Azure Container Instances
An Azure service that provides customers with a serverless container experience.
757 questions
Azure ACI linux capabilities
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 16%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECB%3C/text%3E%3C/svg%3E)
Carl Bourne
0
Reputation points
Hi, I'm having issues running some Linux containers that need some specific capabilities.
I see in the docs there's the --add-capabilities parameter which I've set to use IPC_LOCK
az container create \
--privileged \
--location $ACI_PERS_LOCATION \
--environment-variables ACCEPT_TERMS=Y \
--resource-group $ACI_PERS_RESOURCE_GROUP \
--name firefly \
--image registry.venafi.cloud/public/venafi-images/firefly:latest \
--dns-name-label aci-demo$RANDOM \
--ports 8281 \
--azure-file-volume-account-name $ACI_PERS_STORAGE_ACCOUNT_NAME \
--azure-file-volume-account-key $STORAGE_KEY \
--azure-file-volume-share-name $ACI_PERS_SHARE_NAME \
--azure-file-volume-mount-path /etc/firefly/ \
--cpu 2 \
--memory 8 \
--add-capabilities IPC_LOCK \
--command-line "run -c /etc/firefly/config.yaml"
However upon startup my container is killed with the following output.
standard_init_linux.go:228: exec user process caused: operation not permitted
Please can you confirm exactly what linux capabilities ACI supports as this not seem to be documented anywhere.
Azure Container Instances
{count} votes
-
Prrudram-MSFT 28,286 Reputation points Microsoft Employee Moderator2024-05-03T06:59:21.51+00:00 I am reviewing this internally, in the mean can you follow the suggestions from this post
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 68%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAM%3C/text%3E%3C/svg%3E)
Andrew McGregor 0 Reputation points2024-10-11T00:26:45.3033333+00:00 Running:
az container create -g rg-compute --name vault --image hashicorp/vault:latest --cpu 1 --memory 1
Logs from container:
Couldn't start vault with IPC_LOCK. Disabling IPC_LOCK, please use --cap-add IPC_LOCK ==> Vault server configuration:What capabilities does ACI support?
Sign in to comment
Sign in to answer