Issues with containerd and libseccomp in CentOS 8

Question

Issues with containerd and libseccomp in CentOS 8

janorn opened this issue 4 years ago · 6 comments

janorn commented 4 years ago

Version Information

Ansible: 2.9.14
Role: 3.1.1

Steps to Reproduce

Trying to install on CentOS 8 with libseccomp v2.3.3

Expected Behavior

docker deamon started

Actual Behavior

[stdout]
● docker.service - Docker Application Container Engine
   Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; vendor preset: disabled)
  Drop-In: /etc/systemd/system/docker.service.d
           └─default.conf
   Active: inactive (dead)
     Docs: https://docs.docker.com
[stderr]

-- Unit containerd.service has begun starting up.
Nov 05 09:25:02 packer-azure-build containerd[38780]: /usr/bin/containerd: symbol lookup error: /usr/bin/containerd: undefined symbol: seccomp_api_set
Nov 05 09:25:02 packer-azure-build systemd[1]: containerd.service: Main process exited, code=exited, status=127/n/a
Nov 05 09:25:02 packer-azure-build systemd[1]: containerd.service: Failed with result 'exit-code'.
Nov 05 09:25:02 packer-azure-build systemd[1]: Failed to start containerd container runtime.
-- Subject: Unit containerd.service has failed

This solves the issue:

yum update libseccomp
.
.
Running transaction
  Preparing        :                                                                                                1/1
  Upgrading        : libseccomp-2.4.1-1.el8.x86_64                                                                  1/2
  Running scriptlet: libseccomp-2.4.1-1.el8.x86_64                                                                  1/2
  Cleanup          : libseccomp-2.3.3-3.el8.x86_64                                                                  2/2
  Running scriptlet: libseccomp-2.3.3-3.el8.x86_64                                                                  2/2
  Verifying        : libseccomp-2.4.1-1.el8.x86_64                                                                  1/2
  Verifying        : libseccomp-2.3.3-3.el8.x86_64                                                                  2/2

References

Answer 1 · 2020-11-05T10:12:12.000Z

Somewhat related this issue:
containerd/containerd#4349

Installed version of containerd.io is 1.3.7-3.1

Answer 2 · 2020-11-05T12:05:23.000Z

@janorn thanks... update solved my issue

Answer 3 · 2020-11-05T12:56:19.000Z

@janorn Incompatibilities like that in this case is solved by just making sure CentOS 8 is upgrade before starting docker, right? Since in my regression tests I do a yum upgrade before starting tests on CentOS/RHEL 8 and have not seen this issue

Answer 4 · 2020-11-05T13:24:29.000Z

I fully understand. If you want to close this its ok. If not a task just checking version might be of use. Anyway the knowledge is here now for people having issues. Real issue is that containerd.io pkg should have a better dependency.

Answer 5 · 2020-11-05T13:35:19.000Z

Let me think about it over the weekend when I got some more time. 😄 Will take a decision what to do.

Thanks anyway for reporting it! Will help people.

Answer 6 · 2021-01-01T10:22:14.000Z

I will not implement anything around this since also CentOS not that long ago announced it will put CentOS 8 into the grave already next year and only continue with CentOS Stream which basically is a development branch from RHEL.

https://blog.centos.org/2020/12/future-is-centos-stream/