Comments (8)
This issue is currently awaiting triage.
If a SIG or subproject determines this is a relevant issue, they will accept it by applying the triage/accepted
label and provide further guidance.
The triage/accepted
label can be added by org members by writing /triage accepted
in a comment.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
from kubernetes.
/sig node security
from kubernetes.
related pr #117050
issue #117045
from kubernetes.
/assign
from kubernetes.
hi @MetalPinguinInc , if you use containerd
in k8s >= 1.28, you will still see error message:
cannot load seccomp profile
use contaienrd
as coantienr runtime
minikube start --kubernetes-version=1.28.1 --container-runtime=containerd
I guess this is caused by different container runtimes, and your cri should be docker
from kubernetes.
hi @chengjoey on my own baremetal clusters I am indeed running Docker with containerd as the container runtime and cri-dockerd as a shim between Kubernetes and Docker.
I can indeed confirm that using containerd as the runtime directly, seems to correctly throw the error in minikube. This has left me confused. Without using the --container-runtime=containerd
flag, both minikube start --kubernetes-version=1.28.1
and minikube start --kubernetes-version=1.27
report exactly the same docker versions:
> docker version
Client:
Version: 24.0.7
API version: 1.43
Go version: go1.20.10
Git commit: afdd53b
Built: Thu Oct 26 09:04:00 2023
OS/Arch: linux/amd64
Context: default
Server: Docker Engine - Community
Engine:
Version: 24.0.7
API version: 1.43 (minimum version 1.12)
Go version: go1.20.10
Git commit: 311b9ff
Built: Thu Oct 26 09:05:28 2023
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: v1.7.8
GitCommit: 8e4b0bde866788eec76735cc77c4720144248fb7
runc:
Version: 1.1.9
GitCommit: ccaecfcbc907d70a7aa870a6650887b901b25b82
docker-init:
Version: 0.19.0
GitCommit: de40ad0
I am slightly confused by the terminology here: Kubernetes can run on both Docker (in which case you also need cri-dockerd) and Containerd, but Docker uses containerd as its container runtime anyway. When I started using Kubernetes only Docker was used, is there any reason to still have docker in the mix or is this mostly still supported for backwards compatibility and is using containerd with kubernetes directly a more streamlined approach?
In anycase, could it be that the issue lies in how Kubernetes communicates security options to Docker in versions >= 1.28? Since the Docker version is the same between 1.28 and 1.27 it seems unlikely that this is a issue in Docker.
from kubernetes.
It sounds like this is an issue with cri-dockerd, not kubernetes. I'd be curious how cri-o handles it, but if you wish to keep using cri-dockerd and want this situation fixed, I recommend opening an issue with them.
/close
please reopen if you think there's something wrong with kubernetes :)
from kubernetes.
@haircommander: Closing this issue.
In response to this:
It sounds like this is an issue with cri-dockerd, not kubernetes. I'd be curious how cri-o handles it, but if you wish to keep using cri-dockerd and want this situation fixed, I recommend opening an issue with them.
/close
please reopen if you think there's something wrong with kubernetes :)
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.
from kubernetes.
Related Issues (20)
- Free $100 Google Play Gift Card Codes 2024 - How to get Google Play Gift Cards for FREE! HOT 5
- Free Google Gift Card (Redeem Code) Generator 2024 HOT 4
- $100 Free Google Play Gift Card Codes Instantly 2024 HOT 4
- NEW*FREE Google Play Gift Cards (EASY) - $100 Redeem Google Play Gift Card Codes HOT 4
- Free Google Play Gift Card Codes - Free Redeem Codes 2024! HOT 4
- Bingo Blitz Free Credits 2024 - Freebies Promo Codes Rewards HOT 4
- β[[FReE!!]]βBingo Blitz Free Credits 2024 - Freebies Promo Codes Rewards HOT 4
- Bingo Blitz Free Credits - Get Bingo- Unlimited Free Coins & Power Ups Hack 2024 HOT 4
- Bingo Blitz Cheat Coins For Mobile π΅ Guide MOD Bingo Blitz π Money For Free !! HOT 4
- Bingo Blitz Free Credits - Get Bingo Blitz Promo Codes 2024 NOW! HOT 4
- Provide support on Windows for CPUManagerPolicy HOT 2
- [Flaking Test] gce-ubuntu-master-containerd (connection reset by peer) HOT 16
- Container runtime network not ready" networkReady="NetworkReady=false reason:NetworkPluginNotReady message:Network plugin returns error: cni plugin not initialized HOT 4
- kubeadm init failed. HOT 11
- [Flaking Test] Kubernetes e2e suite.[It] [sig-api-machinery] Aggregator Should be able to support the 1.17 Sample API Server using the current Aggregator [Conformance] HOT 5
- The connection to the server Master_IP:6443 was refused - did you specify the right host or port? HOT 5
- Named ports in initContainer sidecars do not work with NetworkPolicies HOT 10
- Documentation : Bad information about restartPolicy HOT 2
- False "v1 Binding is deprecated in v1.6+" warning for pods/bindings sub-resource HOT 5
- Kubernetes 1.30 and containerd 1.7.16 onpremise setup, pods networking is not working containerd status is failing HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from kubernetes.