Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

runc-shim does not support options #377

Closed
z63d opened this issue Feb 17, 2025 · 2 comments
Closed

runc-shim does not support options #377

z63d opened this issue Feb 17, 2025 · 2 comments

Comments

@z63d
Copy link

z63d commented Feb 17, 2025
edited
Loading

Start the pod using runc shim.

I set it up like this. Of course this works.

containerd/config.toml

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc-v2-rs]
  runtime_type = "/home/kaita_nakamura/rust-extensions/target/release/containerd-shim-runc-v2-rs"

Next, add SystemdCgroup options.

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc-v2-rs.options]
  SystemdCgroup = true

kubectl describe pod

  Warning  FailedCreatePodSandBox  6s (x3 over 32s)  kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: failed to start shim: start failed: io.containerd.runc.v2-rs: Other("add task to cgroup: unable to write to a control group file /sys/fs/cgroup/SystemdCgroup = true\n/cgroup.procs, value [CREATE FILE] caused by: Os { code: 2, kind: NotFound, message: \"No such file or directory\" }")
: exit status 1: unknown

Other options are similar.

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc-v2-rs.options]
  NoNewKeyring = false

  Warning  FailedCreatePodSandBox  11s   kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = failed to create containerd task: failed to start shim: start failed: io.containerd.runc.v2-rs: Other("add task to cgroup: unable to write to a control group file /sys/fs/cgroup/NoNewKeyring = false\n/cgroup.procs, value [CREATE FILE] caused by: Os { code: 2, kind: NotFound, message: \"No such file or directory\" }")
: exit status 1: unknown

background: https://cloud-native.slack.com/archives/C04LTPB6Z0V/p1739716368576559?thread_ts=1738110849.528919&cid=C04LTPB6Z0V

I tried this with runwasi but it didn't work.
So I realized something was wrong.
https://github.com/containerd/rust-extensions/blob/shim-v0.8.0/crates/runc-shim/src/runc.rs#L85-L88

time="2025-02-16T13:37:36.859682982Z" level=debug msg="runwasi: opts: Options { no_pivot_root: false, no_new_keyring: false, shim_cgroup: "NoNewKeyring = false\nSystemdCgroup = true\n", io_uid: 0, io_gid: 0, binary_name: "", root: "", criu_path: "", systemd_cgroup: false, criu_image_path: "", criu_work_path: "", special_fields: SpecialFields { unknown_fields: UnknownFields { fields: None }, cached_size: CachedSize { size: 44 } } }"
@jokemanfire
Copy link
Contributor

I think it may be runtime_type setting is not correct caused ,may be you should use type 'io.containerd.runc.v2' ,but point the runtime_path.

@z63d
Copy link
Author

z63d commented Feb 18, 2025

Thanks!
This seems to have been my mistake.
It worked with the following settings:

[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc-v2-rs]
  runtime_type = "io.containerd.runc.v2"
  runtime_path = "/home/kaita_nakamura/rust-extensions/target/release/containerd-shim-runc-v2-rs"
[plugins."io.containerd.grpc.v1.cri".containerd.runtimes.runc-v2-rs.options]
  SystemdCgroup = true

@z63d z63d closed this as completed Feb 22, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jokemanfire @z63d