Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crun on CentOS 8: Error: cannot set limits without cgroups: OCI runtime error #160

Closed
space88man opened this issue Nov 6, 2019 · 5 comments · Fixed by #161
Closed

crun on CentOS 8: Error: cannot set limits without cgroups: OCI runtime error #160

space88man opened this issue Nov 6, 2019 · 5 comments · Fixed by #161

Comments

@space88man
Copy link

space88man commented Nov 6, 2019
edited
Loading

Error: cannot set limits without cgroups: OCI runtime error

So I tried using crun on CentOS 8 on a frankensystem with RPMs from Fedora 30 to get newer podman/conmon and crun

  1. Host is CentOS 8; cgroups V1
  2. podman is stock 1.0.5 and tried master branch
  3. conmon is 2.0.2-1 (rebuilt from src.rpm)
  4. crun is the Fedora 30 binary

Version: 1.6.3-dev
RemoteAPI Version: 1
Go Version: go1.13.4
Git Commit: 8e5aad97dda150f8e871c1b394824496f4b849ea
Built: Mon Nov 4 23:51:26 2019
OS/Arch: linux/amd64

I am getting

podman  run --rm -it --name tmp_101 centos:8                                                                      
container create failed: cannot set limits without cgroups

The cgroup_manager is "systemd".

# rpm -q conmon podman crun
conmon-2.0.2-1.el8.x86_64
podman from master branch containers/libpod
crun-0.10.2-1.fc30.x86_64
@mheon
Copy link
Member

mheon commented Nov 6, 2019

Are you running as root, or rootless?

@space88man
Copy link
Author

space88man commented Nov 6, 2019
edited
Loading

As root and for reference runc is working.

@space88man
Copy link
Author 

DEBU[0001] running conmon: /usr/libexec/crio/conmon      args="[--api-version 1 -s -c 65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525 -u 65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525 -r /usr/bin/crun -b /var/lib/containers/storage/zfs-containers/65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525/userdata -p /var/run/containers/storage/zfs-containers/65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525/userdata/pidfile -l k8s-file:/var/lib/containers/storage/zfs-containers/65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525/userdata/ctr.log --exit-dir /var/run/libpod/exits --socket-dir-path /var/run/libpod/socket --log-level debug --syslog -t --conmon-pidfile /var/run/containers/storage/zfs-containers/65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525/userdata/conmon.pid --exit-command /opt/podman/podman --exit-command-arg --root --exit-command-arg /var/lib/containers/storage --exit-command-arg --runroot --exit-command-arg /var/run/containers/storage --exit-command-arg --log-level --exit-command-arg debug --exit-command-arg --cgroup-manager --exit-command-arg systemd --exit-command-arg --tmpdir --exit-command-arg /var/run/libpod --exit-command-arg --runtime --exit-command-arg /usr/bin/crun --exit-command-arg --storage-driver --exit-command-arg zfs --exit-command-arg --events-backend --exit-command-arg journald --exit-command-arg container --exit-command-arg cleanup --exit-command-arg --rm --exit-command-arg 65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525]"
INFO[0001] Running conmon under slice machine.slice and unitName libpod-conmon-65484d2fe3d8e92d6525a18b20563d5ad3591c49c0afaa226dfe3be411e09525.scope 
DEBU[0001] Received: -1

giuseppe added a commit to giuseppe/crun that referenced this issue Nov 6, 2019
@giuseppe
cgroup: fix parsing for memory controller
df96fbd 
Closes: containers#160

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
@giuseppe giuseppe mentioned this issue Nov 6, 2019
Merged
@giuseppe
Copy link
Member

giuseppe commented Nov 6, 2019

thanks for the report, crun was not really ever tested on CentOS 8.

Fortunately the fixes are trivial, and I've opened a PR for it: #161

To facilitate testing it, I've attached a compiled binary for Centos 8: crun.gz

@space88man
Copy link
Author

space88man commented Nov 6, 2019
edited
Loading

Confirmed that it works on CentOS 8.0 now for root containers.

For rootless containers the too-old slirp4netns won't work. So if this is going into RHEL 8.2(?)/CentOS 8 Stream you might need to update slirp4netns.

rpm -q slirp4netns
slirp4netns-0.1-2.dev.gitc4e1bc5.module_el8.0.0+58+91b614e7.x86_64

Error: error checking slirp4netns binary /bin/slirp4netns: "slirp4netns \"/bin/slirp4netns:
invalid option -- '-'\\nUsage: /bin/slirp4netns [-c] [-e FD] [-r FD] PID TAPNAME\\n\": exit status 1": slirp4netns "/bin/slirp4netns: invalid option -- 
'-'\nUsage: /bin/slirp4netns [-c] [-e FD] [-r FD] PID TAPNAME\n": exit status 1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

cgroup: fix running on CentOS 8 giuseppe/crun
3 participants
@giuseppe @mheon @space88man