Failed to run a Docker container

Question

Question

Joyce Zhang · Sep 24, 2018

I followed the First Look instructions and tried to run a Docker container with the below command:

> docker run --name iris --detach --publish 52773:52773 --volume /Users/docker:/external --env ICM_SENTINEL_DIR=/external iris:latest --key /external/iris.key --before "/usr/irissys/dev/Cloud/ICM/changePassword.sh /external/password.txt"

It returned with a container ID and an error message:

docker: Error response from daemon: OCI runtime create failed: container_linux.go:348: starting container process caused "exec: \"/iris-main\": permission denied": unknown.

"docker ps -a" shows that the status of this container is "Created", not "Up". How can I resolve this "permission denied" issue?

Discussion (4)2

Log in or sign up to continue

Stefano Cairoli · Sep 25, 2018

Hi Joyce,

I just tested the documentation steps on my Mac just to confirm that they would work correctly with the current Docker release, and it seems IO got everything going through correctly.

The "permission denied" error suggests some kind of permission issue, and looking at your "docker run" command I have a strong suspicion that the problem may be coming from the --volume /Users/docker:/external mapping, as anything under "Users" is handled quite strictly by MacOS (and correctly so I would add:-)

Try your test by using a different path for your storage volume.. This is an example of what I ended up running with for my current test run (I used a /Temp/durable/ directory to store my key and password file):
docker run --name iris \
> --detach \
> --publish 52773:52773 \
> --volume /Temp/durable/:/external \
> --env ICM_SENTINEL_DIR=/external \
> acme/iris:stable \
> --key /external/iris.key \
> --before "/usr/irissys/dev/Cloud/ICM/changePassword.sh /external/password.txt"

docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b23d2d4c8b1d acme/iris:stable "/iris-main --key /e…" 9 minutes ago Up 9 minutes 0.0.0.0:52773->52773/tcp iris

Let us know if the /Users/docker path was indeed the cause of your issue.

0 0

score 0 · Answer 1 · 2018-09-24T14:54:40-04:00

Joyce, can you confirm the Docker version and the OS you are running on?

Is the user issuing the docker run command a member of the docker group at operating system level?

Thanks! Erik

score 0 · Answer 2 · 2018-09-24T15:07:56-04:00

Hi Erik, the Docker version is 18.06.1-ce and I'm on macOS 10.13.4. How can I check if I'm a member of the docker group? "id -nG" gives me a list and "everyone" is in the list. I also tried the "docker run" command with "sudo" but didn't work either.

score 0 · Answer 3 · 2018-09-25T10:58:36-04:00

Hi Stefano,

I was trying to run an unreleased 2019.1 docker image. I followed your suggestion but it still doesn't work. Then I tried with a 2018.1.2 docker image and it worked. I will contact support internally.

Thanks!