libnvidia-container: Unable to run toolkit on Debian
with “default-runtime”: “nvidia” set, docker is not able to run:
$ docker run hello-world
docker: Error response from daemon: failed to create shim: OCI runtime create failed: container_linux.go:380: starting container process caused: error adding seccomp filter rule for syscall clone3: permission denied: unknown.
ERRO[0001] error waiting for container: context canceled
The issue is already discussed here: https://github.com/containerd/containerd/issues/6203 It seems it was recently fixed but I think the fix was not published for ubuntu 18.04. Would it be possible to backport it ? I am running on a jetson and ubuntu 20 is not yet available.
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Comments: 21 (9 by maintainers)
The
1.7.0-rc.1packages have been promoted to GA (1.7.0) and are available from ourstablerepositories.See https://github.com/NVIDIA/nvidia-container-toolkit/releases/tag/v1.7.0
To get access to this version, you need to have our experimental repo configured as described in the first note here:
https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/install-guide.html#setting-up-nvidia-container-toolkit
@CourchesneA the 1.6.0 release of the nvidia-container-toolkit package includes the fix for this issue for non-Jetson platforms. We are actively working on getting the Jetson fix released In the coming days.
Just uninstall docker and do this: https://docs.nvidia.com/datacenter/cloud-native/container-toolkit/install-guide.html#docker
@somera please follow the instructions here to add the required repos and get access to the packages. They have not yet been included in Jetpack.
@somera it seems to be the same error, in the first case you are not using nvidia runtime so you do not encounter the error. As mentionned, I think the fix will be ported to jetson soon