search

amnezia-vpn / amnezia-client

Amnezia VPN Client (Desktop+Mobile)
https://amnezia.org
GNU General Public License v3.0
2k stars 200 forks source link

Installation from client fails, docker containers do not build/run on OpenVZ VPS #836

Closed pbtsrc closed 3 weeks ago

pbtsrc commented 1 month ago

Installation from client fails with Error code: 202. Server error: Docker container missing

docker build --no-cache --pull -t amnezia-awg /opt/amnezia/amnezia-awg fails. Probably the same as in #817

docker build --network=host --no-cache --pull -t amnezia-awg /opt/amnezia/amnezia-awg builds ok, but

docker run -d --log-driver none --restart always --privileged --cap-add=NET_ADMIN --cap-add=SYS_MODULE -p 12345:12345/udp -v /lib/modules:/lib/modules --sysctl="net.ipv4.conf.all.src_valid_mark=1" --name amnezia-awg amnezia-awg fails with docker: Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: resulting devices cgroup doesn't match target mode: unknown.

sevbear commented 1 month ago

I encountered the same problem.

chibuk commented 1 month ago

I encountered the same problem. Ubuntu Server 22.04.4 LTS

RA1ALG commented 1 month ago

how to solve the problem?

pokamest commented 3 weeks ago

OpenVZ is not supported by Amnezia, the issue is in the --privileged --cap-add=NET_ADMIN args, which is not supported by Docker on OpenVZ virtualization, it requires full virtualization to enable these capabilities.

OpenVZ is not considered full virtualization because it uses container-based virtualization. This means it shares the host system's kernel with isolated containers, unlike full virtualization, which emulates an entire hardware system allowing multiple operating systems to run independently.

KVM (Kernel-based Virtual Machine) is a type of full virtualization, as it allows multiple operating systems to run unmodified on standard x86 hardware by using hardware virtualization extensions. Unlike OpenVZ, KVM provides each virtual machine with its own isolated kernel, making it suitable for running diverse operating systems and environments with greater flexibility and isolation.

RA1ALG commented 2 weeks ago

I'm using vm.nuxt.cloud, on KVM. A week earlier everything was working fine. The payment ended and I re-registered. After which the installation fails with the specified error.