Incus unable to start/run (docker) container natively: 'Error: stat /proc/-1: no such file or directory'

Hello,

this is more or less a continuation of Incus unable to start/run (docker) container natively: ‘s6-overlay-suexec’ error. After the new build was available I migrated a few of my docker containers and hit another issue “Error: stat /proc/-1: no such file or directory” with some of them. Reviewing these docker containers in more detail all of them where using the S6-Overlay like PiHole does but won’t start even with the latest fix.

To keep things simple I followed their Quickstart guide and it returns the same error which confirms it has something to do with the S6-Overlay init start. As I didn’t found any useful information in the log files (properly need to learn a bit more) by comparing both rootfs I observed the following. In PiHole there is a /s6-init where as my test had a /init as a starting point. Reviewing PiHole Dockerfile showed they just move the /init to /s6-init and renamed the starting point accordingly.

After updating my Dockerfile to the following:

# Use your favorite image
FROM ubuntu
ARG S6_OVERLAY_VERSION=3.2.0.0

RUN apt-get update && apt-get install -y nginx xz-utils
RUN echo "daemon off;" >> /etc/nginx/nginx.conf
CMD ["/usr/sbin/nginx"]

ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp
RUN tar -C / -Jxpf /tmp/s6-overlay-noarch.tar.xz
ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-x86_64.tar.xz /tmp
RUN tar -C / -Jxpf /tmp/s6-overlay-x86_64.tar.xz
RUN mv /init /s6-init
ENTRYPOINT ["/s6-init"]

Redeploy on incus the demo instance just stated like PiHole. SUCCESS!!!

Although this is a doable workaround I would rather prefer if Incus could handle this automatically to improve usability.

Do you have an example of an image in the Docker Hub that runs into this issue? Would make it easier to track down.

I run into the issue migrating the Frigate docker image to Incus but it requires quite some configuration to make it work. As I was just looking at this topic Docker OCI Parameter Passing Incus 6.3 it actually has the same problem.

What I actually have forgotten to add is the discussion around this issue PiHole - 2022.08 S6 overlay bug #1176 which properly gives you much more input about the why and how. In a gist even other virtualisation are failing in a similar way like incus does.

To test this out I actually setup a local docker repository in an Incus instance. It actually helped me a lot to solve configuration issues with OCI images.

Hi osch,

i ran into the some situation.

Can you give me more concret information how to get this frigate dockerimage to run?

I installed it via the frigate “docker hub” in an incus container with protocol OCI.

What are the next steps… or where to find that dockerfile?

Looking forward to your feedback.

Best regards

Jan

Good to know about Frigate as it’s one of the containers I need to move from Docker inside of Incus to Incus myself, so I’ll sort it out soon

I would really appreciate that, Stephane

5 hours ago I tried to install frigate inside lxd/lxc and finally became aware of incus.

I quickly switched from lxd to incus (also because of the possibility to run dockerimages directly).

Now I’ve been stuck on this topic for a while

I really like incus, by the way!

As mentioned Frigate and some other containers are not that straight forward.

What you need is to create your own docker registry, I followed one of the many examples on the web Configured SSL and proxied the port. In a second container I installed docker and all the dependencies like outlined on their homepage. On the docker instance you create a Dockerfile:

# Use your favorite image
FROM ghcr.io/blakeblackshear/frigate:stable

# install dhcp or other IP packages if you have more than one interface
RUN apt-get -qq install isc-dhcp-client
 # add a oneshot S6 service to initialize eth1 => check the docs


# enable this for testing use real mounts later
#RUN mkdir /config && mkdir -p /media/frigate
#COPY  config.yml /config => minimum example taken from frigate home page

RUN mv /init /s6-init

ENTRYPOINT ["/s6-init"]

Now it is time to build your local image and push it into your repository:

docker build -t frigate .
docker tag frigate <your registry>:8443/frigate
docker push <your registry>:8443/frigate

Frigate or any other S6 docker OCI is ready to launch. Let’s register our private registry:

incus remote add mydocker https://<your registry>:8443 --protocol=oci

Launch your container like usual:

incus launch mydocker:frigate frigate

Seconds later you have a running Frigate instance.

As mentioned, this is a workaround. On the other hand you can actually wrap a lot of other stuff into your own custom docker image. For example network related things or GPU driver, you name it.

One question I have is how to configure the shm size? I was able to get this working by editing the config.json file to increase it from 64MB default to 256MB. Without increasing you get a nice core dump if you have more than one camera…

Lastly Nvidia GPU statistics are not working but running nvidia-smi on the host confirms the usage.

Looking forward to hear other experiences about Frigate on Incus

In got Frigate to behave in today’s live stream which led to those changes: OCI related fixes by stgraber · Pull Request #1052 · lxc/incus · GitHub

For Frigate, it was really just the one line change to add /init to the paths we treat as being able to handle PID1 duties.

Sounds good and looking forward to use it in the next stable release.

Any pointer how I can increase shm_size during init/launch is it -c or -d option?

Now its running on my server too.

It’s amazing to be able to run docker images with incus! Nice job

I’m also interessted how to inc shm size.