docker resource_error ai_generated partial

failed to write to "/sys/fs/cgroup/memory/memory.limit_in_bytes": device or resource busy

ID: docker/cgroup-memory-limit-exceeded

Also available as: JSON · Markdown · 中文
78%Fix Rate
85%Confidence
1Evidence
2024-03-15First Seen

Version Compatibility

VersionStatusIntroducedDeprecatedNotes
Docker 24.0.7 active
containerd 1.7.13 active
Linux 5.15.0 active

Root Cause

Docker daemon runs inside a container or VM with cgroup v1 where the memory limit file is already set by the host cgroup manager, preventing the container from overriding it.

generic

中文

Docker 守护进程在容器或虚拟机中运行,使用 cgroup v1,且内存限制文件已被宿主 cgroup 管理器设置,容器无法覆盖。

Official Documentation

https://docs.docker.com/config/containers/resource_constraints/#memory

Workarounds

  1. 85% success Switch to cgroup v2 by adding 'systemd.unified_cgroup_hierarchy=1' to kernel boot parameters and reboot. Alternatively, set '--cgroup-parent' to a custom path in docker run: docker run --cgroup-parent /docker-custom ... 
    Switch to cgroup v2 by adding 'systemd.unified_cgroup_hierarchy=1' to kernel boot parameters and reboot. Alternatively, set '--cgroup-parent' to a custom path in docker run: docker run --cgroup-parent /docker-custom ...
  2. 75% success Use 'docker run --memory-swap -1' to disable swap limit and avoid writing to memory.limit_in_bytes when memory is already constrained. 
    Use 'docker run --memory-swap -1' to disable swap limit and avoid writing to memory.limit_in_bytes when memory is already constrained.

中文步骤

  1. 切换到 cgroup v2,在内核引导参数中添加 'systemd.unified_cgroup_hierarchy=1' 并重启。或者使用 'docker run --cgroup-parent /docker-custom ...' 设置自定义 cgroup 父路径。
  2. 使用 'docker run --memory-swap -1' 禁用交换限制,避免在内存已受限时写入 memory.limit_in_bytes。

Dead Ends

Common approaches that don't work:

  1. Restart Docker daemon with --exec-opt native.cgroupdriver=systemd 65% fail

    Cgroup driver mismatch is not the root cause; the error is about cgroup v1 file being busy, not driver incompatibility.

  2. Increase memory limit in docker-compose.yml to a very high value 70% fail

    High memory limit does not resolve the device busy error; the issue is at the cgroup file level, not the limit value.

  3. Run container with --privileged flag 80% fail

    Privileged mode does not bypass cgroup write restrictions; it may even exacerbate cgroup conflicts.