Friday, 2022-02-04

« Thursday, 2022-02-03 Index Monday, 2022-02-07 »
kata-irc-bot<gmaglion> Yes, is what we recommend.09:28
kata-irc-bot<gmaglion> Also, it's worth testing `--inode-file-handles` (specially if you share nfs)09:30
kata-irc-bot<yonghe.zhao> Hi team, I was trying to run `kind create cluster`  or `minikube start` in kata container. But I met the same error for both cases: ```17:35:47 ! StartHost failed, but will try again: creating host: create: creating: create kic node: create container: docker run -d -t --privileged --device /dev/fuse --security-opt seccomp=unconfined --tmpfs /tmp --tmpfs /run -v /lib/modules:/lib/modules:ro --hostname minikube --name minikube --lab15:35
kata-irc-botcreated_by.minikube.sigs.k8s.io=true --label name.minikube.sigs.k8s.io=minikube --label role.minikube.sigs.k8s.io= --label mode.minikube.sigs.k8s.io=minikube --network minikube --ip 192.168.49.2 --volume minikube:/var --security-opt apparmor=unconfined --cpus=2 -e container=docker --expose 8443 --volume=/sd/tokens:/tmp/.athenz --publish=127.0.0.1::8443 --publish=127.0.0.1::22 --publish=127.0.0.1::2376 --publish=127.0.0.1::500015:35
kata-irc-bot--publish=127.0.0.1::32443 gcr.io/k8s-minikube/kicbase:v0.0.28@sha256:4780f1897569d2bf77aafb3d133a08d42b4fe61127f06fcfc90c2c5d902d893c: exit status 125 17:35:47 stdout: 17:35:47 3a87b26e1ab3580f271de8d60f61d881b7c10e492a5ae3ed67f231705f1a44be 17:35:47  17:35:47 stderr: 17:35:47 docker: Error response from daemon: OCI runtime create failed: container_linux.go:349: starting container process caused "apply caps: operation not permitted": unknown15:35
kata-irc-botAny hint on why and how to solve it? Thank you very much! :grinning:15:35
kata-irc-bot<fidencio> Are you hitting this when creating a kata-container?15:49
kata-irc-bot<yonghe.zhao> No. I was trying to run `kind create cluster`  or `minikube start` insode kata container.18:17
kata-irc-bot<yonghe.zhao> kata-container was already up.18:18
kata-irc-bot<eric.ernst> Are you running privileged?18:20
kata-irc-bot<eric.ernst> Seems to be a permissions issue? In minikube, I am assuming that you’re running the CRI directly inside the pod, not utilizing anything from the host, is that correct?18:20
« Thursday, 2022-02-03 Index Monday, 2022-02-07 »

Generated by irclog2html.py 2.17.3 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!