cgroups increase to 65555 preventing docker to start

Dr. Arne Babenhauserheide wrote on 30 Aug 2023 10:31

Recipients:(address . bug-guix@gnu.org)

Message-ID:87msy9sz6j.fsf@web.de

Hi,

when I try to start a docker container, I get the erro

docker: Error response from daemon: failed to create shim task: OCI
runtime create failed: runc create failed: unable to start container
process: unable to apply cgroup configuration: mkdir
/sys/fs/cgroup/docker/dac0a619a2d6f980095c74a6a2b82a31bbfef721d5bc80fe9a9fb94fe48cfa37:
no space left on device: unknown.

Checking the number of cgroups shows that it’s at the limit (if I read
it right, no guarantees for that, cgroups isn’t my strong side), but
this is after only a few days of uptime:

$ find /sys/fs/cgroup/ -type d | wc -l
65534

$ cat /proc/cgroups 
#subsys_name    hierarchy       num_cgroups     enabled
cpuset  0       65536   1
cpu     0       65536   1
cpuacct 0       65536   1
blkio   0       65536   1
memory  0       65536   1
devices 0       65536   1
freezer 0       65536   1
net_cls 0       65536   1
perf_event      0       65536   1
net_prio        0       65536   1
hugetlb 0       65536   1
pids    0       65536   1
misc    0       65536   1

Is Guix using cgroups for building?
Is something broken in Guix or do I have to hunt elsewhere for fixes?

Other people seem to have similar problems, but only after massive
docker usage:
https://github.com/AlexiaChen/rocker/issues/3#issuecomment-1128946114

Best wishes,
Arne
-- 
Unpolitisch sein
heißt politisch sein,
ohne es zu merken.
draketo.de

Sergiu Ivanov wrote on 2 Sep 2023 22:25

Recipients:(address . 65614@debbugs.gnu.org)

Message-ID:87fs3wiaf0.fsf@colimite.fr

Hello,

I have a similar issue, related to cgroups as well: after a recent

update, I cannot start my LXC containers anymore.

This is how I generally start one of my LXC containers, called arch:

# lxc-start -n arch

I add the -F switch to get the following more detailed error log:

lxc-start: arch: cgroups/cgfsng.c: cg_legacy_set_data: 2678 No such file or directory - Failed to setup limits for the "devices" controller. The controller seems to be unused by "cgfsng" cgroup driver or not enabled on the cgroup hierarchy

lxc-start: arch: cgroups/cgfsng.c: cgfsng_setup_limits_legacy: 2745 No such file or directory - Failed to set "devices.deny" to "a"

lxc-start: arch: start.c: lxc_spawn: 1896 Failed to setup legacy device cgroup controller limits

lxc-start: arch: start.c: __lxc_start: 2074 Failed to spawn container "arch"

lxc-start: arch: tools/lxc_start.c: main: 306 The container failed to start

lxc-start: arch: tools/lxc_start.c: main: 311 Additional information can be obtained by setting the --logfile and --logpriority options

I tried tinkering a little with the cgroups-related options in my

container configuration, but that had zero impact on the error message.

Sergiu

Your comment

Commenting via the web interface is currently disabled.

To comment on this conversation send an email to 65614@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it

mumi current 65614

Then, you may apply the latest patchset in this issue (with sign off)

mumi am -- -s

Or, compose a reply to this issue

mumi compose

Or, send patches to this issue

mumi send-email *.patch

is:open	open issues
is:done	closed issues
submitter:<who>	search issue submitter
author:<who>	search by message author
date:yesterday..now	search by issue date
mdate:3m..2d	search by message date