Article directory
environment
# cat /etc/redhat-release
CentOS Linux release 8.0.1905 (Core)
# uname -r
4.18.0-348.rt7.130.el8.x86_64
Problems and phenomena
- The pod status is all in the status of ContainerCreating
- There are a lot of errors reported in the containerd process, mainly including:
failed to create containerd task: failed to create shim task: OCI runtime create failed: unable to retrieve OCI runtime error (open /run/containerd/io.containerd.runtime.v2.task/k8s.io/c4847070fad34a8da9b16b5c20cdc38e28a15cfcf9913d712e4fe60d8c9029f7/log.json: no such file or directory): runc did not terminate successfully: exit status 127: unknown
solution
View existing libseccomp versions
# sudo rpm -qa | grep libseccomp
libseccomp-2.3.3-3.el8.x86_64
Uninstall lower version libseccomp
# sudo rpm -e libseccomp-2.3.3-3.el8.x86_64 --nodeps
# sudo rpm -qa | grep libseccomp
#
Install a higher version libseccomp
# yum provides libseccomp
Last metadata expiration check: 0:48:39 ago on Tue 28 Mar 2023 01:49:06 PM CST.
libseccomp-2.5.2-1.el8.i686 : Enhanced seccomp library
Repo : Base
Matched from:
Provide : libseccomp = 2.5.2-1.el8
libseccomp-2.5.2-1.el8.x86_64 : Enhanced seccomp library
Repo : Base
Matched from:
Provide : libseccomp = 2.5.2-1.el8
# yum install libseccomp-2.5.2-1.el8.x86_64
Last metadata expiration check: 0:49:46 ago on Tue 28 Mar 2023 01:49:06 PM CST.
Dependencies resolved.
======================================================================================================================================================================
Package Arch Version Repository Size
======================================================================================================================================================================
Installing:
libseccomp x86_64 2.5.2-1.el8 Base 71 k
Transaction Summary
======================================================================================================================================================================
Install 1 Package
Total download size: 71 k
Installed size: 166 k
Is this ok [y/N]: y
Downloading Packages:
libseccomp-2.5.2-1.el8.x86_64.rpm 38 MB/s | 71 kB 00:00
----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total 7.0 MB/s | 71 kB 00:00
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Installing : libseccomp-2.5.2-1.el8.x86_64 1/1
Running scriptlet: libseccomp-2.5.2-1.el8.x86_64 1/1
Verifying : libseccomp-2.5.2-1.el8.x86_64 1/1
Installed:
libseccomp-2.5.2-1.el8.x86_64
Complete!
# sudo rpm -qa | grep libseccomp
libseccomp-2.5.2-1.el8.x86_64
post-resolved phenomenon
- pod status
After installation, without restarting the containerd process, you can see that the current pod status is normal
- The libseccomp libseccomp relied on in runc
is already a higher version
# runc --version
runc version 1.1.4
commit: v1.1.4-0-g5fd4c4d1
spec: 1.0.2-dev
go: go1.18.10
libseccomp: 2.5.2
principle
libseccomp needs to be higher than2.4版本
containerd.io requires libseccomp version 2.4.0 to be installed
The specific official basis has not been found yet, and a supplement will be found later
reference
Basic operation of k8s series-06-containerd Uninstall and install libeseccomp
containerd.io depends libseccomp2 ( = 2.4.0) but 2.3.1-2.1ubuntu4 is to be installed