search

kata-containers / kata-containers

Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
Apache License 2.0
5.63k stars 1.07k forks source link

nerdctl -d running as detached with kata containers and containerd not working #4391

Open jack10320 opened 2 years ago

jack10320 commented 2 years ago

Description of problem

Cant run a kata container with 'nerdctl -d' as detached, 'nerdctl -it' does work normally though.

OS: Ubuntu 20.04 nerdctl: 0.20.0 containerd: containerd.io 1.6.4 212e8b6fa2f44b9c21b2798135fc6fb7c53efc16 kata: kata-runtime : 2.4.1, commit : 67d67ab66dcd20e33d70e7e5241f1c26b24f66da, OCI specs: 1.0.2-dev

Expected result

'nerdctl -d' running as detached to work with kata-containers

Actual result

kata-containers are left running in the background and nerdctl cant connect to the kata container anymore.

$ nerdctl run -d --runtime=io.containerd.kata.v2 ubuntu:20.04 tail -f /dev/null FATA[0000] stat binary:///usr/local /bin/nerdctl?_NERDCTL_INTERNAL_LOGGING=%!F(MISSING)var%!F(MISSING)lib%!F(MISSING)nerdctl%!F(MISSING)1935db59: no such file or directory: not found

$ nerdctl logs 9b3889925bf9 FATA[0000] failed to open "/var/lib/nerdctl/1935db59/containers/default/9b3889925bf988f868808f8bc867eadbef7169d371ada1a61938da069f6ec396/9b3889925bf988f868808f8bc867eadbef7169d371ada1a61938da069f6ec396-json.log", container is not created with 'nerdctl run -d'?: stat /var/lib/nerdctl/1935db59/containers/default/9b3889925bf988f868808f8bc867eadbef7169d371ada1a61938da069f6ec396/9b3889925bf988f868808f8bc867eadbef7169d371ada1a61938da069f6ec396-json.log: no such file or directory

Also cant connect with the container with nerdctl exec or remove it with nerdctl rm. (Need to kill the kata-container with 'kill -9', after that 'nerdctl rm' works again.)

While using 'nerdctl -it' does work normally.

$ nerdctl run -it --runtime=io.containerd.kata.v2 ubuntu:20.04 bash root@360ac816c41d:/# ls bin boot dev etc home lib lib32 lib64 libx32 media mnt opt proc root run sbin srv sys tmp usr var

Logs still have the same error message there though: $ nerdctl logs 360ac816c41d FATA[0000] failed to open "/var/lib/nerdctl/1935db59/containers/default/360ac816c41d9e9e21bc58728cc8c093ccacb8ec340fc8139d2e314a7707903c/360ac816c41d9e9e21bc58728cc8c093ccacb8ec340fc8139d2e314a7707903c-json.log", container is not created with 'nerdctl run -d'?: stat /var/lib/nerdctl/1935db59/containers/default/360ac816c41d9e9e21bc58728cc8c093ccacb8ec340fc8139d2e314a7707903c/360ac816c41d9e9e21bc58728cc8c093ccacb8ec340fc8139d2e314a7707903c-json.log: no such file or directory

liubin commented 2 years ago

@jack10320 thank you for your report.

Nerdctl introduced log-driver which defaulted to json-file and uses a binary log log uri, that Kata Containers can't handle yet.

Indeed ctr supports 3 types of log driver: file, binary and fifo, so there are two approach to fix this issue:

DogeFlow commented 2 years ago

same error,looking forward to a solution