Docker containers retain references to the runc used

  • Open
  • quality assurance status badge
Details
2 participants
  • Maxim Cournoyer
  • Christopher Rodriguez
Owner
unassigned
Submitted by
Maxim Cournoyer
Severity
normal
M
M
Maxim Cournoyer wrote on 6 Apr 2021 16:42
(name . bug-guix)(address . bug-guix@gnu.org)
878s5vpj8o.fsf@gmail.com
Hello Guix!

I had this surprise today, after reconfiguring my Guix System with an
upgraded docker:

Upon attempting to run an existing container created with the previous
Docker version, I got:

Toggle snippet (3 lines)
ERROR: for moodle-docker_db_1 Cannot start service db: Unknown runtime specified /gnu/store/jx64b4nnh6yvsbp117bfjc5spqz0jfq5-runc-1.0.0-rc6/sbin/runc

It seems the containers retain the exact references to the runc used,
and it somehow cause the execution to fail when it doesn't match with
the runc that the current Docker program is using.

The workaround is to destroy the containers and recreate them from
scratch on this upgraded Docker instance.

Thanks,

Maxim
C
C
Christopher Rodriguez wrote on 20 Mar 2022 20:42
My $0.02
(address . 47617@debbugs.gnu.org)
CAMKqnGbkg6wqVQ55azmV1UhP1Eh2ysCh8d8qBUjcHWaTpbi9wg@mail.gmail.com
Hey,

Just ran into this issue myself. Was able to work around it by editing the
file:

`/var/run/docker/containers/<container-hash-goes-here>/hostconfig.json` to
point to the same `runc` executable that is listed by `guix package -I
runc`. After editing, simply run `sudo herd restart dockerd` and the edited
container will work as it used to.

Dunno how we might implement this kind of edit into the procedure that
updates `runc` in the first place, but it seems like that could be a
solution. Ideally, it would just use `runc` in the `$PATH`, but then `runc`
becomes a propagated input.

Hope this helps.

--

Christopher Rodriguez
Attachment: file
?
Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 47617@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 47617
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch