podman: RUN fails in rootless podman build when cgroups is v1
Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)
/kind bug
Description
When cgroups is v1 podman build fails on RUN step with the following:
ERRO[0000] systemd cgroup flag passed, but systemd support for managing cgroups is not available
systemd cgroup flag passed, but systemd support for managing cgroups is not available
error running container: error creating container for [/bin/sh -c touch /file]: : exit status 1
Error: error building at STEP "RUN touch /file": error while running runtime: exit status 1
Cannot reproduce with buildah bud, so filing it here.
Steps to reproduce the issue:
On a system running an up-to-date Fedora 32:
- Check that
podman buildis working okay:
$ podman build --no-cache -f -
FROM fedora:latest
RUN touch /file
STEP 1: FROM fedora:latest
STEP 2: RUN touch /file
STEP 3: COMMIT
--> 85f1922ea05
85f1922ea05bfe11e035caefa54d31f22a8c10559e7f4ca3fe9215ea2b31e163
- Configure system to use cgroups v1 and reboot.
sudo grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
- Run
podman buildagain:
$ podman build --no-cache -f -
FROM fedora:latest
RUN touch /file
STEP 1: FROM fedora:latest
STEP 2: RUN touch /file
ERRO[0000] systemd cgroup flag passed, but systemd support for managing cgroups is not available
systemd cgroup flag passed, but systemd support for managing cgroups is not available
error running container: error creating container for [/bin/sh -c touch /file]: : exit status 1
Error: error building at STEP "RUN touch /file": error while running runtime: exit status 1
buildah budworks:
$ buildah bud --no-cache -f -
FROM fedora:latest
RUN touch /file
STEP 1: FROM fedora:latest
STEP 2: RUN touch /file
STEP 3: COMMIT
--> 03c30b816e2
03c30b816e266f69814b26c377a85c4419a4c26086b799f29c13bf79e6f4f527
Describe the results you received:
Build fails on RUN step.
Describe the results you expected:
Build should succeed.
Additional information you deem important (e.g. issue happens only occasionally):
Tested this on a fresh Fedora 32 installation.
The above is working with podman 1.8.2, but fails after upgrading to podman 2.0.2
Output of podman version:
Version: 2.0.2
API Version: 1
Go Version: go1.14.3
Built: Thu Jan 1 01:00:00 1970
OS/Arch: linux/amd64
Output of podman info --debug:
When cgroups is v1
host:
arch: amd64
buildahVersion: 1.15.0
cgroupVersion: v1
conmon:
package: conmon-2.0.18-1.fc32.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.18, commit: 6e8799f576f11f902cd8a8d8b45b2b2caf636a85'
cpus: 8
distribution:
distribution: fedora
version: "32"
eventLogger: file
hostname: localhost-live
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 5.7.8-200.fc32.x86_64
linkmode: dynamic
memFree: 2097209344
memTotal: 4090630144
ociRuntime:
name: runc
package: runc-1.0.0-144.dev.gite6555cc.fc32.x86_64
path: /usr/bin/runc
version: |-
runc version 1.0.0-rc10+dev
commit: fbdbaf85ecbc0e077f336c03062710435607dbf1
spec: 1.0.1-dev
os: linux
remoteSocket:
path: /run/user/1000/podman/podman.sock
rootless: true
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.1.1-1.fc32.x86_64
version: |-
slirp4netns version 1.1.1
commit: bbf27c5acd4356edb97fa639b4e15e0cd56a39d5
libslirp: 4.2.0
SLIRP_CONFIG_VERSION_MAX: 2
swapFree: 2147479552
swapTotal: 2147479552
uptime: 39.76s
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- registry.centos.org
- docker.io
store:
configFile: /home/csomh/.config/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions:
overlay.mount_program:
Executable: /usr/bin/fuse-overlayfs
Package: fuse-overlayfs-1.1.2-1.fc32.x86_64
Version: |-
fusermount3 version: 3.9.1
fuse-overlayfs: version 1.1.0
FUSE library version 3.9.1
using FUSE kernel interface version 7.31
graphRoot: /home/csomh/.local/share/containers/storage
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 2
runRoot: /run/user/1000/containers
volumePath: /home/csomh/.local/share/containers/storage/volumes
version:
APIVersion: 1
Built: 0
BuiltTime: Thu Jan 1 01:00:00 1970
GitCommit: ""
GoVersion: go1.14.3
OsArch: linux/amd64
Version: 2.0.2
When cgroups is v2:
host:
arch: amd64
buildahVersion: 1.15.0
cgroupVersion: v2
conmon:
package: conmon-2.0.18-1.fc32.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.0.18, commit: 6e8799f576f11f902cd8a8d8b45b2b2caf636a85'
cpus: 8
distribution:
distribution: fedora
version: "32"
eventLogger: file
hostname: localhost-live
idMappings:
gidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
uidmap:
- container_id: 0
host_id: 1000
size: 1
- container_id: 1
host_id: 100000
size: 65536
kernel: 5.7.8-200.fc32.x86_64
linkmode: dynamic
memFree: 1938636800
memTotal: 4090626048
ociRuntime:
name: crun
package: crun-0.14.1-1.fc32.x86_64
path: /usr/bin/crun
version: |-
crun version 0.14.1
commit: 598ea5e192ca12d4f6378217d3ab1415efeddefa
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +YAJL
os: linux
remoteSocket:
path: /run/user/1000/podman/podman.sock
rootless: true
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.1.1-1.fc32.x86_64
version: |-
slirp4netns version 1.1.1
commit: bbf27c5acd4356edb97fa639b4e15e0cd56a39d5
libslirp: 4.2.0
SLIRP_CONFIG_VERSION_MAX: 2
swapFree: 2147479552
swapTotal: 2147479552
uptime: 1m 50.78s
registries:
search:
- registry.fedoraproject.org
- registry.access.redhat.com
- registry.centos.org
- docker.io
store:
configFile: /home/csomh/.config/containers/storage.conf
containerStore:
number: 0
paused: 0
running: 0
stopped: 0
graphDriverName: overlay
graphOptions:
overlay.mount_program:
Executable: /usr/bin/fuse-overlayfs
Package: fuse-overlayfs-1.1.2-1.fc32.x86_64
Version: |-
fusermount3 version: 3.9.1
fuse-overlayfs: version 1.1.0
FUSE library version 3.9.1
using FUSE kernel interface version 7.31
graphRoot: /home/csomh/.local/share/containers/storage
graphStatus:
Backing Filesystem: extfs
Native Overlay Diff: "false"
Supports d_type: "true"
Using metacopy: "false"
imageStore:
number: 0
runRoot: /run/user/1000/containers
volumePath: /home/csomh/.local/share/containers/storage/volumes
version:
APIVersion: 1
Built: 0
BuiltTime: Thu Jan 1 01:00:00 1970
GitCommit: ""
GoVersion: go1.14.3
OsArch: linux/amd64
Version: 2.0.2
Package info (e.g. output of rpm -q podman or apt list podman):
$ rpm -q podman
podman-2.0.2-1.fc32.x86_64
$ rpm -q buildah
buildah-1.15.0-1.fc32.x86_64
Additional environment details (AWS, VirtualBox, physical, etc.):
Was able to reproduce both on physical machine as in VM.
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 21 (16 by maintainers)
Commits related to this issue
- Ensure that rootless cgroupsv1 will select cgroupfs The current logic is that, if Podman was built with the systemd build flag, we will always select systemd cgroups by default. Then, if we detect no... — committed to mheon/common by mheon 4 years ago
- Ensure that rootless cgroupsv1 will select cgroupfs The current logic is that, if Podman was built with the systemd build flag, we will always select systemd cgroups by default. Then, if we detect no... — committed to mheon/common by mheon 4 years ago
- Ensure that rootless cgroupsv1 will select cgroupfs The current logic is that, if Podman was built with the systemd build flag, we will always select systemd cgroups by default. Then, if we detect no... — committed to rhatdan/common by mheon 4 years ago
- Ensure that rootless cgroupsv1 will select cgroupfs The current logic is that, if Podman was built with the systemd build flag, we will always select systemd cgroups by default. Then, if we detect no... — committed to vrothberg/common by mheon 4 years ago
@csomh PTAL https://github.com/containers/podman/pull/7009
Setting
cgroup_manager="cgroupfs"inlibpod.confsolves the issue.