Package: docker.io
Version: 18.09.1+dfsg1-7.1+deb10u2
We observe the occasional container kills in buster (containers from one
image type only). No OOMs or other errors present; ausearch (configured
to log kills with kill_signals key) says when problem occurs:
node=mynode type=PROCTITLE msg=audit(01/05/21 07:40:04.371:973017) :
proctitle=runc --root /var/run/docker/runtime-runc/moby --log-format
json delete --force 51a8f7df39d42c228a4d34dbc798efc8a2f35f98f9d37f22f
node=mynode type=OBJ_PID msg=audit(01/05/21 07:40:04.371:973017) :
opid=27268 oauid=unset ouid=cybo-front oses=-1 obj==docker-default
(enforce) ocomm=finish
node=mynmode type=SYSCALL msg=audit(01/05/21 07:40:04.371:973017) :
arch=x86_64 syscall=kill success=yes exit=0 a0=0x6a84 a1=SIGKILL a2=0x0
a3=0x0 items=0 ppid=1648 pid=6986 auid=unset uid=root gid=root euid=root
suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset
comm=runc exe=/usr/sbin/runc subj==unconfined key=kill_signals
51a8f7df39d42c228a4d34dbc798efc8a2f35f98f9d37f22f is killed container id.
Syslog says:
2021-01-05 07:40:04 dockerd[1430]:
time="2021-01-05T07:40:04.360641039+01:00" level=warning msg="cleaning
up after killed shim"
id=51a8f7df39d42c228a4d34dbc798efc8a2f35f98f9d37f22f9eba692d20efd97
namespace=moby
2021-01-05 07:40:04 dockerd[1430]:
time="2021-01-05T07:40:04.360467155+01:00" level=info msg="shim reaped"
id=51a8f7df39d42c228a4d34dbc798efc8a2f35f98f9d37f22f9eba692d20efd97
Looks like a bug described on
https://github.com/moby/moby/issues/38768
Please verify and consider fixing.
--
Regards,
Paweł Bogusławski
IB Development Team
E: d...@ib.pl
