日志報錯:
mount failed: fork/exec /usr/bin/systemd-run: cannot allocate memory
Error response from daemon: OCI runtime create failed: runc did not terminate sucessfully: unknown
解決辦法:
# k8s-node05節點查看:
[root@k8s-node05 ~]# service docker status
[root@k8s-node05 ~]# rpm -qa| grep libseccomp
-bash: fork: 無法分配內存
-bash: fork: Cannot allocate memory
# 查看最大進程數
[root@k8s-node05 ~]# sysctl kernel.pid_max
kernel.pid_max = 131072
# 查看當前進程數
[root@k8s-node05 ~]# ps -eLf | wc -l
130849
# 確認是進程數滿了,原因排查
# top查看僵屍進程數:
[root@k8s-node05 ~]# top | grep zombie
Tasks: 129192 total, 1 running, 470 sleeping, 0 stopped, 128721 zombie
[root@k8s-node05 ~]# ps -e -o stat,ppid,pid,cmd|egrep '^[Zz]'
Z 1113 131071 [DATABASE_KINGBA] <defunct>
[root@k8s-node05 ~]# kill -9 1113
# 此時打開文件數就少了
[root@k8s-node05 ~]# ps -eLf | wc -l
2461
# 至此,服務正常了
[root@k8s-node05 ~]# rpm -qa| grep libseccomp
libseccomp-2.3.1-4.el7.x86_64
#修改最大進程數
[root@k8s-node05 ~]# echo 100000 > /proc/sys/kernel/pid_max
# 永久生效
[root@k8s-node05 ~]# echo "kernel.pid_max=100000 " >> /etc/sysctl.conf
[root@k8s-node05 ~]# sysctl -p
# 查看最大進程數
[root@k8s-node05 ~]# sysctl kernel.pid_max
kernel.pid_max = 100000
