无法停止或删除 Docker 容器 - 权限被拒绝错误 [英] Docker Containers can not be stopped or removed - permission denied Error
问题描述
问题:无法停止 docker 容器,每当我尝试停止容器时,都会收到以下错误消息,
<预> <代码>错误:yattyadocker_web_1不能停止容器:1f04148910c5bac38983e6beb3f6da4c8be3f46ceeccdc8d7de0da9d2d76edd8:不能杀死容器1f04148910c5bac38983e6beb3f6da4c8be3f46ceeccdc8d7de0da9d2d76edd8:RPC错误:代码= PermissionDenied DESC =许可被拒绝操作系统版本/内部版本: Ubuntu 16.04 |Docker 版本 17.09.0-ce,构建 afdb6d4 |Docker Compose 1.17.1 版本,构建 6d101fb
重现步骤:
- 使用 Dockerfile 和 docker-compose.yml 创建了一个 rails 项目.docker-compose.yml 是版本 3.
- 使用
docker build -t或成功构建图像. docker-compose up --build - 容器启动并成功运行.
- 尝试使用 docker-compose down 停止 docker compose.
我的尝试::
- 我必须运行
sudo service docker restart然后才能移除容器. - 卸载 docker,删除 docker 目录,然后重新安装所有内容.仍然面临同样的问题.
注意:此配置之前可以正常工作,但不知何故文件权限可能已更改,我看到此错误.我必须运行 sudo service docker restart 然后可以删除容器.但这非常不方便,我不知道如何解决这个问题.
参考文件:
# docker-compose.yml版本:'3'卷:数据库数据:司机:本地redis-数据:司机:本地服务:D b:图片:postgres:9.4.1卷:- 数据库数据:/var/lib/postgresql/data端口:- 5432:5432"env_file: local_envs.env网络:图像:yattya_docker:最新命令:bundle exec puma -C config/puma.rbtty: 真的stdin_open: 真端口:- 3000:3000"链接:- D b- Redis- 内存缓存取决于:- D b- Redis- 内存缓存env_file: local_envs.envRedis:图片:redis:3.2.4-alpine端口:# 我们将主机的 6379 端口绑定到 redis 的 6379 端口,这样我们就可以使用了# Redis 桌面管理器(或其他工具):- 6379:6379卷:# 我们将'redis-data'卷挂载到redis存储它的数据的位置:- redis-data:/var/lib/redis命令:redis-server --appendonly 是内存缓存:图像:memcached:1.5-alpine端口:- 11211:11211"时钟:图像:yattya_docker:最新命令:bundle exec clockwork lib/clock.rb链接:- D b取决于:- D benv_file: local_envs.env工人:图像:yattya_docker:最新命令:bundle exec rake 作业:工作链接:- D b取决于:- D benv_file: local_envs.env和 Dockerfile:
# Dockerfile从红宝石:2.4.1运行 apt-get 更新 &&apt-get install -y nodejs --no-install-recommends &&rm -rf/var/lib/apt/lists/*ENV APP_HOME/app运行 mkdir -p $APP_HOME工作目录 $APP_HOME添加 Gemfile* $APP_HOME/运行捆绑安装添加 .$APP_HOME运行 mkdir -p ${APP_HOME}/log运行 cat/dev/null >$APP_HOME/log/development.log"运行 mkdir -p ${APP_HOME}/tmp/cache &&mkdir -p ${APP_HOME}/tmp/pids &&mkdir -p ${APP_HOME}/tmp/sockets曝光 3000我解决了这个问题.由于一些未知问题,ubuntu 中的 Apparmor 服务无法正常工作.该问题类似于 moby 项目中报告的问题 https://github.com/moby/moby/问题/20554.
/etc/apparmor.d/tunables 文件夹为空,https://github.com/mlaventure 建议清除/重新安装 apparmor 以使其恢复到初始状态.
于是我重新安装了apparmor,重启后问题解决了.
希望这会有所帮助.
Issue: Can not stop docker containers, whenever I try to stop containers I get the following Error message,
ERROR: for yattyadocker_web_1 cannot stop container: 1f04148910c5bac38983e6beb3f6da4c8be3f46ceeccdc8d7de0da9d2d76edd8: Cannot kill container 1f04148910c5bac38983e6beb3f6da4c8be3f46ceeccdc8d7de0da9d2d76edd8: rpc error: code = PermissionDenied desc = permission denied
OS Version/build: Ubuntu 16.04 | Docker Version 17.09.0-ce, build afdb6d4 | Docker Compose version 1.17.1, build 6d101fb
Steps to reproduce:
- Created a rails project with Dockerfile and docker-compose.yml. docker-compose.yml is of version 3.
- Image is built successfully with either
docker build -t <project name> .ordocker-compose up --build - Containers boots up and runs successfully.
- Try to stop docker compose with docker-compose down.
What I tried::
- I have to run
sudo service docker restartand then the containers can be removed. - Uninstalled docker, removed docker directory and then re installed everything. Still facing same issue.
Note: This configuration was working correctly earlier, but somehow file permissions might have changed and I am seeing this error. I have to run sudo service docker restart and then the containers can be removed. But this is highly inconvenient and I don't know how to troubleshoot this.
Reference Files:
# docker-compose.yml
version: '3'
volumes:
db-data:
driver: local
redis-data:
driver: local
services:
db:
image: postgres:9.4.1
volumes:
- db-data:/var/lib/postgresql/data
ports:
- "5432:5432"
env_file: local_envs.env
web:
image: yattya_docker:latest
command: bundle exec puma -C config/puma.rb
tty: true
stdin_open: true
ports:
- "3000:3000"
links:
- db
- redis
- memcached
depends_on:
- db
- redis
- memcached
env_file: local_envs.env
redis:
image: redis:3.2.4-alpine
ports:
# We'll bind our host's port 6379 to redis's port 6379, so we can use
# Redis Desktop Manager (or other tools) with it:
- 6379:6379
volumes:
# We'll mount the 'redis-data' volume into the location redis stores it's data:
- redis-data:/var/lib/redis
command: redis-server --appendonly yes
memcached:
image: memcached:1.5-alpine
ports:
- "11211:11211"
clock:
image: yattya_docker:latest
command: bundle exec clockwork lib/clock.rb
links:
- db
depends_on:
- db
env_file: local_envs.env
worker:
image: yattya_docker:latest
command: bundle exec rake jobs:work
links:
- db
depends_on:
- db
env_file: local_envs.env
And Dockerfile:
# Dockerfile
FROM ruby:2.4.1
RUN apt-get update && apt-get install -y nodejs --no-install-recommends && rm -rf /var/lib/apt/lists/*
ENV APP_HOME /app
RUN mkdir -p $APP_HOME
WORKDIR $APP_HOME
ADD Gemfile* $APP_HOME/
RUN bundle install
ADD . $APP_HOME
RUN mkdir -p ${APP_HOME}/log
RUN cat /dev/null > "$APP_HOME/log/development.log"
RUN mkdir -p ${APP_HOME}/tmp/cache
&& mkdir -p ${APP_HOME}/tmp/pids
&& mkdir -p ${APP_HOME}/tmp/sockets
EXPOSE 3000
I was able to fix the issue. Apparmor service in ubuntu was not working normally due to some unknown issue. The problem was similar to the issue reported in moby project https://github.com/moby/moby/issues/20554.
The /etc/apparmor.d/tunables folder was empty, and https://github.com/mlaventure suggested to purge/reinstall apparmor to get it to the initial state.
So I reinstalled apparmor, and after restarting the problem was solved.
Hope this helps.
这篇关于无法停止或删除 Docker 容器 - 权限被拒绝错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
