I have a Jetson Orin Nano and am trying to run k3s on it. However, all the pods/containers will never be created:
tyler@orin-nano-01:~$ curl -sfL https://get.k3s.io | sh -s - --docker --write-kubeconfig-mode 644 --write-kubeconfig $HOME/.kube/config
[INFO] Finding release for channel stable
[INFO] Using v1.29.6+k3s1 as release
[INFO] Downloading hash https://github.com/k3s-io/k3s/releases/download/v1.29.6+k3s1/sha256sum-arm64.txt
[INFO] Downloading binary https://github.com/k3s-io/k3s/releases/download/v1.29.6+k3s1/k3s-arm64
[INFO] Verifying binary download
[INFO] Installing k3s to /usr/local/bin/k3s
[INFO] Skipping installation of SELinux RPM
[INFO] Creating /usr/local/bin/kubectl symlink to k3s
[INFO] Creating /usr/local/bin/crictl symlink to k3s
[INFO] Skipping /usr/local/bin/ctr symlink to k3s, command exists in PATH at /usr/bin/ctr
[INFO] Creating killall script /usr/local/bin/k3s-killall.sh
[INFO] Creating uninstall script /usr/local/bin/k3s-uninstall.sh
[INFO] env: Creating environment file /etc/systemd/system/k3s.service.env
[INFO] systemd: Creating service file /etc/systemd/system/k3s.service
[INFO] systemd: Enabling k3s unit
Created symlink /etc/systemd/system/multi-user.target.wants/k3s.service → /etc/systemd/system/k3s.service.
[INFO] systemd: Starting k3s
tyler@orin-nano-01:~$ kubectl get nodes
NAME STATUS ROLES AGE VERSION
orin-nano-01 Ready control-plane,master 17s v1.29.6+k3s1
tyler@orin-nano-01:~$ kubectl get pods -A
NAMESPACE NAME READY STATUS RESTARTS AGE
kube-system coredns-6799fbcd5-f9mgq 0/1 ContainerCreating 0 7s
kube-system helm-install-traefik-5892k 0/1 ContainerCreating 0 8s
kube-system helm-install-traefik-crd-xlkb2 0/1 ContainerCreating 0 8s
kube-system local-path-provisioner-6f5d79df6-5bjpw 0/1 ContainerCreating 0 7s
kube-system metrics-server-54fd9b65b-2szjw 0/1 ContainerCreating 0 7s
tyler@orin-nano-01:~$ kubectl describe pod coredns-6799fbcd5-f9mgq -n kube-system
Name: coredns-6799fbcd5-f9mgq
Namespace: kube-system
Priority: 2000000000
Priority Class Name: system-cluster-critical
Service Account: coredns
Node: orin-nano-01/192.168.1.230
Start Time: Fri, 05 Jul 2024 15:28:04 -0500
Labels: k8s-app=kube-dns
pod-template-hash=6799fbcd5
Annotations: <none>
Status: Pending
IP:
IPs: <none>
Controlled By: ReplicaSet/coredns-6799fbcd5
Containers:
coredns:
Container ID:
Image: rancher/mirrored-coredns-coredns:1.10.1
Image ID:
Ports: 53/UDP, 53/TCP, 9153/TCP
Host Ports: 0/UDP, 0/TCP, 0/TCP
Args:
-conf
/etc/coredns/Corefile
State: Waiting
Reason: ContainerCreating
Ready: False
Restart Count: 0
Limits:
memory: 170Mi
Requests:
cpu: 100m
memory: 70Mi
Liveness: http-get http://:8080/health delay=60s timeout=1s period=10s #success=1 #failure=3
Readiness: http-get http://:8181/ready delay=0s timeout=1s period=2s #success=1 #failure=3
Environment: <none>
Mounts:
/etc/coredns from config-volume (ro)
/etc/coredns/custom from custom-config-volume (ro)
/var/run/secrets/kubernetes.io/serviceaccount from kube-api-access-vdbv4 (ro)
Conditions:
Type Status
PodReadyToStartContainers False
Initialized True
Ready False
ContainersReady False
PodScheduled True
Volumes:
config-volume:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: coredns
Optional: false
custom-config-volume:
Type: ConfigMap (a volume populated by a ConfigMap)
Name: coredns-custom
Optional: true
kube-api-access-vdbv4:
Type: Projected (a volume that contains injected data from multiple sources)
TokenExpirationSeconds: 3607
ConfigMapName: kube-root-ca.crt
ConfigMapOptional: <nil>
DownwardAPI: true
QoS Class: Burstable
Node-Selectors: kubernetes.io/os=linux
Tolerations: CriticalAddonsOnly op=Exists
node-role.kubernetes.io/control-plane:NoSchedule op=Exists
node-role.kubernetes.io/master:NoSchedule op=Exists
node.kubernetes.io/not-ready:NoExecute op=Exists for 300s
node.kubernetes.io/unreachable:NoExecute op=Exists for 300s
Topology Spread Constraints: kubernetes.io/hostname:DoNotSchedule when max skew 1 is exceeded for selector k8s-app=kube-dns
Events:
Type Reason Age From Message
---- ------ ---- ---- -------
Normal Scheduled 19s default-scheduler Successfully assigned kube-system/coredns-6799fbcd5-f9mgq to orin-nano-01
Warning FailedCreatePodSandBox 15s kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to start sandbox container for pod "coredns-6799fbcd5-f9mgq": Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: openat2 /sys/fs/cgroup/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod37077870_be63_4b9e_9bfa_872ce17336ca.slice/docker-6f56fb05536e2283dd3f00dc1a83ec36b0d7d5f1bde2ccd22643b87bcc0146ed.scope/cpu.weight: no such file or directory: unknown
Warning FailedCreatePodSandBox 5s kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to start sandbox container for pod "coredns-6799fbcd5-f9mgq": Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: openat2 /sys/fs/cgroup/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod37077870_be63_4b9e_9bfa_872ce17336ca.slice/docker-a2c97b1da3c071dc360217b408e7fc0cd11fb1b8afd2b4e9c67283ddf1f5d083.scope/cpu.weight: no such file or directory: unknown
Normal SandboxChanged 4s (x2 over 9s) kubelet Pod sandbox changed, it will be killed and re-created.
Warning FailedCreatePodSandBox 1s kubelet Failed to create pod sandbox: rpc error: code = Unknown desc = failed to start sandbox container for pod "coredns-6799fbcd5-f9mgq": Error response from daemon: failed to create task for container: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error setting cgroup config for procHooks process: openat2 /sys/fs/cgroup/kubepods.slice/kubepods-burstable.slice/kubepods-burstable-pod37077870_be63_4b9e_9bfa_872ce17336ca.slice/docker-497c9db51f20eb47b69e87fa46232f891b1747c6b403106989de0116c960ed71.scope/cpu.weight: no such file or directory: unknown
Some digging online seemed to point to cgroup related problems, but my tinkering with that hasn’t led to much.
Some background:
-
I’m running a custom kernel to enable the iSCSI TCP module. I followed this guide, and enabled
CONFIG_ISCI_TCP=m
andCONFIG_SCSI_ISCSI_ATTRS=m
(to eventually support Longhorn pods). I’ve also enabledCONFIG_FAIR_GROUP_SCHED=y
andCONFIG_RT_GROUP_SCHED=y
in attempts to fix this issue (to no avail). Everything else should be standard.- When I was running the “standard” kernel, k3s was able to create and run the pods.
-
I’m booting directly from an SSD, following this quick start guide.
-
I’ve updated and upgraded packages with
sudo apt update && sudo apt upgrade
. -
I’m running the latest version of Jetpack:
tyler@orin-nano-01:~$ apt list --installed | grep nvidia-jetpack WARNING: apt does not have a stable CLI interface. Use with caution in scripts. nvidia-jetpack-dev/stable,now 6.0+b106 arm64 [installed,automatic] nvidia-jetpack-runtime/stable,now 6.0+b106 arm64 [installed,automatic] nvidia-jetpack/stable,now 6.0+b106 arm64 [installed]
-
Other machine info:
tyler@orin-nano-01:~$ uname -a Linux orin-nano-01 5.15.136-rt-tegra #5 SMP PREEMPT_RT Fri Jul 5 13:52:58 CDT 2024 aarch64 aarch64 aarch64 GNU/Linux
Can anyone provide guidance on what I might be missing or what additional steps I should take to fix this?