Skip to content

Commit

Permalink
entrypoint: fix regression for cgroup v2
Browse files Browse the repository at this point in the history 
v2 support for `fix_cgroup()` was broken: kubernetes-sigs#2013

As CgroupNS is enabled by default on v2 hosts, we do not need to
mess around the cgroup mounts.

However, at least we need to create "/kubelet" cgroup (kubernetes-sigs#1969).

Fix kubernetes-sigs#2013

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
  • Loading branch information
@AkihiroSuda
AkihiroSuda committed Jan 20, 2021
1 parent 26637e2 commit bb4197e
Showing 1 changed file with 28 additions and 1 deletion.
29 changes: 28 additions & 1 deletion images/base/files/usr/local/bin/entrypoint
View file
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,34 @@ mount_kubelet_cgroup_root() {
}

fix_cgroup() {
echo 'INFO: fix cgroup mounts for all subsystems'
if [[ -f "/sys/fs/cgroup/cgroup.controllers" ]]; then
echo 'INFO: detected cgroup v2'
# Both Docker and Podman enable CgroupNS on cgroup v2 hosts by default.
#
# So mostly we do not need to mess around the cgroup path stuff,
# however, we still need to create the "/kubelet" cgroup at least.
# (Otherwise kubelet fails with `cgroup-root ["kubelet"] doesn't exist` error, see #1969)
#
# As we haven't launched systemd yet at this moment, we need to write
# cgroup.subtree_control so that the controllers are enabled for
# the new subtrees (i.e., the "/kubelet" cgroup).

echo 'INFO: writing /sys/fs/cgroup/cgroup.subtree_control (required for creating /kubelet cgroup)'
# Move the entrypoint shell process (PID 1) from the root group to the /init group,
# otherwise writing subtree_control fails with EBUSY.
mkdir -p /sys/fs/cgroup/init
echo 1 > /sys/fs/cgroup/init/cgroup.procs
# Enable controllers for the subtrees.
# When cgroup.controllers is like "cpu cpuset memory io pids",
# cgroup.subtree_control is written with "+cpu +cpuset +memory +io +pids" .
sed -e 's/ / +/g' -e 's/^/+/' < /sys/fs/cgroup/cgroup.controllers > /sys/fs/cgroup/cgroup.subtree_control

echo 'INFO: creating /kubelet cgroup'
mkdir -p "/sys/fs/cgroup/kubelet"
return
fi
echo 'INFO: detected cgroup v1'
echo 'INFO: fix cgroup mounts for all subsystems (cgroup v1)'
# see: https://d2iq.com/blog/running-kind-inside-a-kubernetes-cluster-for-continuous-integration
# capture initial state before modifying
local current_cgroup
Expand Down

0 comments on commit bb4197e

Please sign in to comment.