# 写入 "/sys/fs/cgroup/memory/memory.limit_in_bytes" 失败：设备或资源忙

- **ID:** `docker/cgroup-memory-limit-exceeded`
- **领域:** docker
- **类别:** resource_error
- **验证级别:** ai_generated
- **修复率:** 78%

## 根因

Docker 守护进程在容器或虚拟机中运行，使用 cgroup v1，且内存限制文件已被宿主 cgroup 管理器设置，容器无法覆盖。

## 版本兼容性

| 版本 | 状态 | 引入 | 弃用 |
|------|------|------|------|
| Docker 24.0.7 | active | — | — |
| containerd 1.7.13 | active | — | — |
| Linux 5.15.0 | active | — | — |

## 解决方案

1. ```
   切换到 cgroup v2，在内核引导参数中添加 'systemd.unified_cgroup_hierarchy=1' 并重启。或者使用 'docker run --cgroup-parent /docker-custom ...' 设置自定义 cgroup 父路径。
   ```
2. ```
   使用 'docker run --memory-swap -1' 禁用交换限制，避免在内存已受限时写入 memory.limit_in_bytes。
   ```

## 无效尝试

- **Restart Docker daemon with --exec-opt native.cgroupdriver=systemd** — Cgroup driver mismatch is not the root cause; the error is about cgroup v1 file being busy, not driver incompatibility. (65% 失败率)
- **Increase memory limit in docker-compose.yml to a very high value** — High memory limit does not resolve the device busy error; the issue is at the cgroup file level, not the limit value. (70% 失败率)
- **Run container with --privileged flag** — Privileged mode does not bypass cgroup write restrictions; it may even exacerbate cgroup conflicts. (80% 失败率)