执行 docker run 命令,错误信息:
docker: Error response from daemon: failed to create shim: OCI runtime create failed: container_linux.go:380: starting container process caused: process_linux.go:545: container init caused: rootfs_linux.go:75: mounting "/var/lib/docker/containers/4433f8f50551c4d4dc2a25b4cfcfc17756ac4652a25678782fa3133a8d91ac87/resolv.conf" to rootfs at "/etc/resolv.conf" caused: mount through procfd: possibly malicious path detected -- refusing to operate on /etc/resolv.conf: unknown.
docker pull 或者 docker load 自己打包的镜像,错误信息:
2d473b07cdd5: Pull compLete
acc5949e922 Extracting [====================>] 52. 1MB/52.11MB
failed to register layer: ApplyLayer exit status 1 stdout: stderr: unlinkat /var/lib/yum/yumdb/0/b4526a544d82f6c6ffa4348ce30227f5ce3c8714-openldap-2.4.44-22.el7-x86_ 64: invalid argument
环境:
CentOS Linux release 7.9.2009 (Core)
Docker version 20.10.14
解决方式:
1、排查镜像在其他服务器上运行是否有问题;
2、排查 docker 版本和是否和服务器版本匹配;
3、排查 docker 依赖是否完整,我采用的是 rpm 包安装:
containerd.io-1.5.11-3.1.el7.x86_64.rpm
container-selinux-2.107-3.el7.noarch.rpm
docker-ce-20.10.14-3.el7.x86_64.rpm
docker-ce-cli-20.10.14-3.el7.x86_64.rpm
4、以上方式都不行,那就重启服务器吧,可能的原因是服务器升级了一些固件之后没用重启,docker 读取不到系统配置。