K
Q

Kubernetes `RuntimeHandler "runc" not supported` when creating container

8/13/2020

I was trying to specify the runtime of containers deployed using Kubernetes. I follow the guide in this link and creating the following RuntimeClass: 

apiVersion: node.k8s.io/v1beta1
kind: RuntimeClass
metadata:
    name: runc
handler: runc

# $ kubeclt get RuntimeClass
# NAME   HANDLER   AGE
# runc   runc      59m

Then, I set my Pod spec.runtimeClassName="runc". However, when deploying this using Kubernetes, I got the following error:

Warning  FailedCreatePodSandBox  2m43s (x141 over 32m)  kubelet, jetson1   Failed to create pod sandbox: rpc error: code = Unknown desc = RuntimeHandler "runc" not supported

I can run the container with docker and --runtime=runc without any error. But when deploying it with K8s, the error occur. The following is my docker info:

Client:
 Debug Mode: false

Server:
 Containers: 11
  Running: 5
  Paused: 0
  Stopped: 6
 Images: 12
 Server Version: 19.03.6
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: nvidia runc
 Default Runtime: nvidia
 Init Binary: docker-init
 containerd version: 
 runc version: 
 init version: 
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 4.9.140-tegra
 Operating System: Ubuntu 18.04.4 LTS
 OSType: linux
 Architecture: aarch64
 CPUs: 4
 Total Memory: 3.871GiB
 Name: jetson1
 ID: HLZ4:DQKM:J7YY:OMDN:JXXZ:PFL5:YJGT:DJBM:SMSL:UTZA:WCZ4:GUD4
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Any suggestions will be appreciated. Thank you!

-- Kevin3297
docker
kubernetes

Similar Questions

Is it possible to use a unique external (outgoing) IP on a per-pod basis in Kubernetes
Deploying a Kubernetes application on Azure VM scale sets
How to push artifact from Cloud Builder to Cloud Storage?
Data puller and data pusher in pod or job
Kubernetes equivalent of `docker run --init`

1 Answer

8/13/2020

While runc is able to create containers, it's a rather low-level component. Most tools we know as container runtimes actually rely on it in some way. This answer to another question gives a great overview of it.

The RuntimeClass feature in Kubernetes to target a specific conainer runtime requires it to implement the CRI (Container Runtime Interface) on the local nodes (the "Setup" part of your shared link briefly talks about it). I did some quick research and there is no hint that runc is implementing CRI directly. If it was, Kubernetes would skip accessing Docker as you did; it would use that interface to talk to another component directly from kubelet. Checking Docker settings therefore doesn't help to see if runc is a viable Kubernetes container runtime.

So, you should review why you're trying to do this - runc is likely already used in your default container rumtime stack without you maybe realizing it. Kubernetes has documentation for alternative container runtimes, you can look into installing these if you are looking for something more lightweight than Docker.

-- embik
Source: StackOverflow