日志报错:
mount failed: fork/exec /usr/bin/systemd-run: cannot allocate memory
Error response from daemon: OCI runtime create failed: runc did not terminate sucessfully: unknown
解决办法:
# k8s-node05节点查看:
[root@k8s-node05 ~]# service docker status
[root@k8s-node05 ~]# rpm -qa| grep libseccomp
-bash: fork: 无法分配内存
-bash: fork: Cannot allocate memory
# 查看最大进程数
[root@k8s-node05 ~]# sysctl kernel.pid_max
kernel.pid_max = 131072
# 查看当前进程数
[root@k8s-node05 ~]# ps -eLf | wc -l
130849
# 确认是进程数满了,原因排查
# top查看僵尸进程数:
[root@k8s-node05 ~]# top | grep zombie
Tasks: 129192 total, 1 running, 470 sleeping, 0 stopped, 128721 zombie
[root@k8s-node05 ~]# ps -e -o stat,ppid,pid,cmd|egrep '^[Zz]'
Z 1113 131071 [DATABASE_KINGBA] <defunct>
[root@k8s-node05 ~]# kill -9 1113
# 此时打开文件数就少了
[root@k8s-node05 ~]# ps -eLf | wc -l
2461
# 至此,服务正常了
[root@k8s-node05 ~]# rpm -qa| grep libseccomp
libseccomp-2.3.1-4.el7.x86_64
#修改最大进程数
[root@k8s-node05 ~]# echo 100000 > /proc/sys/kernel/pid_max
# 永久生效
[root@k8s-node05 ~]# echo "kernel.pid_max=100000 " >> /etc/sysctl.conf
[root@k8s-node05 ~]# sysctl -p
# 查看最大进程数
[root@k8s-node05 ~]# sysctl kernel.pid_max
kernel.pid_max = 100000
