Skip to content
    • Welcome to the Linux Foundation Forum!

    Lab 3.6 RuntimeHandler "runsc" not supported

    Posts: 6
    in LFS260 Class Forum

    Exercise 3.6: Leverage Secure Runtimes
    I've Installed Kubernetes using containerd following "containerd-setup.txt". For some reason, I install docker as well before kubeadm inited. Then I came to "4. Check the state of the pod." step by step following "Exercise 3.6: Leverage Secure Runtimes". Here encounter a problem:

    john@ubuntu:~$ kubectl get pod --all-namespaces
    NAMESPACE NAME READY STATUS RESTARTS AGE
    default simple-gvisor 0/1 ContainerCreating 0 4h23m

    john@ubuntu:~$ sudo kubectl describe pod simple-gvisor
    Name: simple-gvisor
    Namespace: default
    Priority: 0
    Node: ubuntu/10.0.3.151
    Start Time: Mon, 29 Nov 2021 17:06:17 +0800
    Labels:
    Annotations:
    Status: Pending
    IP:
    IPs:
    Containers:
    secure-nginx:
    Container ID:
    Image: nginx
    Image ID:
    Port:
    Host Port:
    State: Waiting
    Reason: ContainerCreating
    Ready: False
    Restart Count: 0
    Environment:
    Mounts:
    /var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-l2dgg (ro)
    Conditions:
    Type Status
    Initialized True
    Ready False
    ContainersReady False
    PodScheduled True
    Volumes:
    kube-api-access-l2dgg:
    Type: Projected (a volume that contains injected data from multiple sources)
    TokenExpirationSeconds: 3607
    ConfigMapName: kube-root-ca.crt
    ConfigMapOptional:
    DownwardAPI: true
    QoS Class: BestEffort
    Node-Selectors:
    Tolerations: node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
    node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
    Events:
    Type Reason Age From Message
    ---- ------ ---- ---- -------
    Normal Scheduled 4h25m default-scheduler Successfully assigned default/simple-gvisor to ubuntu
    Warning FailedCreatePodSandBox 4h15m (x48 over 4h25m) kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = RuntimeHandler "runsc" not supported

    Another Pod with nginx image and deafault runtime running .
    john@ubuntu:~$ cat doc-gvisor.yaml
    apiVersion: v1
    kind: Pod
    metadata:
    name: doc-gvisor
    spec:
    containers:
    - name: secure-nginx
    image: nginx

    john@ubuntu:~$ kubectl get pod --all-namespaces
    NAMESPACE NAME READY STATUS RESTARTS AGE
    default doc-gvisor 1/1 Running 0 5m21s

    Any help? Thanks

    Answers

    • Posts: 2,434

      Hi @rockhai,

      I would recommend removing docker and reconfiguring containerd and kubelet. Kubelet seems to default to docker if found on a node.

      Regards,
      -Chris

    • Posts: 6

      Yes ,the pod "simple-gvisor" could runing well without a docker runtime installing.
      Thanks a lot @chrispokorni

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Welcome!

    It looks like you're new here. Sign in or register to get started.
    Sign In

    Quick Links

    Categories

    Upcoming Training