Yocto and Podman – your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded

  docker, linux, podman, yocto

I have been going through this walk-through to get Podman running on an Allwinner-based Orange Pi board using Yocto. My setup is running an OrangePi Plus 2E board. Additionally, I am using the Hardknott version of Yocto which supports Podman version 3.2.2-dev and Linux kernel version 5.4.69.

When I try to run the hello-world container, it hits this error:

[email protected]:~# podman run hello-world
Your kernel does not support pids limit capabilities or the cgroup is not mounted. PIDs limit discarded.
ERRO[0000] unable to write pod event: "write unixgram @00009->/run/systemd/journal/socket: sendmsg: no such file or directory"
ERRO[0000] Error adding network: failed to create bridge "cni-podman0": could not add "cni-podman0": operation not supported  
ERRO[0000] Error while adding pod to CNI network "podman": failed to create bridge "cni-podman0": could not add "cni-podman0": operation not supported
ERRO[0000] error loading cached network config: network "podman" not found in CNI cache
WARN[0000] falling back to loading from existing plugins on disk
Error: error configuring network namespace for container 8b3875ebcdc5ce36448e25b4922585611bffa75750558cb0330f741af4afb7c1: failed to create bridge "cni-podman0": could not add "cni-podman0": operation not supported

As indicated in the top level message, it seems to either be caused because my kernel doesn’t support the pids limit capabilities or the cgroup is not mounted. Based on the below, I would say that my cgroup is properly mounted.

[email protected]:~# mount | grep -i cgroup
cgroup on /sys/fs/cgroup type tmpfs (rw,relatime,mode=755)
cgroup on /sys/fs/cgroup/cpu type cgroup (rw,relatime,cpu)
cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,relatime,net_cls)
name=systemd on /sys/fs/cgroup/systemd type cgroup (rw,relatime,name=systemd)

Assuming I have rightly eliminated the option of cgroups not being properly mounted, what does it mean by "Your kernel does not support pids limit capabilities"? Any suggestions on how to get this properly working?

Thanks!

Source: Docker Questions

LEAVE A COMMENT