docker
resource_error
ai_generated
partial
写入 "/sys/fs/cgroup/memory/memory.limit_in_bytes" 失败:设备或资源忙
failed to write to "/sys/fs/cgroup/memory/memory.limit_in_bytes": device or resource busy
ID: docker/cgroup-memory-limit-exceeded
78%修复率
85%置信度
1证据数
2024-03-15首次发现
版本兼容性
| 版本 | 状态 | 引入 | 弃用 | 备注 |
|---|---|---|---|---|
| Docker 24.0.7 | active | — | — | — |
| containerd 1.7.13 | active | — | — | — |
| Linux 5.15.0 | active | — | — | — |
根因分析
Docker 守护进程在容器或虚拟机中运行,使用 cgroup v1,且内存限制文件已被宿主 cgroup 管理器设置,容器无法覆盖。
English
Docker daemon runs inside a container or VM with cgroup v1 where the memory limit file is already set by the host cgroup manager, preventing the container from overriding it.
官方文档
https://docs.docker.com/config/containers/resource_constraints/#memory解决方案
-
切换到 cgroup v2,在内核引导参数中添加 'systemd.unified_cgroup_hierarchy=1' 并重启。或者使用 'docker run --cgroup-parent /docker-custom ...' 设置自定义 cgroup 父路径。
-
使用 'docker run --memory-swap -1' 禁用交换限制,避免在内存已受限时写入 memory.limit_in_bytes。
无效尝试
常见但无效的做法:
-
Restart Docker daemon with --exec-opt native.cgroupdriver=systemd
65% 失败
Cgroup driver mismatch is not the root cause; the error is about cgroup v1 file being busy, not driver incompatibility.
-
Increase memory limit in docker-compose.yml to a very high value
70% 失败
High memory limit does not resolve the device busy error; the issue is at the cgroup file level, not the limit value.
-
Run container with --privileged flag
80% 失败
Privileged mode does not bypass cgroup write restrictions; it may even exacerbate cgroup conflicts.