Hello,
We are trying to run kubernetes rootless based on Running Kubernetes Node Components as a Non-root User | Kubernetes but under docker not directly with containerd / cri-o, so we are running kubelet inside the user namespace as the other components which are inside docker rootless.
While using cgroupfs for kubelet that is delegated by systemd (we do not use “systemd” driver as we don’t have any systemd running inside the slice - as stated by the documentation) we get the error: misconfiguration: kubelet cgroup driver: “cgroupfs” is different from docker cgroup driver: “systemd”.
If we use '–cgroup-driver=systemd --cgroups-per-qos=false --enforce-node-allocatable="" ’ besides other changes to point to the folders inside the user namespace, it boots properly but we have no cgroups and we get this:
nsenter[62228]: I0907 08:30:28.460246 62228 handler.go:177] Could not find cgroups CPU for container 0
Should we rebuild the kubelet to pass this error and set cgroup driver to cgroupfs or is this not doable with docker rootless?
Thanks.
Cluster information:
Kubernetes version: 1.22.1
Cloud being used: bare metal
Installation method: kubeadm
Host OS: Centos 8.4
CNI and version: 0.9.1
CRI and version: docker rootless 20.10.8