Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: K3s OCI runtime create failed: runc create failed: unable to start container process: unable to apply cgroup configuration: #591

Closed
tharwan opened this issue May 29, 2024 · 8 comments
Closed

Bug: K3s OCI runtime create failed: runc create failed: unable to start container process: unable to apply cgroup configuration: #591

tharwan opened this issue May 29, 2024 · 8 comments

Comments

@tharwan
Copy link

tharwan commented May 29, 2024

Describe the bug

When using the K3s container on my ARM Mac with Colima I am unable to run deployments in the K3s cluster. The K3s cluster from Colima itself works fine.

To Reproduce

k3s = K3SContainer()
k3s.start()

env = os.environ.copy()
with NamedTemporaryFile(mode="w", delete=False) as tmp_file:
    tmp_file.write(k3s.config_yaml())
    tmp_file.close()
    env["KUBECONFIG"] = tmp_file.name
    subprocess.check_call(
        ["kubectl", "run", "busybox", "--image=busybox"],
        env=env,
    )

this will start the cluster and insert a pod. But the pod will not start and instead see a logs like

Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: unable to apply cgroup configuration: failed to write 4188: write /sys/fs/cgroup/kubepods/besteffort/pod86fac936-f8f2-4cfa-8a62-77c892d5ef3d/ba75980054e795ee5b552902df784e5be731cee71fa20aacb51d4459d5f49173/cgroup.procs: no such file or directory: unknown

the logs from the K3s container look similarly for services like coreDNS.

Runtime environment

Darwin MABP-JRP4R0W3XJ 23.3.0 Darwin Kernel Version 23.3.0: Wed Dec 20 21:31:00 PST 2023; root:xnu-10002.81.5~7/RELEASE_ARM64_T6020 arm64

Python 3.11.6

docker info:


Server:
 Containers: 26
  Running: 2
  Paused: 0
  Stopped: 24
 Images: 21
 Server Version: 24.0.7
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: io.containerd.runc.v2 runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: d8f198a4ed8892c764191ef7b3b06d8a2eeb5c7f
 runc version: v1.1.10-0-g18a0cb0
 init version: de40ad0
 Security Options:
  apparmor
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 6.5.0-35-generic
 Operating System: Ubuntu 23.10
 OSType: linux
 Architecture: aarch64
 CPUs: 4
 Total Memory: 3.816GiB
 Name: colima
 ID: 264a16ae-9445-4626-99ba-d62c497cf7e5
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false
@tharwan
Copy link
Author

tharwan commented May 29, 2024

Quick update. Same results on the linux machine (without Colima) from a colleague.

@tharwan
Copy link
Author

tharwan commented May 29, 2024

Second update, if I remove this line everything works fine.

I could not quite figure out what this line is supposed to do.

@alexanderankin
Copy link
Member

alexanderankin commented May 30, 2024
edited
Loading

if you want, i can add a constructor boolean parameter for that, i have no idea what it is intended to do.

I'd also add a warning if that parameter is passed in as experimental as again, no idea what its for, and also boolean parameters are not great for maintainability, so we'd probably want to figure out what its for and avoid the extra param or generalize a bit.

@tharwan
Copy link
Author

tharwan commented May 30, 2024

Maybe @ash1425 still knows? I assume it has something to do with k3s-io/k3s#7265 but I am not sure. From the k3s docs I don’t get why the volume mount might be needed.

But since we can’t get it to work on two different systems, I thing an option would be good. Otherwise we will just use our own implementation, which is also fine.

@alexanderankin alexanderankin mentioned this issue May 30, 2024
Merged
@alexanderankin
Copy link
Member

might as well accept the contribution might help someone else, might also learn the answer if someone comes back to this issue with it. opened #592

@alexanderankin
Copy link
Member

if it works for you ill release it @tharwan

@alexanderankin
Copy link
Member

alexanderankin commented May 30, 2024 via email

alexanderankin added a commit that referenced this issue May 31, 2024
@alexanderankin
fix(k3s): add configuration parameter for disabling cgroup mount to a…
8917772 
…void "unable to apply cgroup configuration" (#592)

relates to #591
@alexanderankin
Copy link
Member

@tharwan this is out now

@tharwan tharwan closed this as completed Jun 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tharwan @alexanderankin