minikube: Do not set memory limits for Cgroup v2 "memory.swap.max: permission denied"
Steps to reproduce the issue:
- clean install of docker and clean install minikube
- docker group created and user added to it (as instructed here: https://docs.docker.com/engine/install/linux-postinstall/)
3.
minikube start --driver=dockerfails
Full output of failed command:
Full output of minikube start command used, if not already included:
Command: minikube start --driver=docker:
๐ minikube v1.17.0 on Debian rodete
โจ Using the docker driver based on user configuration
๐ Starting control plane node minikube in cluster minikube
๐ minikube 1.17.1 is available! Download it: https://github.com/kubernetes/minikube/releases/tag/v1.17.1
๐ก To disable this notice, run: 'minikube config set WantUpdateNotification false'
๐ฅ Creating docker container (CPUs=2, Memory=16000MB) ...
๐คฆ StartHost failed, but will try again: creating host: create: creating: create kic node: create container: docker run -d -t --privileged --security-opt seccomp=unconfined --tmpfs /tmp --tmpfs /run -v /lib/modules:/lib/modules:ro --hostname minikube --name minikube --label created_by.minikube.sigs.k8s.io=true --label name.minikube.sigs.k8s.io=minikube --label role.minikube.sigs.k8s.io= --label mode.minikube.sigs.k8s.io=minikube --network minikube --ip 192.168.49.2 --volume minikube:/var --security-opt apparmor=unconfined --memory=16000mb --memory-swap=16000mb -e container=docker --expose 8443 --publish=127.0.0.1::8443 --publish=127.0.0.1::22 --publish=127.0.0.1::2376 --publish=127.0.0.1::5000 gcr.io/k8s-minikube/kicbase:v0.0.17@sha256:1cd2e039ec9d418e6380b2fa0280503a72e5b282adea674ee67882f59f4f546e: exit status 126
stdout:
abaa833909b92f1c668485dc022be8caa9c31d1eadd3da326fefea210ee311b0
stderr:
docker: Error response from daemon: OCI runtime create failed: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: process_linux.go:422: setting cgroup config for procHooks process caused: failed to write "0" to "/sys/fs/cgroup/system.slice/docker-abaa833909b92f1c668485dc022be8caa9c31d1eadd3da326fefea210ee311b0.scope/memory.swap.max": open /sys/fs/cgroup/system.slice/docker-abaa833909b92f1c668485dc022be8caa9c31d1eadd3da326fefea210ee311b0.scope/memory.swap.max: permission denied: unknown.
๐คท docker "minikube" container is missing, will recreate.
๐ฅ Creating docker container (CPUs=2, Memory=16000MB) ...
๐ฟ Failed to start docker container. Running "minikube delete" may fix it: recreate: creating host: create: creating: create kic node: create container: docker run -d -t --privileged --security-opt seccomp=unconfined --tmpfs /tmp --tmpfs /run -v /lib/modules:/lib/modules:ro --hostname minikube --name minikube --label created_by.minikube.sigs.k8s.io=true --label name.minikube.sigs.k8s.io=minikube --label role.minikube.sigs.k8s.io= --label mode.minikube.sigs.k8s.io=minikube --network minikube --ip 192.168.49.2 --volume minikube:/var --security-opt apparmor=unconfined --memory=16000mb --memory-swap=16000mb -e container=docker --expose 8443 --publish=127.0.0.1::8443 --publish=127.0.0.1::22 --publish=127.0.0.1::2376 --publish=127.0.0.1::5000 gcr.io/k8s-minikube/kicbase:v0.0.17@sha256:1cd2e039ec9d418e6380b2fa0280503a72e5b282adea674ee67882f59f4f546e: exit status 126
stdout:
8755e8ad1f08a1700aa2a1cc25defe8bf3ccc56647403c86537a2cecfb5cd562
stderr:
docker: Error response from daemon: OCI runtime create failed: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: process_linux.go:422: setting cgroup config for procHooks process caused: failed to write "0" to "/sys/fs/cgroup/system.slice/docker-8755e8ad1f08a1700aa2a1cc25defe8bf3ccc56647403c86537a2cecfb5cd562.scope/memory.swap.max": open /sys/fs/cgroup/system.slice/docker-8755e8ad1f08a1700aa2a1cc25defe8bf3ccc56647403c86537a2cecfb5cd562.scope/memory.swap.max: permission denied: unknown.
โ Exiting due to GUEST_PROVISION: Failed to start host: recreate: creating host: create: creating: create kic node: create container: docker run -d -t --privileged --security-opt seccomp=unconfined --tmpfs /tmp --tmpfs /run -v /lib/modules:/lib/modules:ro --hostname minikube --name minikube --label created_by.minikube.sigs.k8s.io=true --label name.minikube.sigs.k8s.io=minikube --label role.minikube.sigs.k8s.io= --label mode.minikube.sigs.k8s.io=minikube --network minikube --ip 192.168.49.2 --volume minikube:/var --security-opt apparmor=unconfined --memory=16000mb --memory-swap=16000mb -e container=docker --expose 8443 --publish=127.0.0.1::8443 --publish=127.0.0.1::22 --publish=127.0.0.1::2376 --publish=127.0.0.1::5000 gcr.io/k8s-minikube/kicbase:v0.0.17@sha256:1cd2e039ec9d418e6380b2fa0280503a72e5b282adea674ee67882f59f4f546e: exit status 126
stdout:
8755e8ad1f08a1700aa2a1cc25defe8bf3ccc56647403c86537a2cecfb5cd562
stderr:
docker: Error response from daemon: OCI runtime create failed: container_linux.go:370: starting container process caused: process_linux.go:459: container init caused: process_linux.go:422: setting cgroup config for procHooks process caused: failed to write "0" to "/sys/fs/cgroup/system.slice/docker-8755e8ad1f08a1700aa2a1cc25defe8bf3ccc56647403c86537a2cecfb5cd562.scope/memory.swap.max": open /sys/fs/cgroup/system.slice/docker-8755e8ad1f08a1700aa2a1cc25defe8bf3ccc56647403c86537a2cecfb5cd562.scope/memory.swap.max: permission denied: unknown.
๐ฟ If the above advice does not help, please let us know:
๐ https://github.com/kubernetes/minikube/issues/new/choose
Optional: Full output of minikube logs command:
๐คท The control plane node "" does not exist.
๐ To start a cluster, run: "minikube start"
About this issue
- Original URL
- State: closed
- Created 3 years ago
- Reactions: 3
- Comments: 19 (3 by maintainers)
I think you need to configure those in the Kernel settings, when running on Debian ?
https://docs.docker.com/engine/install/linux-postinstall/#your-kernel-does-not-support-cgroup-swap-limit-capabilities
Currently we only check for โmemsw.limit_in_bytesโ, but not for โmemory.swap.maxโ
There should be a similar check to the one for cgroups v1, also for the new cgroups v2.