linux - Gentoo Linux : Docker container doesn't start: cgroup v2

标签 linux docker gentoo

我的 Gentoo 系统(内核 5.4.97)docker 容器无法启动。

我尝试了以下命令:

docker 运行 kubler/mariadb

错误信息是:

docker:来自守护进程的错误响应:OCI 运行时创建失败:container_linux.go:349: 启动容器进程导致“process_linux.go:449: 容器初始化导致\”process_linux.go:415: 设置 cgroup 配置procHooks 进程在设置 cgroup v2 时导致\\\"错误:[无法加载程序:功能未实现]\\\"\"":未知。 ERRO[0000] 等待容器时出错:上下文已取消

docker 守护进程处于事件状态(systemd)

内核:5.4.97

当我执行 docker check 脚本时,我得到这个输出

warning: /proc/config.gz does not exist, searching other paths for kernel config ...
info: reading kernel config from /boot/config-5.4.97-gentoo ...

Generally Necessary:
- cgroup hierarchy: cgroupv2
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled (as module)
- CONFIG_IP_NF_FILTER: enabled
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled
- CONFIG_NETFILTER_XT_MATCH_IPVS: missing
- CONFIG_NETFILTER_XT_MARK: enabled (as module)
- CONFIG_IP_NF_NAT: enabled (as module)
- CONFIG_NF_NAT: enabled
- CONFIG_POSIX_MQUEUE: enabled

Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_MEMCG_SWAP: enabled
- CONFIG_MEMCG_SWAP_ENABLED: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: enabled
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: missing
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: missing
- CONFIG_IP_NF_TARGET_REDIRECT: missing
- CONFIG_IP_VS: enabled
- CONFIG_IP_VS_NFCT: missing
- CONFIG_IP_VS_PROTO_TCP: missing
- CONFIG_IP_VS_PROTO_UDP: missing
- CONFIG_IP_VS_RR: missing
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
- "overlay":
- CONFIG_VXLAN: missing
- CONFIG_BRIDGE_VLAN_FILTERING: missing
Optional (for encrypted networks):
- CONFIG_CRYPTO: enabled
- CONFIG_CRYPTO_AEAD: enabled
- CONFIG_CRYPTO_GCM: enabled
- CONFIG_CRYPTO_SEQIV: enabled
- CONFIG_CRYPTO_GHASH: enabled
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: missing
- "ipvlan":
- CONFIG_IPVLAN: missing
- "macvlan":
- CONFIG_MACVLAN: missing
- CONFIG_DUMMY: missing
- "ftp,tftp client in container":
- CONFIG_NF_NAT_FTP: enabled
- CONFIG_NF_CONNTRACK_FTP: enabled
- CONFIG_NF_NAT_TFTP: missing
- CONFIG_NF_CONNTRACK_TFTP: missing
- Storage Drivers:
- "aufs":
- CONFIG_AUFS_FS: missing
- "btrfs":
- CONFIG_BTRFS_FS: enabled
- CONFIG_BTRFS_FS_POSIX_ACL: enabled
- "devicemapper":
- CONFIG_BLK_DEV_DM: enabled
- CONFIG_DM_THIN_PROVISIONING: missing
- "overlay":
- CONFIG_OVERLAY_FS: enabled
- "zfs":
- /dev/zfs: missing
- zfs command: missing
- zpool command: missing

Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000

某些设置声明为“MISSING”,会导致一些问题:

  • CONFIG_NETFILTER_XT_MATCH_IPVS内核配置中不存在此选项
  • CONFIG_RT_GROUP_SCHED:当我启用此选项时,系统不再启动。在最后一条消息后挂起(“[确定]终止普利茅斯...”)。没有登录提示,也没有 sddm

Docker Gentoo-Wiki 页面与我的内核版本不匹配。 Wiki 页面说应该启用 CFQ IO Scheduler,但我的内核配置中没有此选项(有 BFQ)

我也尝试使用内核引导选项“systemd.unified_cgroup_hierarchy=0”和“systemd.unified_cgroup_hierarchy=1”。但没有任何帮助。

最佳答案

当您使用所需选项(以及这些选项的依赖项)编译内核时,所需选项将显示为“绿色”

$ curl -L https://github.com/moby/moby/raw/master/contrib/check-config.sh | bash | sed -n -e 1,10p -e /CONFIG_NETFILTER/p -e /CONFIG_RT_GROUP/p
warning: /proc/config.gz does not exist, searching other paths for kernel config ...
info: reading kernel config from /usr/src/linux/.config ...

Generally Necessary:
- cgroup hierarchy: properly mounted [/sys/fs/cgroup]
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled (as module)
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_NETFILTER_XT_MARK: enabled (as module)
- CONFIG_RT_GROUP_SCHED: enabled

关于linux - Gentoo Linux : Docker container doesn't start: cgroup v2,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/66423689/

上一篇:python - Pymysql无法导入python3

下一篇:android - 在我的应用程序中防止字体大小和缩放到屏幕

相关文章:

linux - 如何找到带有标题信息的 ELF 文件/图像的大小?

php - 无法使用IP地址连接数据库服务器

javascript - Next.js 从 Docker 容器无限重新加载

sql-server - SQL Server Docker镜像之间的区别?

linux - Gentoo 中没有无线连接

linux - 无法进入 Gentoo Linux 中的文件系统目录

python - 如何通过 Python 脚本监听和报告服务器 (SSH) 连接?

linux - 在 Linux 上设置 tmpfile() 的目录

docker - Docker 容器中的时间

linux - 在 Gentoo 上安装 ElasticSearch

©2024 IT工具网  联系我们