Comments (2)
Hey @willthames, are you running some kind of monitoring/security software on your nodes by any chance. If yes, it might be something similar as #5538
from containerd.
@Fricounet not as far as I can tell - we do have a few daemonset agents that could theoretically be responsible but none of them mount the host volumes that would be needed to keep the tmpmounts files open.
We also don't have anything weird running on the host outside of containers - our production instances are bottlerocket instances using AWS's AMIs
kubectl get ds -A -o custom-columns="NAMESPACE:.metadata.namespace,NAME:.metadata.name,VOLUMES:.spec.template.spec.volumes[*].hostPath.path"
NAMESPACE NAME VOLUMES
ingress-nginx nginx-ingress-controller-internal /var/lib/observability/nginx.conf
kube-system calico-node /lib/modules,/var/run/calico,/var/lib/calico,/run/xtables.lock,/sys/fs/,/sys/fs/bpf,/proc,/opt/cni/bin,/etc/cni/net.d,/var/log/calico/cni,/var/lib/cni/networks,/var/run/nodeagent
kube-system kube-proxy /var/log,/run/xtables.lock,/lib/modules
management ebs-csi-node /var/lib/kubelet,/var/lib/kubelet/plugins/ebs.csi.aws.com/,/var/lib/kubelet/plugins_registry/,/dev
management efs-csi-node /var/lib/kubelet,/var/lib/kubelet/plugins/efs.csi.aws.com/,/var/lib/kubelet/plugins_registry/,/var/run/efs,/var/amazon/efs,/etc/amazon/efs
monitoring datadog /proc,/sys/fs/cgroup,/etc/os-release,/etc/redhat-release,/etc/fedora-release,/etc/lsb-release,/etc/system-release,/var/lib/kubelet/seccomp,/sys/kernel/debug,/lib/modules,/usr/src,/var/tmp/datadog-agent/system-probe/build,/var/tmp/datadog-agent/system-probe/kernel-headers,/etc/apt,/etc/yum.repos.d,/etc/zypp,/etc/pki,/etc/yum/vars,/etc/dnf/vars,/etc/rhsm,/etc/passwd,/,/var/lib/datadog-agent/logs,/var/log/pods,/var/log/containers,/var/lib/docker/containers,/var/run
monitoring fluent-bit /var/log,/var/lib/docker/containers,/etc/machine-id
monitoring monitoring-prometheus-node-exporter /proc,/sys,/
monitoring node-outbound-exporter <none>
wiz wiz-sensor /var/lib/wiz/
from containerd.
Related Issues (20)
- oss-fuzz integration is split across (at least) 3 repositories and is fragile HOT 4
- When the overlay volatile feature is enabled, creating a pod with an image configured with anonymous volumes will fail
- When the overlay volatile feature is enabled, creating a pod with an image configured with anonymous volumes will fail HOT 1
- containerd crash - containerd[501]: [signal SIGSEGV: segmentation violation code=0x1 addr=0x129a0 pc=0x563a4cdd0d6f] HOT 1
- Need test cases for v2 loopback options HOT 2
- runtime options seem to be ignored with v2.0.0-rc.2 HOT 1
- Do not mark release/1.6 latest on release HOT 1
- Pinned images are pruned under disk pressure
- docker container with --net=host are made to use the netns of containerd instead of that of the docker daemon
- containerd client keep receiving exit events in version 1.7+ HOT 4
- Pass-through resource allocations from runtime-config (CRI) to oci-spec
- [Feat] become OCI specs v1.1.0 aware and allow picking runtime based on `artifactType` HOT 7
- pull image err
- Duplicate <none> images in images list HOT 3
- containerd-shim creates many inotify instances on AlmaLinux VM HOT 2
- containerd-shim creates many inotify instances on AlmaLinux VM HOT 1
- Allow ProxyPlugins to declare capabilities
- ctr have to delete image 3 times created by cri interface HOT 1
- Integrate with systemd watchdog for daemon health
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from containerd.