From 34e2cda9ad6a20861844776abfbb45052d20c3fa Mon Sep 17 00:00:00 2001 From: Fabricio Voznika Date: Mon, 22 Feb 2021 15:54:58 -0800 Subject: Return nicer error message when cgroups v1 isn't available Updates #3481 Closes #5430 PiperOrigin-RevId: 358923208 --- runsc/container/container.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'runsc/container') diff --git a/runsc/container/container.go b/runsc/container/container.go index aae64ae1c..40812efb8 100644 --- a/runsc/container/container.go +++ b/runsc/container/container.go @@ -230,7 +230,6 @@ func New(conf *config.Config, args Args) (*Container, error) { if args.Spec.Linux.CgroupsPath == "" && !conf.TestOnlyAllowRunAsCurrentUserWithoutChroot { args.Spec.Linux.CgroupsPath = "/" + args.ID } - // Create and join cgroup before processes are created to ensure they are // part of the cgroup from the start (and all their children processes). cg, err := cgroup.New(args.Spec) @@ -238,6 +237,10 @@ func New(conf *config.Config, args Args) (*Container, error) { return nil, err } if cg != nil { + // TODO(gvisor.dev/issue/3481): Remove when cgroups v2 is supported. + if !conf.Rootless && cgroup.IsOnlyV2() { + return nil, fmt.Errorf("cgroups V2 is not yet supported. Enable cgroups V1 and retry") + } // If there is cgroup config, install it before creating sandbox process. if err := cg.Install(args.Spec.Linux.Resources); err != nil { switch { -- cgit v1.2.3