CommunityLive ChatCareersSupport
Search…
Akash Guidebook
Intro to Akash
Tokens and Wallets
Deployments
Integrations
Providers
Akash Nodes
Validating
Command Line
Features
Other Resources
Experimental
Security
Containers
Marketplace
Payments
Authentication
Akash Provider Migration Guide - 0.14.X to 0.16.3
Archived Resources
Build a Cloud Provider
Kubernetes Cluster
gVisor Issue - No system-cgroup v2 Support
Provider Networks
Powered By GitBook
gVisor Issue - No system-cgroup v2 Support

Overview of Issue

If you are using a newer systemd then your container will get stuck in ContainerCreating state on your provider with gVisor enabled.

Indication of Error

You may see the following Events in the logs upon use of kubectl describe pod
1
Warning FailedCreatePodSandBox 2m57s (x25 over 3m21s) kubelet
2
Failed to create pod sandbox: rpc error: code = Unknown desc = failed to
3
create containerd task: failed to create shim: OCI runtime create failed:
4
creating container: cgroups V2 is not yet supported. Enable cgroups V1 and\
5
retry: unknown
Copied!
1
Warning FailedCreatePodSandBox 0s (x13 over 12s) kubelet Failed to
2
create pod sandbox: rpc error: code = Unknown desc = failed to create
3
containerd task: failed to create shim: OCI runtime create failed: creating
4
container: write
5
/sys/fs/cgroup/kubepods/besteffort/pod7a38b06d-4c96-49ff-bc4a-3d8288892b3b/cgroup.procs: device or resource busy: unknown
Copied!

Cause of Error

The new systemd 247.2-2 has switched to a new "unified" cgroup hierarchy (i.e. cgroup v2) which is not supported by gVisor.
Ubuntu version 21.10 is affected.

Support References

Workaround

Apply the following on each Kubernetes node in order to switch back to cgroup v1
1
echo 'GRUB_CMDLINE_LINUX=systemd.unified_cgroup_hierarchy=false' > /etc/default/grub.d/cgroup.cfg
2
update-grub
3
reboot
Copied!
Previous
Kubernetes Cluster
Next
Provider Networks
Last modified 1mo ago
Copy link
Contents
Overview of Issue
Indication of Error
Cause of Error
Support References
Workaround