Jaranguda

Belajar Mengajar

Solusi Docker LIMITS spawning Operation not permitted

Last Updated on By Leave a Comment

Di beberapa docker node yang saya gunakan, docker tidak bisa dijalankan. Error yang paling jelas di service docker adalah LIMITS spawning Operation not permitted

Apr 09 17:08:52 docker-server systemd[1]: Starting Docker Socket for the API.
Apr 09 17:08:52 docker-server systemd[1630]: containerd.service: Failed at step LIMITS spawning /sbin/modprobe: Operation not permitted
Apr 09 17:08:52 docker-server systemd[1]: Started containerd container runtime.
Apr 09 17:08:52 docker-server systemd[1]: Listening on Docker Socket for the API.
Apr 09 17:08:52 docker-server systemd[1]: Starting Docker Application Container Engine...
Apr 09 17:08:52 docker-server systemd[1634]: containerd.service: Failed at step LIMITS spawning /usr/bin/containerd: Operation not permitted
Apr 09 17:08:52 docker-server systemd[1636]: docker.service: Failed at step LIMITS spawning /usr/bin/dockerd: Operation not permitted
Apr 09 17:08:52 docker-server systemd[1]: containerd.service: Main process exited, code=exited, status=205/LIMITS
 
> systemctl status containerd.service
● containerd.service - containerd container runtime
   Loaded: loaded (/lib/systemd/system/containerd.service; enabled; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2020-04-09 17:08:54 WIB; 2min 47s ago
     Docs: https://containerd.io
  Process: 1656 ExecStart=/usr/bin/containerd (code=exited, status=205/LIMITS)
  Process: 1653 ExecStartPre=/sbin/modprobe overlay (code=exited, status=205/LIMITS)
 Main PID: 1656 (code=exited, status=205/LIMITS)
      CPU: 857us
 
Apr 09 17:08:54 docker-server systemd[1]: Starting containerd container runtime...
Apr 09 17:08:54 docker-server systemd[1]: Started containerd container runtime.
Apr 09 17:08:54 docker-server systemd[1]: containerd.service: Main process exited, code=exited, status=
Apr 09 17:08:54 docker-server systemd[1]: containerd.service: Unit entered failed state.
Apr 09 17:08:54 docker-server systemd[1]: containerd.service: Failed with result 'exit-code'.
 
> systemctl status docker
● docker.service - Docker Application Container Engine
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)
   Active: inactive (dead) (Result: exit-code) since Thu 2020-04-09 15:13:47 WIB; 9s ago
     Docs: https://docs.docker.com
  Process: 1279 ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock (code=exited, status=205/LIMITS)
 Main PID: 1279 (code=exited, status=205/LIMITS)
      CPU: 444us
 
Apr 09 15:13:47 docker-server systemd[1]: Failed to start Docker Application Container Engine.
Apr 09 15:13:47 docker-server systemd[1]: docker.service: Unit entered failed state.
Apr 09 15:13:47 docker-server systemd[1]: docker.service: Failed with result 'exit-code'.
Apr 09 15:13:47 docker-server systemd[1]: Stopped Docker Application Container Engine.
 
 
Apr 09 17:13:25 docker-server systemd[1]: docker.service: Start request repeated too quickly.
Apr 09 17:13:25 docker-server systemd[1]: Failed to start Docker Application Container Engine.
Apr 09 17:13:25 docker-server systemd[1]: docker.service: Unit entered failed state.
Apr 09 17:13:25 docker-server systemd[1]: docker.service: Failed with result 'exit-code'.

Beberapa hal yang perlu di cek, bila terjadi masalah seperti ini:
– Check Limit open files dkk dengan perintah ulimit -a
– Check LimitNOFILE di services aplikasi yang gagal.
– Check /etc/security/limits.conf
– Check /etc/sysctl.conf

Dari log diatas, ada dua services yang gagal jalan, yaitu containerd.service dan docker.service. Output dari ulimit -a

> ulimit -a
core file size          (blocks, -c) 0
data seg size           (kbytes, -d) unlimited
scheduling priority             (-e) 0
file size               (blocks, -f) unlimited
pending signals                 (-i) 3892
max locked memory       (kbytes, -l) 64
max memory size         (kbytes, -m) unlimited
open files                      (-n) 550000
pipe size            (512 bytes, -p) 8
POSIX message queues     (bytes, -q) 819200
real-time priority              (-r) 0
stack size              (kbytes, -s) 8192
cpu time               (seconds, -t) unlimited
max user processes              (-u) 3892
virtual memory          (kbytes, -v) unlimited
file locks                      (-x) unlimited

sementara bila dilihat di /lib/systemd/system/containerd.service ada LimitNOFILE=1048576 dan /lib/systemd/system/docker.service, LimitNOFILE=infinityangka tersebut diatas maksimum limit yang diijikan oleh sistem sebesar 550000.

Solusi 1

Ganti nilai LimitNOFILE di containerd.service dan docker.service menjadi 550000 atau lebih kecil, sesuai dengan batas maksimum open files.
Setelah merubah file .service diatas, reload daemon systemctl

systemctl daemon-reload

lalu jalankan satu persatu servicenya

systemctl start containerd
systemctl start docker

Solusi 2

Hapus limit tersebut dari file /etc/security/limits.conf dan/atau /etc/sysctl.conf. Lalu reboot system anda

Tulisan menarik lainnya

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *