lxc-start:无效的参数 – 无法克隆

完全新手试图让我的脚在docker上,所以也许我做了明显错误的事情。 运行容器时遇到问题:

root@tethys:~# docker run ubuntu ls lxc-start: Invalid argument - failed to clone lxc-start: failed to create vethNGY9xv-veth3eKuyS : Operation not supported lxc-start: failed to create netdev lxc-start: failed to create the network lxc-start: failed to spawn '38e59da80ff79f024304c761704924172fbd7632be705f9b71659a91de8467e9' lxc-start: No such file or directory - failed to remove cgroup '/sys/fs/cgroup/cpuset//lxc/38e59da80ff79f024304c761704924172fbd7632be705f9b71659a91de8467e9' 

似乎一切正常安装:

 root@tethys:~# docker images REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE learn/tutorial latest 8dbd9e392a96 8 months ago 128 MB ubuntu 12.04 8dbd9e392a96 8 months ago 128 MB ubuntu latest 8dbd9e392a96 8 months ago 128 MB ubuntu precise 8dbd9e392a96 8 months ago 128 MB ubuntu 12.10 b750fe79269d 8 months ago 175.3 MB ubuntu quantal b750fe79269d 8 months ago 175.3 MB 

docker版本是目前稳定的版本(实际上,六天前提交):

 root@tethys:~# docker version Client version: 0.7.1 Go version (client): go1.2 Git commit (client): 88df052 Server version: 0.7.1 Git commit (server): 88df052 Go version (server): go1.2 Last stable version: 0.7.1 

我会说我的系统应该支持:

 root@tethys:~# uname -a Linux tethys.wavilon.net 2.6.38.2-grsec-xxxx-grs-ipv6-64 #2 SMP Thu Aug 25 16:40:22 UTC 2011 x86_64 x86_64 x86_64 GNU/Linux root@tethys:~# cat /etc/issue Ubuntu 12.04.3 LTS \n \l 

我还能检查什么?

根据文档 ,docker“在3.8内核上效果最好”。

对于grsecurity内核来说,特别是如果你想在LXC中运行“无特权的容器”,你需要在/etc/sysctl.conf设置以下内容:

 kernel.grsecurity.chroot_caps = 0 kernel.grsecurity.chroot_deny_chmod = 0 kernel.grsecurity.chroot_deny_pivot = 0 kernel.grsecurity.chroot_deny_chroot = 0 kernel.grsecurity.chroot_deny_mount = 0 

然后sysctl -p