This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
Rootless K3s fails with "operation not permitted" error during mount operations #10850
Comments
Why are you bind-mounting the rootless dir with weird options? Why not just set |
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
When running K3s in rootless mode, I'm encountering an "operation not permitted" error during mount operations. This appears to be related to the handling of mount flags in user namespaces.
Environmental Info:
K3s Version:
k3s version v1.30.4+k3s1 (98262b5)
go version go1.22.5
Node(s) CPU architecture, OS, and Version:
Linux ip-** 5.14.0-427.31.1.el9_4.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Aug 9 14:06:03 EDT 2024 x86_64 x86_64 x86_64 GNU/Linux
Describe the bug:
failed to create containerd task: failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: error during container init: error mounting ".rancher/k3s/agent/kubelet/pods//volumes/kubernetes.io ~ configmap/config-volume" to rootfs at "/etc/coredns": mount .rancher/k3s/agent/kubelet/pods//volumes/kubernetes.io~configmap/config-volume:/etc/coredns (via /proc/self/fd/6), flags: 0x5021: operation not permitted: unknown" containerID=""
Steps To Reproduce:
Expected behavior:
All K3s pods should start and operate normally in rootless mode.
Actual behavior:
All pods are in CrashLoopBackOff State
Additional context / logs:
I noticed a similar issue for this in Moby repo, do we need to implement something similar with K3s containerd version
The text was updated successfully, but these errors were encountered: