Docker does not run with unified cgroup hierarchy #16238

xnox · 2015-09-11T15:08:47Z

When booting system with systemd 226, with systemd.unified_cgroup_hierarchy option, docker with native & lxc drivers fail.

orivej · 2015-10-05T19:45:37Z

+1
To reproduce (with Linux 3.16 or newer):

mkdir /sys/fs/cgroup/unified
mount -t cgroup -o __DEVEL__sane_behavior cgroup /sys/fs/cgroup/unified
docker run --rm busybox

Docker 1.8.1 prints:

Timestamp: 2015-10-05 19:44:19.240101459 +0000 UTC
Code: System error

Message: no subsystem for mount

Frames:
---
0: setupRootfs
Package: github.com/opencontainers/runc/libcontainer
File: rootfs_linux.go@37
---
1: Init
Package: github.com/opencontainers/runc/libcontainer.(*linuxStandardInit)
File: standard_init_linux.go@52
---
2: StartInitialization
Package: github.com/opencontainers/runc/libcontainer.(*LinuxFactory)
File: factory_linux.go@242
---
3: initializer
Package: github.com/docker/docker/daemon/execdriver/native
File: init.go@35
---
4: Init
Package: github.com/docker/docker/pkg/reexec
File: reexec.go@26
---
5: main
Package: main
File: docker.go@19
---
6: main
Package: runtime
File: proc.go@63
---
7: goexit
Package: Error response from daemon: Cannot start container e218e2e9e406121a1732013d1388648da84b31bc8ad5342bc6e5b73216a2f857: [8] System error: no subsystem for mount

thaJeztah · 2015-10-19T14:36:01Z

also see #16256

thaJeztah · 2015-12-02T23:50:15Z

@xnox we recently merged a PR to change the default to cgroupfs for docker 1.10, see #17704

mrunalp · 2015-12-17T00:29:55Z

@xnox We need to add support for this to runc/libcontainer before docker can support it.

sols1 · 2016-03-17T18:36:57Z

cgroup v2 (unified hierarchy) is now official in 4.5:

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34a9304a96d6351c2d35dcdc9293258378fc0bd8

cgroup v2 should have more sensible behavior:

https://www.youtube.com/watch?v=PzpG40WiEfM

Any plans to support it by docker?

mrunalp · 2016-03-17T18:40:13Z

@sols1 Thanks for the update. I think we will start adding support for it in runc first.

mrunalp · 2016-03-17T18:41:27Z

@sols1 Looks like some stuff is still missing, but we can start looking.

 Unfortunately, cpu v2 interface hasn't made it yet due to the discussion around in-process hierarchical resource distribution and only memory and io controllers can be used on the v2 interface at the moment.

sols1 · 2016-03-17T20:00:43Z

Actually, I am not sure what exactly this mean because cgroup v2 (unified hierarchy) existed in kernel as experimental feature since 3.16 and it should include cpu v2 interface.

4.5 commit makes v2 official but still optional. In fact it is possible to mix and match: memory and io can be on v2 and cpu on v1.

MikailBag · 2019-01-30T07:27:30Z

What is current state of this issue?

thaJeztah · 2019-01-30T07:59:27Z

Latest status can be found in opencontainers/runc#654

fcelda · 2019-10-23T16:02:55Z

Please, is there a single place where this feature is being tracked?

The opencontainers/runc#654 has been just closed but mentions there will be new tickets for the remaining tasks. Is runc the only component that needs work? What else needs to be done?

AkihiroSuda · 2019-10-26T16:16:11Z

containerd needs to support cgroup2: containerd/cgroups#102

xnox · 2019-11-01T00:00:29Z

containerd needs to support cgroup2 moved on to containerd/cgroups#103 right?

AkihiroSuda · 2019-11-01T04:33:24Z

yes

AkihiroSuda · 2019-11-05T09:24:17Z

PR: #40174

Fix #7180 Update systemd to v247 in order to pick the fix for "core: coldplug possible nop_job" systemd/systemd#13124 Install systemd, systemd-sysv from buster-backports. Pass "systemd.unified_cgroup_hierarchy=0" as kernel argument to force systemd to not use unified cgroup hierarchy, otherwise dockerd won't start moby/moby#16238. Also, chown $FILSYSTEM_ROOT for root, otherwise apt systemd installation complains, see similar https://unix.stackexchange.com/questions/593529/can-not-configure-systemd-inside-a-chrooted-environment Signed-off-by: Stepan Blyschak <[email protected]>

…#7228) Fix sonic-net#7180 Update systemd to v247 in order to pick the fix for "core: coldplug possible nop_job" systemd/systemd#13124 Install systemd, systemd-sysv from buster-backports. Pass "systemd.unified_cgroup_hierarchy=0" as kernel argument to force systemd to not use unified cgroup hierarchy, otherwise dockerd won't start moby/moby#16238. Also, chown $FILSYSTEM_ROOT for root, otherwise apt systemd installation complains, see similar https://unix.stackexchange.com/questions/593529/can-not-configure-systemd-inside-a-chrooted-environment Signed-off-by: Stepan Blyschak <[email protected]>

thaJeztah mentioned this issue Oct 19, 2015

System error in /sys/fs/cgroup/cpu,cpuactt #16256

Closed

sols1 mentioned this issue Mar 17, 2016

support cgroup v2 (unified hierarchy) opencontainers/runc#654

Closed

justincormack added area/kernel kind/enhancement Enhancements are not bugs or new features but can improve usability or performance. area/daemon labels Oct 11, 2016

zimbatm mentioned this issue Feb 19, 2017

nixos-container tool is broken if $NIXOS_CONFIG environment variable is set NixOS/nixpkgs#22948

Closed

thaJeztah mentioned this issue Oct 25, 2017

Containers fail to start when using --memory in docker 17.09.0-ce #35123

Closed

AkihiroSuda mentioned this issue Nov 5, 2019

support cgroup2 #40174

Merged

thaJeztah closed this as completed in #40174 Jan 9, 2020

AkihiroSuda added the area/cgroup2 cgroup v2 label Jan 23, 2021

This was referenced Apr 2, 2021

[debian] install systemd version 247 from buster-backports stepanblyschak/sonic-buildimage#30

Closed

[debian] install systemd version 247 from buster-backports sonic-net/sonic-buildimage#7228

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Docker does not run with unified cgroup hierarchy #16238

Docker does not run with unified cgroup hierarchy #16238

xnox commented Sep 11, 2015

orivej commented Oct 5, 2015

thaJeztah commented Oct 19, 2015

thaJeztah commented Dec 2, 2015

mrunalp commented Dec 17, 2015

sols1 commented Mar 17, 2016

mrunalp commented Mar 17, 2016

mrunalp commented Mar 17, 2016

sols1 commented Mar 17, 2016

MikailBag commented Jan 30, 2019

thaJeztah commented Jan 30, 2019

fcelda commented Oct 23, 2019

AkihiroSuda commented Oct 26, 2019

xnox commented Nov 1, 2019

AkihiroSuda commented Nov 1, 2019

AkihiroSuda commented Nov 5, 2019

Docker does not run with unified cgroup hierarchy #16238

Docker does not run with unified cgroup hierarchy #16238

Comments

xnox commented Sep 11, 2015

orivej commented Oct 5, 2015

thaJeztah commented Oct 19, 2015

thaJeztah commented Dec 2, 2015

mrunalp commented Dec 17, 2015

sols1 commented Mar 17, 2016

mrunalp commented Mar 17, 2016

mrunalp commented Mar 17, 2016

sols1 commented Mar 17, 2016

MikailBag commented Jan 30, 2019

thaJeztah commented Jan 30, 2019

fcelda commented Oct 23, 2019

AkihiroSuda commented Oct 26, 2019

xnox commented Nov 1, 2019

AkihiroSuda commented Nov 1, 2019

AkihiroSuda commented Nov 5, 2019