Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Not able to run podman inside unprivileged container in CI/CD pipeline where shared runners on K8S Cluster- UBUNTU -24 container #24605

Open
SumitSharma-007 opened this issue Nov 19, 2024 · 6 comments
Open

Not able to run podman inside unprivileged container in CI/CD pipeline where shared runners on K8S Cluster- UBUNTU -24 container #24605

SumitSharma-007 opened this issue Nov 19, 2024 · 6 comments

Comments

@SumitSharma-007
Copy link

PODMAN RUN ERROR:
$ podman run --log-level=debug --device /dev/fuse:rw --rm --network=host --privileged --security-opt label=disable --security-opt seccomp=unconfined hello-world
time="2024-11-18T14:38:27Z" level=info msg="podman filtering at log level debug"
time="2024-11-18T14:38:27Z" level=debug msg="Called run.PersistentPreRunE(podman run --log-level=debug --device /dev/fuse:rw --rm --network=host --privileged --security-opt label=disable --security-opt seccomp=unconfined hello-world)"
time="2024-11-18T14:38:27Z" level=debug msg="Using conmon: "/usr/bin/conmon""
time="2024-11-18T14:38:27Z" level=info msg="Using sqlite as database backend"
time="2024-11-18T14:38:27Z" level=debug msg="Using graph driver overlay"
time="2024-11-18T14:38:27Z" level=debug msg="Using graph root /root/.local/share/containers"
time="2024-11-18T14:38:27Z" level=debug msg="Using run root /tmp"
time="2024-11-18T14:38:27Z" level=debug msg="Using static dir /root/.local/share/containers/libpod"
time="2024-11-18T14:38:27Z" level=debug msg="Using tmp dir /run/libpod"
time="2024-11-18T14:38:27Z" level=debug msg="Using volume path /root/.local/share/containers/volumes"
time="2024-11-18T14:38:27Z" level=debug msg="Using transient store: false"
time="2024-11-18T14:38:27Z" level=debug msg="Not configuring container store"
time="2024-11-18T14:38:27Z" level=debug msg="Initializing event backend file"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime runj initialization failed: no valid executable found for OCI runtime runj: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime crun-wasm initialization failed: no valid executable found for OCI runtime crun-wasm: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime youki initialization failed: no valid executable found for OCI runtime youki: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime krun initialization failed: no valid executable found for OCI runtime krun: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime ocijail initialization failed: no valid executable found for OCI runtime ocijail: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Using OCI runtime "/usr/bin/crun""
time="2024-11-18T14:38:27Z" level=warning msg=""/" is not a shared mount, this could cause issues or missing mounts with rootless containers"
time="2024-11-18T14:38:27Z" level=info msg="podman filtering at log level debug"
time="2024-11-18T14:38:27Z" level=debug msg="Called run.PersistentPreRunE(podman run --log-level=debug --device /dev/fuse:rw --rm --network=host --privileged --security-opt label=disable --security-opt seccomp=unconfined hello-world)"
time="2024-11-18T14:38:27Z" level=debug msg="Using conmon: "/usr/bin/conmon""
time="2024-11-18T14:38:27Z" level=info msg="Using sqlite as database backend"
time="2024-11-18T14:38:27Z" level=debug msg="Using graph driver overlay"
time="2024-11-18T14:38:27Z" level=debug msg="Using graph root /root/.local/share/containers"
time="2024-11-18T14:38:27Z" level=debug msg="Using run root /tmp"
time="2024-11-18T14:38:27Z" level=debug msg="Using static dir /root/.local/share/containers/libpod"
time="2024-11-18T14:38:27Z" level=debug msg="Using tmp dir /run/libpod"
time="2024-11-18T14:38:27Z" level=debug msg="Using volume path /root/.local/share/containers/volumes"
time="2024-11-18T14:38:27Z" level=debug msg="Using transient store: false"
time="2024-11-18T14:38:27Z" level=debug msg="[graphdriver] trying provided driver "overlay""
time="2024-11-18T14:38:27Z" level=debug msg="overlay: mount_program=/usr/bin/fuse-overlayfs"
time="2024-11-18T14:38:27Z" level=debug msg="backingFs=overlayfs, projectQuotaSupported=false, useNativeDiff=false, usingMetacopy=false"
time="2024-11-18T14:38:27Z" level=debug msg="Initializing event backend file"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime runj initialization failed: no valid executable found for OCI runtime runj: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime krun initialization failed: no valid executable found for OCI runtime krun: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime crun-wasm initialization failed: no valid executable found for OCI runtime crun-wasm: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime kata initialization failed: no valid executable found for OCI runtime kata: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime runsc initialization failed: no valid executable found for OCI runtime runsc: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime youki initialization failed: no valid executable found for OCI runtime youki: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Configured OCI runtime ocijail initialization failed: no valid executable found for OCI runtime ocijail: invalid argument"
time="2024-11-18T14:38:27Z" level=debug msg="Using OCI runtime "/usr/bin/crun""
time="2024-11-18T14:38:27Z" level=debug msg="Successfully loaded 1 networks"
time="2024-11-18T14:38:27Z" level=debug msg="Initialized SHM lock manager at path /libpod_lock"
time="2024-11-18T14:38:27Z" level=debug msg="Podman detected system restart - performing state refresh"
time="2024-11-18T14:38:27Z" level=info msg="Setting parallel job count to 49"
time="2024-11-18T14:38:27Z" level=info msg="Failed to detect the owner for the current cgroup: stat /sys/fs/cgroup/systemd/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod674c78bc_9b93_4799_949b_f8446584a843.slice/crio-c990001afda51ec4dd923edde3edc559f86d8b0ef11acad73655d85e45cd46d2.scope: no such file or directory"
time="2024-11-18T14:38:27Z" level=debug msg="Successfully loaded 1 networks"
time="2024-11-18T14:38:27Z" level=debug msg="Pulling image hello-world (policy: missing)"
time="2024-11-18T14:38:27Z" level=debug msg="Looking up image "hello-world" in local containers storage"
time="2024-11-18T14:38:27Z" level=debug msg="Normalized platform linux/amd64 to {amd64 linux [] }"
time="2024-11-18T14:38:27Z" level=debug msg="Loading registries configuration "/etc/containers/registries.conf""
time="2024-11-18T14:38:27Z" level=debug msg="Loading registries configuration "/etc/containers/registries.conf.d/shortnames.conf""
time="2024-11-18T14:38:27Z" level=debug msg="Trying "docker.io/library/hello-world:latest" ..."
time="2024-11-18T14:38:27Z" level=debug msg="reference "[overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]docker.io/library/hello-world:latest" does not resolve to an image ID"
time="2024-11-18T14:38:27Z" level=debug msg="Trying "localhost/hello-world:latest" ..."
time="2024-11-18T14:38:27Z" level=debug msg="reference "[overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]localhost/hello-world:latest" does not resolve to an image ID"
time="2024-11-18T14:38:27Z" level=debug msg="Trying "docker.io/library/hello-world:latest" ..."
time="2024-11-18T14:38:27Z" level=debug msg="reference "[overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]docker.io/library/hello-world:latest" does not resolve to an image ID"
time="2024-11-18T14:38:27Z" level=debug msg="Trying "hello-world" ..."
time="2024-11-18T14:38:27Z" level=debug msg="Normalized platform linux/amd64 to {amd64 linux [] }"
time="2024-11-18T14:38:27Z" level=debug msg="Attempting to pull candidate docker.io/library/hello-world:latest for hello-world"
time="2024-11-18T14:38:27Z" level=debug msg="parsed reference into "[overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]docker.io/library/hello-world:latest""
time="2024-11-18T14:38:27Z" level=debug msg="Resolved "hello-world" as an alias (/etc/containers/registries.conf.d/shortnames.conf)"
Resolved "hello-world" as an alias (/etc/containers/registries.conf.d/shortnames.conf)
Trying to pull docker.io/library/hello-world:latest...
time="2024-11-18T14:38:27Z" level=debug msg="Copying source image //hello-world:latest to destination image [overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]docker.io/library/hello-world:latest"
time="2024-11-18T14:38:27Z" level=debug msg="Using registries.d directory /etc/containers/registries.d"
time="2024-11-18T14:38:27Z" level=debug msg="Trying to access "docker.io/library/hello-world:latest""
time="2024-11-18T14:38:27Z" level=debug msg="No credentials matching docker.io/library/hello-world found in /run/user/0/containers/auth.json"
time="2024-11-18T14:38:27Z" level=debug msg="No credentials matching docker.io/library/hello-world found in /root/.config/containers/containers/auth.json"
time="2024-11-18T14:38:27Z" level=debug msg="No credentials matching docker.io/library/hello-world found in /root/.docker/config.json"
time="2024-11-18T14:38:27Z" level=debug msg="No credentials matching docker.io/library/hello-world found in /root/.dockercfg"
time="2024-11-18T14:38:27Z" level=debug msg="No credentials for docker.io/library/hello-world found"
time="2024-11-18T14:38:27Z" level=debug msg=" No signature storage configuration found for docker.io/library/hello-world:latest, using built-in default file:///var/lib/containers/sigstore"
time="2024-11-18T14:38:27Z" level=debug msg="Looking for TLS certificates and private keys in /etc/docker/certs.d/docker.io"
time="2024-11-18T14:38:27Z" level=debug msg="GET https://registry-1.docker.io/v2/"
time="2024-11-18T14:38:27Z" level=debug msg="Ping https://registry-1.docker.io/v2/ status 401"
time="2024-11-18T14:38:27Z" level=debug msg="GET https://auth.docker.io/token?scope=repository%3Alibrary%2Fhello-world%3Apull&service=registry.docker.io"
time="2024-11-18T14:38:27Z" level=debug msg="GET https://registry-1.docker.io/v2/library/hello-world/manifests/latest"
time="2024-11-18T14:38:28Z" level=debug msg="Content-Type from manifest GET is "application/vnd.oci.image.index.v1+json""
time="2024-11-18T14:38:28Z" level=debug msg="Using SQLite blob info cache at /var/lib/containers/cache/blob-info-cache-v1.sqlite"
time="2024-11-18T14:38:28Z" level=debug msg="Source is a manifest list; copying (only) instance sha256:e2fc4e5012d16e7fe466f5291c476431beaa1f9b90a5c2125b493ed28e2aba57 for current system"
time="2024-11-18T14:38:28Z" level=debug msg="GET https://registry-1.docker.io/v2/library/hello-world/manifests/sha256:e2fc4e5012d16e7fe466f5291c476431beaa1f9b90a5c2125b493ed28e2aba57"
time="2024-11-18T14:38:28Z" level=debug msg="Content-Type from manifest GET is "application/vnd.oci.image.manifest.v1+json""
time="2024-11-18T14:38:28Z" level=debug msg="IsRunningImageAllowed for image docker:docker.io/library/hello-world:latest"
time="2024-11-18T14:38:28Z" level=debug msg=" Using default policy section"
time="2024-11-18T14:38:28Z" level=debug msg=" Requirement 0: allowed"
time="2024-11-18T14:38:28Z" level=debug msg="Overall: allowed"
time="2024-11-18T14:38:28Z" level=debug msg="Downloading /v2/library/hello-world/blobs/sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a"
time="2024-11-18T14:38:28Z" level=debug msg="GET https://registry-1.docker.io/v2/library/hello-world/blobs/sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a"
Getting image source signatures
time="2024-11-18T14:38:28Z" level=debug msg="Reading /var/lib/containers/sigstore/library/hello-world@sha256=e2fc4e5012d16e7fe466f5291c476431beaa1f9b90a5c2125b493ed28e2aba57/signature-1"
time="2024-11-18T14:38:28Z" level=debug msg="Not looking for sigstore attachments: disabled by configuration"
time="2024-11-18T14:38:28Z" level=debug msg="Manifest has MIME type application/vnd.oci.image.manifest.v1+json, ordered candidate list [application/vnd.oci.image.manifest.v1+json, application/vnd.docker.distribution.manifest.v2+json, application/vnd.docker.distribution.manifest.v1+prettyjws, application/vnd.docker.distribution.manifest.v1+json]"
time="2024-11-18T14:38:28Z" level=debug msg="... will first try using the original manifest unmodified"
Copying blob sha256:c1ec31eb59444d78df06a974d155e597c894ab4cda84f08294145e845394988e
time="2024-11-18T14:38:28Z" level=debug msg="Checking if we can reuse blob sha256:c1ec31eb59444d78df06a974d155e597c894ab4cda84f08294145e845394988e: general substitution = true, compression for MIME type "application/vnd.oci.image.layer.v1.tar+gzip" = true"
time="2024-11-18T14:38:28Z" level=debug msg="Failed to retrieve partial blob: convert_images not configured"
time="2024-11-18T14:38:28Z" level=debug msg="Downloading /v2/library/hello-world/blobs/sha256:c1ec31eb59444d78df06a974d155e597c894ab4cda84f08294145e845394988e"
time="2024-11-18T14:38:28Z" level=debug msg="GET https://registry-1.docker.io/v2/library/hello-world/blobs/sha256:c1ec31eb59444d78df06a974d155e597c894ab4cda84f08294145e845394988e"
time="2024-11-18T14:38:28Z" level=debug msg="Detected compression format gzip"
time="2024-11-18T14:38:28Z" level=debug msg="Using original blob without modification"
time="2024-11-18T14:38:28Z" level=debug msg="Applying tar in /root/.local/share/containers/overlay/ac28800ec8bb38d5c35b49d45a6ac4777544941199075dff8c4eb63e093aa81e/diff"
Copying config sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a
time="2024-11-18T14:38:28Z" level=debug msg="No compression detected"
time="2024-11-18T14:38:28Z" level=debug msg="Compression change for blob sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a ("application/vnd.oci.image.config.v1+json") not supported"
time="2024-11-18T14:38:28Z" level=debug msg="Using original blob without modification"
Writing manifest to image destination
time="2024-11-18T14:38:28Z" level=debug msg="setting image creation date to 2023-05-02 16:49:27 +0000 UTC"
time="2024-11-18T14:38:28Z" level=debug msg="created new image ID "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a" with metadata "{}""
time="2024-11-18T14:38:28Z" level=debug msg="added name "docker.io/library/hello-world:latest" to image "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="Pulled candidate docker.io/library/hello-world:latest successfully"
time="2024-11-18T14:38:28Z" level=debug msg="Looking up image "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a" in local containers storage"
time="2024-11-18T14:38:28Z" level=debug msg="Trying "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a" ..."
time="2024-11-18T14:38:28Z" level=debug msg="parsed reference into "[overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]@d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="Found image "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a" as "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a" in local containers storage"
time="2024-11-18T14:38:28Z" level=debug msg="Found image "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a" as "d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a" in local containers storage ([overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]@d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a)"
time="2024-11-18T14:38:28Z" level=debug msg="exporting opaque data as blob "sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="Looking up image "hello-world" in local containers storage"
time="2024-11-18T14:38:28Z" level=debug msg="Normalized platform linux/amd64 to {amd64 linux [] }"
time="2024-11-18T14:38:28Z" level=debug msg="Trying "docker.io/library/hello-world:latest" ..."
time="2024-11-18T14:38:28Z" level=debug msg="parsed reference into "[overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]@d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="Found image "hello-world" as "docker.io/library/hello-world:latest" in local containers storage"
time="2024-11-18T14:38:28Z" level=debug msg="Found image "hello-world" as "docker.io/library/hello-world:latest" in local containers storage ([overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]@d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a)"
time="2024-11-18T14:38:28Z" level=debug msg="exporting opaque data as blob "sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="Inspecting image d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a"
time="2024-11-18T14:38:28Z" level=debug msg="exporting opaque data as blob "sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="Inspecting image d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a"
time="2024-11-18T14:38:28Z" level=debug msg="Inspecting image d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a"
time="2024-11-18T14:38:28Z" level=debug msg="Inspecting image d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a"
time="2024-11-18T14:38:28Z" level=debug msg="using systemd mode: false"
time="2024-11-18T14:38:28Z" level=debug msg="Non-CDI device /dev/fuse:rw; assuming standard device"
time="2024-11-18T14:38:28Z" level=info msg="Sysctl net.ipv4.ping_group_range=0 0 ignored in containers.conf, since Network Namespace set to host"
time="2024-11-18T14:38:28Z" level=debug msg="Allocated lock 0 for container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae"
time="2024-11-18T14:38:28Z" level=debug msg="parsed reference into "[overlay@/root/.local/share/containers+/tmp:overlay.mount_program=/usr/bin/fuse-overlayfs,overlay.mountopt=nodev,xino=off]@d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="exporting opaque data as blob "sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-18T14:38:28Z" level=debug msg="Created container "d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae""
time="2024-11-18T14:38:28Z" level=debug msg="Container "d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae" has work directory "/root/.local/share/containers/overlay-containers/d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae/userdata""
time="2024-11-18T14:38:28Z" level=debug msg="Container "d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae" has run directory "/tmp/overlay-containers/d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae/userdata""
time="2024-11-18T14:38:28Z" level=debug msg="Not attaching to stdin"
time="2024-11-18T14:38:28Z" level=info msg="Received shutdown.Stop(), terminating!" PID=51
time="2024-11-18T14:38:28Z" level=debug msg="Enabling signal proxying"
time="2024-11-18T14:38:28Z" level=debug msg="overlay: mount_data=lowerdir=/root/.local/share/containers/overlay/l/2WWYIAOTHEQVOJNHPJREJU5LV7,upperdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/diff,workdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/work,xino=off,volatile"
time="2024-11-18T14:38:28Z" level=error msg="Unmounting /root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/merged: invalid argument"
time="2024-11-18T14:38:28Z" level=debug msg="Failed to mount container "d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae": creating overlay mount to /root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/merged, mount_data="lowerdir=/root/.local/share/containers/overlay/l/2WWYIAOTHEQVOJNHPJREJU5LV7,upperdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/diff,workdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/work,xino=off,volatile": using mount program /usr/bin/fuse-overlayfs: unknown argument ignored: lazytime\nunknown argument ignored: xino=off\nfuse: device not found, try 'modprobe fuse' first\nfuse-overlayfs: cannot mount: No such file or directory\n: exit status 1"
time="2024-11-18T14:38:28Z" level=debug msg="Network is already cleaned up, skipping..."
time="2024-11-18T14:38:28Z" level=debug msg="Cleaning up container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae"
time="2024-11-18T14:38:28Z" level=debug msg="Network is already cleaned up, skipping..."
time="2024-11-18T14:38:28Z" level=debug msg="Container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae storage is already unmounted, skipping..."
time="2024-11-18T14:38:28Z" level=debug msg="Removing container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae"
time="2024-11-18T14:38:28Z" level=debug msg="Cleaning up container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae"
time="2024-11-18T14:38:28Z" level=debug msg="Network is already cleaned up, skipping..."
time="2024-11-18T14:38:28Z" level=debug msg="Container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae storage is already unmounted, skipping..."
time="2024-11-18T14:38:28Z" level=debug msg="Removing all exec sessions for container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae"
time="2024-11-18T14:38:28Z" level=debug msg="Container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae storage is already unmounted, skipping..."
time="2024-11-18T14:38:28Z" level=debug msg="ExitCode msg: "mounting storage for container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae: creating overlay mount to /root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/merged, mount_data=\"lowerdir=/root/.local/share/containers/overlay/l/2wwyiaotheqvojnhpjreju5lv7,upperdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/diff,workdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/work,xino=off,volatile\": using mount program /usr/bin/fuse-overlayfs: unknown argument ignored: lazytime\nunknown argument ignored: xino=off\nfuse: device not found, try 'modprobe fuse' first\nfuse-overlayfs: cannot mount: no such file or directory\n: exit status 1""
Error: mounting storage for container d177806b3b74e86fe11104f807616cf1dedf46b119ddb765c0b863587a2564ae: creating overlay mount to /root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/merged, mount_data="lowerdir=/root/.local/share/containers/overlay/l/2WWYIAOTHEQVOJNHPJREJU5LV7,upperdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/diff,workdir=/root/.local/share/containers/overlay/29c1dabe501175a81b30861ea99bdc71989d68e15ac9d92d2c26694f5834d2a4/work,xino=off,volatile": using mount program /usr/bin/fuse-overlayfs: unknown argument ignored: lazytime
unknown argument ignored: xino=off
fuse: device not found, try 'modprobe fuse' first
fuse-overlayfs: cannot mount: No such file or directory
: exit status 1
time="2024-11-18T14:38:28Z" level=debug msg="Shutting down engines"
time="2024-11-18T14:38:28Z" level=debug msg="Failed to add pause process to systemd sandbox cgroup: dial unix /run/systemd/private: connect: no such file or directory"
@SumitSharma-007 SumitSharma-007 changed the title Not able to run podman inside unprivileged container in CI/CD pipeline where shared runners on K8S Cluster Not able to run podman inside unprivileged container in CI/CD pipeline where shared runners on K8S Cluster- UBUNTU -24 container Nov 19, 2024
@SumitSharma-007
Copy link
Author

$ podman info
time="2024-11-12T14:52:35Z" level=warning msg=""/" is not a shared mount, this could cause issues or missing mounts with rootless containers"
host:
arch: amd64
buildahVersion: 1.33.7
cgroupControllers: []
cgroupManager: cgroupfs
cgroupVersion: v1
conmon:
package: conmon_2.1.10+ds1-1build2_amd64
path: /usr/bin/conmon
version: 'conmon version 2.1.10, commit: unknown'
cpuUtilization:
idlePercent: 93.2
systemPercent: 1.31
userPercent: 5.49
cpus: 16
databaseBackend: sqlite
distribution:
codename: noble
distribution: ubuntu
version: "24.04"
eventLogger: file
freeLocks: 2048
hostname: runner-evwd9y5x-project-118874-concurrent-0-y95frg8m
idMappings:
gidmap: null
uidmap: null
kernel: 5.14.0-427.37.1.el9_4.x86_64
linkmode: dynamic
logDriver: k8s-file
memFree: 39609458688
memTotal: 134915694592
networkBackend: netavark
networkBackendInfo:
backend: netavark
dns:
package: aardvark-dns_1.4.0-5_amd64
path: /usr/lib/podman/aardvark-dns
version: aardvark-dns 1.4.0
package: netavark_1.4.0-4_amd64
path: /usr/lib/podman/netavark
version: netavark 1.4.0
ociRuntime:
name: crun
package: crun_1.14.1-1_amd64
path: /usr/bin/crun
version: |-
crun version 1.14.1
commit: de537a7965bfbe9992e2cfae0baeb56a08128171
rundir: /run/user/0/crun
spec: 1.0.0
+SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +WASM:wasmedge +YAJL
os: linux
pasta:
executable: /usr/bin/pasta
package: passt_0.0~git20240220.1e6f92b-1_amd64
version: |
pasta unknown version
Copyright Red Hat
GNU General Public License, version 2 or later
https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
remoteSocket:
exists: false
path: /run/podman/podman.sock
security:
apparmorEnabled: false
capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
rootless: false
seccompEnabled: true
seccompProfilePath: /usr/share/containers/seccomp.json
selinuxEnabled: false
serviceIsRemote: false
slirp4netns:
executable: /usr/bin/slirp4netns
package: slirp4netns_1.2.1-1build2_amd64
version: |-
slirp4netns version 1.2.1
commit: 09e31e92fa3d2a1d3ca261adaeb012c8d75a8194
libslirp: 4.7.0
SLIRP_CONFIG_VERSION_MAX: 4
libseccomp: 2.5.5
swapFree: 0
swapTotal: 0
uptime: 350h 3m 39.00s (Approximately 14.58 days)
variant: ""
plugins:
authorization: null
log:

  • k8s-file
  • none
  • passthrough
  • journald
    network:
  • bridge
  • macvlan
  • ipvlan
    volume:
  • local
    registries: {}
    store:
    configFile: /root/.config/containers/storage.conf
    containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
    graphDriverName: overlay
    graphOptions:
    overlay.mount_program:
    Executable: /usr/bin/fuse-overlayfs
    Package: fuse-overlayfs_1.13-1_amd64
    Version: |-
    fusermount3 version: 3.14.0
    fuse-overlayfs: version 1.13-dev
    FUSE library version 3.14.0
    using FUSE kernel interface version 7.31
    overlay.mountopt: xattr_permissions=2,threaded=1
    graphRoot: /root/.local/share/containers
    graphRootAllocated: 536322486272
    graphRootUsed: 254672621568
    graphStatus:
    Backing Filesystem: overlayfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Supports shifting: "true"
    Supports volatile: "true"
    Using metacopy: "false"
    imageCopyTmpDir: /var/tmp
    imageStore:
    number: 0
    runRoot: /tmp
    transientStore: false
    volumePath: /root/.local/share/containers/volumes
    version:
    APIVersion: 4.9.3
    Built: 0
    BuiltTime: Thu Jan 1 00:00:00 1970
    GitCommit: ""
    GoVersion: go1.22.2
    Os: linux
    OsArch: linux/amd64
    Version: 4.9.3

@Luap99
Copy link
Member

Luap99 commented Nov 19, 2024

Did you try to tun modprobe fuse on the host first? IF the fuse module is not loaded and cannot be loaded automatically in the container then there is no way to use fuse-overlayfs

@SumitSharma-007
Copy link
Author

Yes, fuse is not loaded in the container also modprobe is throwing below error
modprobe: FATAL: Module fuse not found in directory /lib/modules/5.14.0-427.37.1.el9_4.x86_64

I was trying to use VFS driver. It's giving some other error

time="2024-11-19T12:38:29Z" level=debug msg="exporting opaque data as blob "sha256:d2c94e258dcb3c5ac2798d32e1249e42ef01cba4841c2234249495f87264ac5a""
time="2024-11-19T12:38:29Z" level=debug msg="Created container "939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f""
time="2024-11-19T12:38:29Z" level=debug msg="Container "939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f" has work directory "/root/.local/share/containers/vfs-containers/939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f/userdata""
time="2024-11-19T12:38:29Z" level=debug msg="Container "939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f" has run directory "/tmp/vfs-containers/939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f/userdata""
time="2024-11-19T12:38:29Z" level=info msg="Received shutdown.Stop(), terminating!" PID=48
time="2024-11-19T12:38:29Z" level=debug msg="Enabling signal proxying"
time="2024-11-19T12:38:29Z" level=debug msg="Mounted container "939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f" at "/root/.local/share/containers/vfs/dir/1271c8cd58d717ba315b9cf691b27e38caffc315f9375bd3a63f7dfa88dd0a90""
time="2024-11-19T12:38:29Z" level=debug msg="Created root filesystem for container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f at /root/.local/share/containers/vfs/dir/1271c8cd58d717ba315b9cf691b27e38caffc315f9375bd3a63f7dfa88dd0a90"
time="2024-11-19T12:38:29Z" level=debug msg="/etc/system-fips does not exist on host, not mounting FIPS mode subscription"
time="2024-11-19T12:38:29Z" level=debug msg="Setting Cgroup path for container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f to /libpod_parent/libpod-939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f"
time="2024-11-19T12:38:29Z" level=debug msg="reading hooks from /usr/share/containers/oci/hooks.d"
time="2024-11-19T12:38:29Z" level=debug msg="Workdir "/" resolved to host path "/root/.local/share/containers/vfs/dir/1271c8cd58d717ba315b9cf691b27e38caffc315f9375bd3a63f7dfa88dd0a90""
time="2024-11-19T12:38:29Z" level=debug msg="Created OCI spec for container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f at /root/.local/share/containers/vfs-containers/939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f/userdata/config.json"
time="2024-11-19T12:38:29Z" level=debug msg="/usr/bin/conmon messages will be logged to syslog"
time="2024-11-19T12:38:29Z" level=debug msg="running conmon: /usr/bin/conmon" args="[--api-version 1 -c 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f -u 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f -r /usr/bin/crun -b /root/.local/share/containers/vfs-containers/939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f/userdata -p /tmp/vfs-containers/939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f/userdata/pidfile -n wonderful_davinci --exit-dir /run/libpod/exits --full-attach -l k8s-file:/root/.local/share/containers/vfs-containers/939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f/userdata/ctr.log --log-level debug --syslog -t --conmon-pidfile /tmp/vfs-containers/939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f/userdata/conmon.pid --exit-command /usr/bin/podman --exit-command-arg --root --exit-command-arg /root/.local/share/containers --exit-command-arg --runroot --exit-command-arg /tmp --exit-command-arg --log-level --exit-command-arg debug --exit-command-arg --cgroup-manager --exit-command-arg cgroupfs --exit-command-arg --tmpdir --exit-command-arg /run/libpod --exit-command-arg --network-config-dir --exit-command-arg --exit-command-arg --network-backend --exit-command-arg netavark --exit-command-arg --volumepath --exit-command-arg /root/.local/share/containers/volumes --exit-command-arg --db-backend --exit-command-arg sqlite --exit-command-arg --transient-store=false --exit-command-arg --runtime --exit-command-arg crun --exit-command-arg --storage-driver --exit-command-arg vfs --exit-command-arg --events-backend --exit-command-arg file --exit-command-arg --syslog --exit-command-arg container --exit-command-arg cleanup --exit-command-arg --rm --exit-command-arg 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f]"
time="2024-11-19T12:38:29Z" level=warning msg="Failed to add conmon to cgroupfs sandbox cgroup: creating cgroup for cpuset: mkdir /sys/fs/cgroup/cpuset/libpod_parent: read-only file system"
time="2024-11-19T12:38:29Z" level=debug msg="Cleaning up container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f"
time="2024-11-19T12:38:29Z" level=debug msg="Network is already cleaned up, skipping..."
time="2024-11-19T12:38:29Z" level=debug msg="Unmounted container "939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f""
time="2024-11-19T12:38:29Z" level=debug msg="Removing container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f"
time="2024-11-19T12:38:29Z" level=debug msg="Cleaning up container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f"
time="2024-11-19T12:38:29Z" level=debug msg="Network is already cleaned up, skipping..."
time="2024-11-19T12:38:29Z" level=debug msg="Container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f storage is already unmounted, skipping..."
time="2024-11-19T12:38:29Z" level=debug msg="Removing all exec sessions for container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f"
time="2024-11-19T12:38:29Z" level=debug msg="Container 939fcb035d6389987a4ead6d06d02ed92130e4b1c99702ce81d0d66533f1ba0f storage is already unmounted, skipping..."
time="2024-11-19T12:34:04Z" level=debug msg="Removing all exec sessions for container 64c0cc4c44e05331ac916e0d9e8976cb11e9563b357bed2febc63db2e91eb6bf"
time="2024-11-19T12:34:04Z" level=debug msg="Container 64c0cc4c44e05331ac916e0d9e8976cb11e9563b357bed2febc63db2e91eb6bf storage is already unmounted, skipping..."
time="2024-11-19T12:34:04Z" level=debug msg="ExitCode msg: "container create failed (no logs from conmon): conmon bytes \"\":
time="2024-11-19T12:34:04Z" level=debug msg="ExitCode msg: "container create failed (no logs from conmon): conmon bytes \"\": readobjectstart: expect { or n, but found \x00, error found in #0 byte of ...||..., bigger context ...||...""
Error: container create failed (no logs from conmon): conmon bytes "": readObjectStart: expect { or n, but found error found in #0 byte of ...||..., bigger context ...||...
time="2024-11-19T12:34:04Z" level=debug msg="Shutting down engines"
time="2024-11-19T12:34:04Z" level=debug msg="Failed to add pause process to systemd sandbox cgroup: dial unix /run/systemd/private: connect: no such file or directory"

Any suggestion?

@Luap99
Copy link
Member

Luap99 commented Nov 19, 2024

Did you run the modprobe command the the actual host? You should load kernel modules from the host.

The container create failed (no logs from conmon): conmon bytes error means conmon is crashing. You may need to run with strace -f to find out what going on there.

@SumitSharma-007
Copy link
Author

SumitSharma-007 commented Nov 20, 2024
edited
Loading

I dont have access to host to run modprobe. I tried strace -f ...but that was not coming out i have the trace

I tried with vfs driver and disabling cgroup....i got above error of conmon crashing... if i enable cgroup i got below error

Writing manifest to image destination
time="2024-11-20T04:19:47Z" level=warning msg="Failed to add conmon to cgroupfs sandbox cgroup: creating cgroup for cpu: mkdir /sys/fs/cgroup/cpu/libpod_parent: read-only file system"
Error: crun: creating cgroup directory /sys/fs/cgroup/cpuset/libpod_parent/libpod-56f8778fd8824a7c8484807fd1d057fe20a94a5bc3d0150630c7a6c75a56db9a: No such file or directory: OCI runtime attempted to invoke a command that was not found

@SumitSharma-007
Copy link
Author

SumitSharma-007 commented Nov 20, 2024
edited
Loading

cgroup is mount on tmpfs in rw
I have some strace snapshot as it's too big around 50k lines:

strace -f podman run --privileged --network=host --security-opt label=disable --security-opt seccomp=unconfined --security-opt apparmor=unconfined --rm -it hello-world�[0;m
execve("/usr/bin/podman", ["podman", "run", "--privileged", "--network=host", "--security-opt", "label=disable", "--security-opt", "seccomp=unconfined", "--security-opt", "apparmor=unconfined", "--rm", "-it", "hello-world"], 0x7fffeb326438 /* 173 vars */) = 0
brk(NULL) = 0x45fb000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a8e3a7000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=9059, ...}) = 0
mmap(NULL, 9059, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f1a8e3a4000
close(3) = 0
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libsubid.so.4", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=41248, ...}) = 0
mmap(NULL, 40376, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f1a8e39a000
mmap(0x7f1a8e39c000, 20480, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f1a8e39c000
mmap(0x7f1a8e3a1000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f1a8e3a1000
mmap(0x7f1a8e3a2000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x8000) = 0x7f1a8e3a200

openat(AT_FDCWD, "/proc/self/maps", O_RDONLY|O_CLOEXEC) = 3
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
read(3, "00400000-00406000 r--p 00000000 "..., 1024) = 1024
read(3, " /usr/lib/x86_64-linux-gnu/"..., 1024) = 1024
read(3, "--p 00005000 08:04 34022092 "..., 1024) = 1024
read(3, "34.0\n7f1a8ddc3000-7f1a8ddd9000 r"..., 1024) = 1024
read(3, "00-7f1a8ddfb000 rw-p 00013000 08"..., 1024) = 1024
read(3, "r--p 00029000 08:04 34022183 "..., 1024) = 1024
read(3, "xp 00028000 08:04 34022089 "..., 1024) = 1024
read(3, "nux-gnu/libseccomp.so.2.5.5\n7f1a"..., 1024) = 1024
read(3, "libgpgme.so.11.27.0\n7f1a8e22f000"..., 1024) = 1024
read(3, "e39c000-7f1a8e3a1000 r-xp 000020"..., 1024) = 1024
read(3, "0038000 08:04 33976052 "..., 1024) = 413
close(3) = 0
sched_getaffinity(39, 32, [0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15]) = 8
sched_getaffinity(0, 8192, [0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15]) = 8
openat(AT_FDCWD, "/sys/kernel/mm/transparent_hugepage/hpage_pmd_size", O_RDONLY) = 3
read(3, "2097152\n", 20) = 8
close(3) = 0
mmap(NULL, 262144, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a8dc98000
mmap(NULL, 131072, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a8dc78000
mmap(NULL, 1048576, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a8db78000
mmap(NULL, 8388608, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a8d378000
mmap(NULL, 67108864, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a89378000
mmap(NULL, 536870912, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a69378000
mmap(NULL, 536870912, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a49378000
mmap(0xc000000000, 67108864, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xc000000000
mmap(NULL, 33554432, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a47378000
madvise(0x7f1a47378000, 33554432, MADV_NOHUGEPAGE) = 0
mmap(NULL, 68624, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a47367000
mmap(0xc000000000, 4194304, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xc000000000
mmap(0x7f1a8dc78000, 131072, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1a8dc78000
mmap(0x7f1a8dbf8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1a8dbf8000
mmap(0x7f1a8d77e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1a8d77e000
mmap(0x7f1a8b3a8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1a8b3a8000
mmap(0x7f1a794f8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1a794f8000
mmap(0x7f1a594f8000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f1a594f8000
mmap(NULL, 1048576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a47267000
madvise(0x7f1a47267000, 1048576, MADV_NOHUGEPAGE) = 0
mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a47257000
mmap(NULL, 65536, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f1a47247000
rt_sigprocmask(SIG_SETMASK, NULL, [], 8) = 0
fcntl(0, F_GETFD) = 0
fcntl(1, F_GETFD) = 0
fcntl(2, F_GETFD) = 0
sigaltstack(NULL, {ss_sp=NULL, ss_flags=SS_DISABLE, ss_size=0}) = 0
sigaltstack({ss_sp=0xc000008000, ss_flags=0, ss_size=32768}, NULL) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
gettid() = 39
rt_sigaction(SIGHUP, NULL, {sa_handler=SIG_DFL, sa_mask=[], sa_flags=0}, 8) = 0

futex(0xc000100148, FUTEX_WAIT_PRIVATE, 0, NULL <unfinished ...>
[pid 39] statfs("/sys/fs/cgroup", <unfinished ...>
[pid 45] munmap(0x7f1a2c000000, 67108864 <unfinished ...>
[pid 39] <... statfs resumed>{f_type=TMPFS_MAGIC, f_bsize=4096, f_blocks=16469200, f_bfree=16469200, f_bavail=16469200, f_files=16469200, f_ffree=16469182, f_fsid={val=[0x5adfd9c3, 0x68289045]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NODEV|ST_NOEXEC|ST_RELATIME}) = 0
[pid 45] <... munmap resumed>) = 0

pid 58] geteuid() = 0
[pid 58] openat(AT_FDCWD, "/proc/self/cgroup", O_RDONLY|O_CLOEXEC) = 7
[pid 58] fcntl(7, F_GETFL) = 0x8000 (flags O_RDONLY|O_LARGEFILE)
[pid 58] fcntl(7, F_SETFL, O_RDONLY|O_NONBLOCK|O_LARGEFILE) = 0
[pid 58] epoll_ctl(4, EPOLL_CTL_ADD, 7, {events=EPOLLIN|EPOLLOUT|EPOLLRDHUP|EPOLLET, data={u32=811597844, u64=9218618161704730644}}) = -1 EPERM (Operation not permitted)
[pid 58] fcntl(7, F_GETFL) = 0x8800 (flags O_RDONLY|O_NONBLOCK|O_LARGEFILE)
[pid 58] fcntl(7, F_SETFL, O_RDONLY|O_LARGEFILE) = 0
[pid 58] read(7, "13:hugetlb:/kubepods.slice/kubep"..., 4096) = 2508
[pid 58] newfstatat(AT_FDCWD, "/sys/fs/cgroup/systemd/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod34dc95bc_d4c7_4752_b503_43a263b41892.slice/crio-5b33bc2ea5a0194bef8428ae8195eac34f507167059524b22f99edc55a0747b5.scope", 0xc00034ab98, 0) = -1 ENOENT (No such file or directory)
[pid 58] close(7) = 0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Luap99 @SumitSharma-007