同享有,推动国产AI生态繁荣发展。

更多推荐