I got an installation error on PVE LXC Ubuntu 20.04 and it looks like the search tool failed to install.
Total reclaimed space: 537.4MB
2020-06-30T14:37:51+00:00 upgrade-script: Downloading version v0.6.68-c255d72... (this might take long)
Pulling search ... done
Pulling rdb ... done
Pulling cache ... done
Pulling app ... done
Pulling web ... done
2020-06-30T14:41:47+00:00 upgrade-script: Installing: Starting version v0.6.68-c255d72...
Creating network "talkyard_internal_net" with driver "bridge"
Creating talkyard_search_1 ... error
Creating talkyard_rdb_1 ... done
Creating talkyard_cache_1 ...
ERROR: for talkyard_search_1 Cannot start service search: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"process_linux.go:378: setting rlimits for ready process caused \\\"error setting rlimit type 8: operation not permitted\\\"\
Creating talkyard_cache_1 ... error
ERROR: for talkyard_cache_1 Cannot start service cache: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write sysctl key net.core.somaxconn: open /proc/sys/net/core/somaxconn: no such file or directory\"": unknown
ERROR: for search Cannot start service search: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"process_linux.go:378: settingrlimits for ready process caused \\\"error setting rlimit type 8: operation not permitted\\\"\"": unknown
ERROR: for cache Cannot start service cache: OCI runtime create failed: container_linux.go:349: starting container process caused "process_linux.go:449: container init caused \"write sysctl key net.core.somaxconn: open /proc/sys/net/core/somaxconn: no such file or directory\"": unknown
Encountered errors while bringing up the project.
I would love to have a one-click installation of Docker like Discourse, it's very easy and error free.
KajMagnus @KajMagnus2020-07-03 12:03:19.694ZI never tried running Talkyard with LXC. It'd be nice if that worked — and Podman too.
It seems the errors are, for ElasticSearch and Redis:
error setting rlimit type 8: operation not permitted write sysctl key net.core.somaxconn: open /proc/sys/net/core/somaxconn: no such file or directoryand indeed they need higher OS resource limits. For example, ElasticSearch wants at least 65 536 open files descriptors. And Redis wants a higher
SOMAXCONN( = max waiting connection requests for a listening socket).But I'm surprised it seems they try to auto-configure these things themselves?
I wonder if it's possible to 1) configure the OS? or the LXC / Podman containers? so the resource limits are high enough. Or 2) reconfigure ES and Redis so they're ok with lower limits. But I think at least with ES that's not completely possible.
- In reply toCee⬆:KajMagnus @KajMagnus2020-07-03 15:32:19.985Z
I would love to have a one-click installation of Docker like Discourse
Where would you want to one-click install Talkyard? I'm thinking / wondering-if a one click installer needs to be created with a specific hosting provider in mind, e.g. an installer for DigitalOcean, and another for ... others.
(Sorry for the a bit late reply)
- MIn reply toCee⬆:Marek Wojtaszek @MarekWojt
I have the same on my LXC (PVE). No solution still?
KajMagnus @KajMagnus2024-04-17 14:08:03.097ZMaybe there is now. You're trying to run the Talkyard Docker containers in a single PVE LXC container? Maybe the following can be helpful — someone is getting the same "error setting rlimit type 8" error when running ElasticSearch in a Docker container in an LXD container: (it's from 2021, newer than the Orig Post above from 2020)
ERROR: for elasticsearch Cannot start service elasticsearch: OCI runtime create failed: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: process_linux.go:382: setting rlimits for ready process caused: error setting rlimit type 8: operation not permitted: unknown
[...]
The problem usually is that you’re exceeding the limit set in the initial user namespace
[...]
I set limits.kernel.memlock to unlimited and it worked!lxc config set MyContainer limits.kernel.memlock unlimited
Apparently, in LXC containers: "some syscalls (user space requests to the Linux kernel) are not allowed within containers", https://pve.proxmox.com/wiki/Linux_Container — I suppose that's what was happening (?).
They (Proxmox) recommends using Proxmox QEMU VMs instead:
If you want to run application containers, for example, Docker images, it is recommended that you run them inside a Proxmox QEMU VM. This will give you all the advantages of application containerization, while also providing the benefits that VMs offer, such as strong isolation from the host and the ability to live-migrate
https://pve.proxmox.com/wiki/Linux_Container
And in a Reddit thread:
There are some permission issues you may run into with containers beting privileged or not. An improper setup could allow software in the container to write to the host's filesystem, etc
https://www.reddit.com/r/Proxmox/comments/15dzpp4/docker_containers_in_an_lxc/
What operating system do you use b.t.w.? (I suppose it doesn't matter, just curious)
- MMarek Wojtaszek @MarekWojt
I tried again with the regular QEMU VM instead of an LXC, as you advised and this time it went flawlessly -- no errors!
Thank you so much!- KajMagnus @KajMagnus2024-04-18 05:11:54.094Z
Ok :- ) I guess I'll mark your comment as the solution then (it's shorter, quicker to read, than my long comment above)