[systemd-devel] Debugging systemd in a container
Mark Clarkson
mark at smorg.co.uk
Mon May 11 13:48:27 UTC 2020
On Mon, 2020-05-11 at 15:27 +0200, Lennart Poettering wrote:
>
> https://systemd.io/CONTAINER_INTERFACE
>
> The systemd.unified_cgroup_hierarchy=1 switch is only honoured if
> cgroupfs is not yet mounted in the container, in which case systemd
> will try to mount it. Generally, it's a good idea to pre-mount it
> though, as you typically want the same cgroups logic inside and
> outside the container. systemd tries to adapt to the environment it
> runs in, and that means cgroupsv2 is used when it is already mounted
> like that, and cgroupsv1 otherwise.
>
I've read that document a good few times!
Fedora have forced the issue a bit and tools aren't fully ready. My
problem is that I need to run containers inside containers and from
what I've read cgroup2 hasn't got full functionality yet, so CRI-O
doesn't support it yet and neither does kubelet. Basic functionality
for desktops is there.
So, I'll revisit this at the next fedora release and drop back to
cgroup v1 as that works.
This still doesn't explain why when I have zero mounted cgroup v1
filesystems that systemd tries to mount a cgroup v1, but I can't debug
further - I'll end up in the kernel!
Thanks!
More information about the systemd-devel
mailing list