search

nurturenature / fuzz_dist

Property testing distributed applications with fault injection and verification.
Apache License 2.0
4 stars 1 forks source link

Docker privileged:true hangs Ubuntu 20.04 #6

Closed nurturenature closed 2 years ago

nurturenature commented 2 years ago

Currently have to use volumes: cgroup vs privileged:true or Ubuntu 20.04 hard hangs when docker-composing.

Suspect it's a local dev configuration? (libc6 version or other dependencies that had to be upgraded?)

nurturenature commented 2 years ago

Think it's cgroup v1, v2, hybrid, impedance between host Ubuntu hybrid, docker v2, and container Debain hybrid interactions.

Tried forcing Ubuntu to v2:

# edit /etc/default/grub
# GRUB_CMDLINE_LINUX="systemd.unified_cgroup_hierarchy=1 systemd.legacy_systemd_cgroup_controller=0"
sudo update-grub
sudo reboot

All permutations in docker:

# commented out, :ro, :rw  
  volumes:
    - "/sys/fs/cgroup:/sys/fs/cgroup:ro"
# commented out, true, with & w/o cap_add:
privileged: true
cap_add:
  - ALL

With base Ubuntu, privileged:true hangs and required power cycle :warning:.

With GRUB explicitly using cgroup v2, container fails with various cgroup issues depending on privileged, /sys/fs/cgroup settings.

# look at cgroup usage

grep cgroup /proc/filesystems
cat /proc/self/cgroup 
stat -c"%T" -f /sys/fs/cgroup
nurturenature commented 2 years ago

Tested with current jepsen/master.

Docker logs

Bringing up an individual db node -> :boom: and a power cycle to recover.

nurturenature commented 2 years ago

LXC is required vs Docker.