Wednesday, November 8, 2017

Docker build encounters error "failed to unshare namespaces: Invalid argument"

Issue



_[91mnsenter: failed to unshare namespaces: Invalid argument
_[0m_[91mcontainer_linux.go:265: starting container process caused "process_linux.go:270: running exec setns process for init caused \"exit status 34\""
_[0moci runtime error: container_linux.go:265: starting container process caused "process_linux.go:270: running exec setns process for init caused \"exit status 34\""

Environment

  RHEL 7.2

Solution


Execute below commands as a root user and reboot system.

grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
reboot

Root cause


usernamespace was enable at docker daemon level but same was not enabled in kernel level.

Docker daemon runs like this:

ExecStart=/usr/bin/dockerd --live-restore --userland-proxy=false --icc=false --disable-legacy-registry  --userns-remap=docker:docker --tlsverify --tlscacert=/var/SP/docker/certs/ca.pem --tlscert=/var/SP/docker/certs/cert.pem --tlskey=/var/SP/docker/certs/key.pem -g /var/SP/docker -H tcp://0.0.0.0:2376  -H unix://var/run/docker.sock --log-driver=syslog --log-opt syslog-address=tcp://localhost:514 --log-opt tag="DOCKER"


No comments:

Post a Comment