https://github.com/NixOS/nixpkgs/pull/68096#issuecomment-527826574
For the uninitiated https://www.kernel.org/doc/Documentation/cgroup-v2.txt , see also section R stating the rationales for v2.
This is not an immediately actionable issue, the first major blocker seems to be waiting for docker to migrate.
Some more keywords for searchability (maybe): cgroups cgroups-v2
Currently AFAICT all cgroup controllers are acquired by the v1 system, because a controller can only be mounted (or whatever the word is) on one cgroup hierarchy at a time.
https://web.archive.org/web/20191120061819/https://medium.com/nttlabs/cgroup-v2-596d035be4d7 suggests
Docker / Moby will gain the support for cgroup v2, as soon as runc
and containerd gains the support.
Docker/Moby+containerd+runc will follow soon. If everything goes well,
we might be able to get nightly binaries for cgroup v2 by the end of 2019.
cc @arianvp
deliciouslytyped
All 4 comments
Presumably it should be sufficient to omit this setting to use v2 https://github.com/andir/nixpkgs/blob/9c06aae94ad42aba50c7ff3c503ddcb362f4a80e/pkgs/os-specific/linux/systemd/default.nix#L109 since it was added in https://github.com/NixOS/nixpkgs/pull/68096 precisely to _not_ default to v2.
Though there's also something about setting the systemd.unified_cgroup_hierarchy=1 kernel parameter?
deliciouslytyped
on 20 Nov 2019
I had some issues in hybrid mode with systemd-run https://discourse.nixos.org/t/ram-limiting-firefox-for-pathological-tabbers/5117/
Using cgroupsv2 proper appears to fix it.
deliciouslytyped
on 16 Dec 2019
One of the major blockers is indeed Docker - Docker derivation is using old containerd. containerd gained CGroups v2 support in release 1.4.0. runc... I think in v1.0-rc91.
However, Docker's current release (19.03.13 at the time of writing) does not seem to contain the required changes to get CGroups v2 supported. Building Docker from commit 3b9fb515ce3a39e2d9a1dcd7f094eb3ed511581d gets it working (tested with setting systemd.unified_cgroup_hierarchy=1 and cgroup_no_v1=all to ensure old cgroups not being present).
Image shows crun (personal preference), but I tested with latest runc (1.0-rc92) & it worked as expected.
mikroskeem
on 23 Oct 2020
I think this is mature enough for now. I'll draft a PR :-)
Other distros already switched to the unified cgroup hierarchy, and people who want to keep using docker can add a systemd.unified_cgroup_hierarchy=0 to their cmdline, like documented for Fedora etc.
We should switch to this in unstable soon-ish, so potential issues can be sorted out in unstable, and it gets less stressful for the 21.03 release.
It'd be nice if we could also sort out https://github.com/NixOS/nixpkgs/issues/77925, so using other container runtimes gets simpler.
flokli
on 17 Nov 2020
Related issues
chris-martin
路
3Comments
copumpkin
路
3Comments
copumpkin
路
3Comments
retrry
路
3Comments
grahamc
路
3Comments
Most helpful comment
I think this is mature enough for now. I'll draft a PR :-)
Other distros already switched to the unified cgroup hierarchy, and people who want to keep using docker can add a
systemd.unified_cgroup_hierarchy=0to their cmdline, like documented for Fedora etc.We should switch to this in unstable soon-ish, so potential issues can be sorted out in unstable, and it gets less stressful for the 21.03 release.
It'd be nice if we could also sort out https://github.com/NixOS/nixpkgs/issues/77925, so using other container runtimes gets simpler.