Ошибка при деплое Docker контейнера
При деплое Docker контейнера через Gitlab средствами Ansible получил такую ошибку с хоста:
Container prod-app Creating\n Container prod-app Created\n Container prod-app Starting\nError response from daemon: AppArmor enabled on system but the docker-default profile could not be loaded: running `/sbin/apparmor_parser apparmor_parser -Kr /var/lib/docker/tmp/docker-default2801170264` failed with output: apparmor_parser: Unable to replace \"docker-default\". Permission denied; attempted to load a profile while confined?\n\nerror: exit status 243\n", "stderr_lines": ["time=\"2024-06-20T09:32:20Z\" level=warning msg=\"/home/prokect/deploy-prod.yml: `version` is obsolete\"", " prod-app Pulling ", " prod-app Pulled ", " Container prod-app Creating", " Container prod-app Created", " Container prod-app Starting", "Error response from daemon: AppArmor enabled on system but the docker-default profile could not be loaded: running `/sbin/apparmor_parser apparmor_parser -Kr /var/lib/docker/tmp/docker-default2801170264` failed with output: apparmor_parser: Unable to replace \"docker-default\". Permission denied; attempted to load a profile while confined?", "", "error: exit status 243"], "stdout": "", "stdout_lines": []}
Решение:
apt purge apparmor -y
И если это lxc контейнер, то в конфиге контейнера прописать:
##################### lxc.include: /usr/share/lxc/config/nesting.conf lxc.mount.auto: cgroup-full:rw proc:rw sys:rw lxc.apparmor.profile: unconfined lxc.cgroup.devices.allow: a lxc.cgroup.devices.allow: c 108:0 rwm #####################