centos9切换cgroup兼容模式

Posted on Edited on Views:

cgroup 是 Linux 内核的一个特性,允许你限制、记录和隔离进程组的资源使用(如 CPU、内存、磁盘 I/O、网络带宽等)

env

  • centos9-stream
  • docker-v19.3

异常日志

Feb 13 12:57:39 centos9-81 systemd[1]: Starting Docker Application Container Engine...
Feb 13 12:57:39 centos9-81 dockerd[23411]: time="2025-02-13T12:57:39.660513032Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.btrfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
Feb 13 12:57:39 centos9-81 dockerd[23411]: time="2025-02-13T12:57:39.665505311Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.aufs" error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found in directory /lib/modules/5.14.0-432.el9.x86_64\n": exit status 1"
Feb 13 12:57:39 centos9-81 dockerd[23411]: time="2025-02-13T12:57:39.665980050Z" level=warning msg="failed to load plugin io.containerd.snapshotter.v1.zfs" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
Feb 13 12:57:39 centos9-81 dockerd[23411]: time="2025-02-13T12:57:39.666059256Z" level=warning msg="could not use snapshotter zfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.zfs must be a zfs filesystem to be used with the zfs snapshotter"
Feb 13 12:57:39 centos9-81 dockerd[23411]: time="2025-02-13T12:57:39.666069032Z" level=warning msg="could not use snapshotter btrfs in metadata plugin" error="path /var/lib/docker/containerd/daemon/io.containerd.snapshotter.v1.btrfs must be a btrfs filesystem to be used with the btrfs snapshotter"
Feb 13 12:57:39 centos9-81 dockerd[23411]: time="2025-02-13T12:57:39.666074007Z" level=warning msg="could not use snapshotter aufs in metadata plugin" error="modprobe aufs failed: "modprobe: FATAL: Module aufs not found in directory /lib/modules/5.14.0-432.el9.x86_64\n": exit status 1"
Feb 13 12:57:39 centos9-81 dockerd[23402]: time="2025-02-13T12:57:39.697228042Z" level=warning msg="Your kernel does not support cgroup memory limit"
Feb 13 12:57:39 centos9-81 dockerd[23402]: time="2025-02-13T12:57:39.697309670Z" level=warning msg="Unable to find cpu cgroup in mounts"
Feb 13 12:57:39 centos9-81 dockerd[23402]: time="2025-02-13T12:57:39.697327810Z" level=warning msg="Unable to find blkio cgroup in mounts"
Feb 13 12:57:39 centos9-81 dockerd[23402]: time="2025-02-13T12:57:39.697334852Z" level=warning msg="Unable to find cpuset cgroup in mounts"
Feb 13 12:57:39 centos9-81 dockerd[23402]: time="2025-02-13T12:57:39.697339307Z" level=warning msg="mountpoint for pids not found"
Feb 13 12:57:40 centos9-81 dockerd[23402]: failed to start daemon: Devices cgroup isn't mounted
Feb 13 12:57:40 centos9-81 systemd[1]: docker.service: Main process exited, code=exited, status=1/FAILURE
Feb 13 12:57:40 centos9-81 systemd[1]: docker.service: Failed with result 'exit-code'.
Feb 13 12:57:40 centos9-81 systemd[1]: Failed to start Docker Application Container Engine.

内核未启用对 cgroup内存限制的支持

开启兼容cgroup1模式

1.添加
/etc/default/grub
GRUB_CMDLINE_LINUX="cgroup_enable=memory swapaccount=1 systemd.unified_cgroup_hierarchy=0"

2.生成grub.cfg
grub2-mkconfig -o /boot/grub2/grub.cfg 

3.重启
reboot

4.检查
cat /proc/cmdline |grep cgroup_enable

或者

1.更新grub_cmdline_linux参数
grubby --update-kernel=ALL --args='systemd.unified_cgroup_hierarchy=0'

2.重启
reboot

3.检查
mount | grep cgroup

grubby --info=ALL

systemd.unified_cgroup_hierarchy参数

systemd.unified_cgroup_hierarchy=0

当设置为 0 时,systemd 会使用 兼容传统的 cgroup v1 层次结构(或混合模式),而非完全切换到 cgroup v2 统一层次结构。

  • cgroup_no_v1=all:
    • 禁用所有 cgroup v1 控制器(强制使用 cgroup v2)。
  • systemd.legacy_systemd_cgroup_controller:
    • 在混合模式下强制 systemd 使用 cgroup v1 控制器。