我尝试了 podman run 命令,并收到 pids.max not found 错误:
podman run --mount type=bind,source=$(pwd)/master,target=/home/SDM -it container.lzlabs.com/images/x86_64/ol/9-pg14/build-pre:master bash
Error: runc: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: openat2
/sys/fs/cgroup/user.slice/user-1001.slice/[email protected]/user.slice/libpod-35bf499a220ec6428ba4dbbe5f542774ba56344d854d89e6e8028e95853b1198.scope/pids.max: no such file or directory: OCI runtime attempted to invoke a command that was not found
正在运行 Oracle Linux Server 版本 8.8,运行 Linux 内核版本 5.15.0-205。
systemctl 显示 podman 服务正在运行:
CGroup: /
├─user.slice
│ └─user-1001.slice
│ ├─[email protected]
│ │ ├─user.slice
│ │ │ └─podman-pause-2b20a995.scope
│ │ │ └─2635 podman
│ │ ├─init.scope
│ │ │ ├─1244 /usr/lib/systemd/systemd --user
│ │ │ └─1245 (sd-pam)
│ │ └─dbus.service
│ │ └─2653 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
user.slice 目录确实存在:
> ls /sys/fs/cgroup/user.slice/user-1001.slice/[email protected]/user.slice
cgroup.controllers
cgroup.events
cgroup.freeze
cgroup.kill
cgroup.max.depth
cgroup.max.descendants
cgroup.procs
cgroup.stat
cgroup.subtree_control
cgroup.threads
cgroup.type
cpu.pressure
cpu.stat
io.pressure
memory.pressure
podman-pause-2b20a995.scope
但没有 libpod-35bf499a220ec6428ba4dbbe5f542774ba56344d854d89e6e8028e95853b1198.scope 目录。
> podman info
host:
arch: amd64
buildahVersion: 1.29.0
cgroupControllers: []
cgroupManager: systemd
cgroupVersion: v2
conmon:
package: conmon-2.1.6-1.module+el8.8.0+21045+adcb6a64.x86_64
path: /usr/bin/conmon
version: 'conmon version 2.1.6, commit: 31a72124adb6095b6be85b27e3e481313a1cea96'
cpuUtilization:
idlePercent: 99.17
systemPercent: 0.17
userPercent: 0.66
cpus: 8
distribution:
distribution: '"ol"'
variant: server
version: "8.8"
eventLogger: file
hostname: lznuc1
idMappings:
gidmap:
- container_id: 0
host_id: 1001
size: 1
- container_id: 1
host_id: 165536
size: 65536
uidmap:
- container_id: 0
host_id: 1001
size: 1
- container_id: 1
host_id: 165536
size: 65536
kernel: 5.15.0-205.149.5.1.el8uek.x86_64
linkmode: dynamic
logDriver: k8s-file
memFree: 31275708416
memTotal: 33531850752
networkBackend: cni
ociRuntime:
name: runc
package: runc-1.1.4-1.0.1.module+el8.8.0+21119+51f68ed8.x86_64
path: /usr/bin/runc
version: |-
runc version 1.1.4
spec: 1.0.2-dev
go: go1.19.10
libseccomp: 2.5.2
os: linux
remoteSocket:
path: /run/user/1001/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_SYS_CHROOT,CAP_NET_RAW,CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID
rootless: true
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns-1.2.0-2.module+el8.8.0+21045+adcb6a64.x86_64
version: |-
slirp4netns version 1.2.0
commit: 656041d45cfca7a4176f6b7eed9e4fe6c11e8383
libslirp: 4.4.0
SLIRP_CONFIG_VERSION_MAX: 3
libseccomp: 2.5.2
swapFree: 2147479552
swapTotal: 2147479552
uptime: 0h 28m 45.00s
plugins:
authorization: null
log:
- k8s-file
- none
- passthrough
- journald
network:
- bridge
- macvlan
- ipvlan
volume:
- local
registries:
search:
- container-testing.lzlabs.com
- container.lzlabs.com
- registry.access.redhat.com
- registry.redhat.io
- docker.io
store:
configFile: /home/pjoot/.config/containers/storage.conf
containerStore:
number: 8
paused: 0
running: 0
stopped: 8
graphDriverName: overlay
graphOptions: {}
graphRoot: /home/pjoot/.local/share/containers/storage
graphRootAllocated: 996516020224
graphRootUsed: 355193028608
graphStatus:
Backing Filesystem: xfs
Native Overlay Diff: "true"
Supports d_type: "true"
Using metacopy: "false"
imageCopyTmpDir: /run/user/1001
imageStore:
number: 1
runRoot: /run/user/1001/containers
transientStore: false
volumePath: /home/pjoot/.local/share/containers/storage/volumes
version:
APIVersion: 4.4.1
Built: 1689930982
BuiltTime: Fri Jul 21 05:16:22 2023
GitCommit: ""
GoVersion: go1.19.10
Os: linux
OsArch: linux/amd64
Version: 4.4.1
这似乎与 https://bugzilla.redhat.com/show_bug.cgi?id=1897579 有关。 我在 RockyLinux 8.10 上也遇到了同样的错误消息,并且运行了无根系统,但是在重建后它最终自行修复了......以至于我无法再重现该错误......
为了充分披露,我在 Windows 10 上运行 WSLv2,并激活了多个发行版。
有一些差异,我的 systemd 状态是:
$ systemctl status -l --user
● rockylinux
State: running
Jobs: 0 queued
Failed: 0 units
Since: Thu 2024-10-24 14:15:36 AEDT; 3min 40s ago
CGroup: /user.slice/user-1000.slice/[email protected]
├─user.slice
│ └─podman-pause-a09ecfad.scope
│ └─203 catatonit -P
├─init.scope
│ ├─159 /usr/lib/systemd/systemd --user
│ └─160 (sd-pam)
└─dbus.service
└─216 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation --syslog-only
主要区别在于 podman-pause 的子进程。 这可能是容器版本差异,但除此之外它是一致的。
根据您的
podman info$ podman info | less
host:
arch: amd64
buildahVersion: 1.33.8
cgroupControllers:
- memory
- pids
cgroupManager: systemd
cgroupVersion: v2
...
随后,运行
podman run hello-world根据 bugzilla 链接,添加以下内容将解决您的问题:
cat >/etc/systemd/system/user-.slice.d/override.conf<<-EOF
[Slice]
Slice=user.slice
CPUAccounting=yes
MemoryAccounting=yes
IOAccounting=yes
TasksAccounting=yes
EOF
我建议仔细阅读 bugzilla 票证,因为有几种方法可以解决该问题。 上面的方法适用于 RockyLinux,这是我正在使用的风格。 正如前面提到的,我实际上不知道为什么我的设置现在可以工作。 构建是脚本化的,并且正在导入相同的基础发行版。 我唯一的预感是活跃发行版之间存在系统冲突。