lil*_*o17 9 linux debian docker
我正在尝试运行docker但它仍然失败.这就是我得到的
root@c1170137:~# docker run hello-world
Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
c04b14da8d14: Extracting 974 B/974 B
docker: failed to register layer: ApplyLayer exit status 1 stdout: stderr: permission denied.
See 'docker run --help'.
内核:4.4.16-1-pve
我正在使用debian jessie
Distributor ID: Debian
Description: Debian GNU/Linux 8.5 (jessie)
Release: 8.5
Codename: jessie
编辑:daemon.log http://hastebin.com/qinufacuto.coffee
码头工人信息
root@c1177124:~# docker info
Containers: 0
Running: 0
Paused: 0
Stopped: 0
Images: 0
Server Version: 1.12.1
Storage Driver: vfs
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: host bridge null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Security Options:
Kernel Version: 4.4.16-1-pve
Operating System: Debian GNU/Linux 8 (jessie)
OSType: linux
Architecture: x86_64
CPUs: 32
Total Memory: 2 GiB
Name: c1177124
ID: 4YUJ:OL2E:WLJC:23WJ:5HRW:LRY3:QHKC:MKXO:JDWO:VWOQ:JMWN:V52W
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): false
Registry: https://index.docker.io/v1/
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
Insecure Registries:
127.0.0.0/8
顺便说一下,问题可能是由内核引起的.感谢您的任何想法或解决方案
使用 lxc.apparmor.profile: unconfined
只需将其放在/etc/pve/lxc/ID.conf文件末尾,然后重新启动LXC容器即可。
lxc.aa_profile: unconfined不推荐使用,已将其重命名。
小智 3
如果您不关心安全性或不信任您的 docker 容器:
/etc/pve/lxc/ID.conf添加来编辑主机上 lxc 容器的配置文件。lxc.aa_profile: unconfinedapt-get remove apparmor --purge| 归档时间: |
|
| 查看次数: |
10808 次 |
| 最近记录: |