Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-65725

shareProcessNamespace pods fail to start - runc

XMLWordPrintable

    • None
    • False
    • Hide

      None

      Show
      None
    • 2
    • Critical
    • Yes
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Description of problem:
      The frr-k8s pods got stuck in the Init state.

      Version-Release number of selected component (if applicable):
      4.17.44
      metallb-operator.v4.17.0-202511102236 

      How reproducible:
      100%

      Steps to Reproduce:
      1. Apply BGP metallb configuration
      2.
      3.
      Actual results:

      NAME                                                   READY   STATUS     RESTARTS   AGE
controller-869bf64444-fq49k                            2/2     Running    0          6m3s
frr-k8s-69hjk                                          0/6     Init:0/3   0          6m3s
frr-k8s-n66qm                                          0/6     Init:0/3   0          6m3s
frr-k8s-webhook-server-d4d6dbf5f-2f6z4                 1/1     Running    0          6m3s
metallb-operator-controller-manager-868dcc8d4d-n2zzl   1/1     Running    0          12h
metallb-operator-webhook-server-5666dff449-zh6bd       1/1     Running    0          12h
speaker-q5ngq                                          2/2     Running    0          6m3s
speaker-wmx9f                                          2/2     Running    0          6m3s

       

       Warning  FailedCreatePodSandBox  4m44s                kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = container create failed: time="2025-11-18T14:36:09Z" level=error msg="runc create failed: unable to start container process: error during container init: error closing exec fds: get handle to /proc/thread-self/fd: unsafe procfs detected: openat2 fsmount:fscontext:proc/thread-self/fd/: operation not permitted"

       

       

      Expected results:

      Additional info:

      Events:
  Type     Reason                  Age        From               Message
  ----     ------                  ----       ----               -------
  Normal   Scheduled               8s         default-scheduler  Successfully assigned default/test-hostnet-sharens to worker2
  Warning  FailedCreatePodSandBox  8s         kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = container create failed: time="2025-11-18T15:12:27Z" level=error msg="runc create failed: unable to start container process: error during container init: error closing exec fds: get handle to /proc/thread-self/fd: unsafe procfs detected: openat2 fsmount:fscontext:proc/thread-self/fd/: operation not permitted"
  Warning  FailedCreatePodSandBox  <invalid>  kubelet            Failed to create pod sandbox: rpc error: code = Unknown desc = container create failed: time="2025-11-18T15:12:39Z" level=error msg="runc create failed: unable to start container process: error during container init: error closing exec fds: get handle to /proc/thread-self/fd: unsafe procfs detected: openat2 fsmount:fscontext:proc/thread-self/fd/: operation not permitted"
      [I] kka@x1g12 ~> cat /tmp/pod.yaml
apiVersion: v1
kind: Pod
metadata:
  name: test-hostnet-sharens
  namespace: default
spec:
  hostNetwork: true
  shareProcessNamespace: true
  containers:
  - name: container1
    image: registry.access.redhat.com/ubi9/ubi-minimal:latest
    command: ["sleep", "3600"]
  - name: container2
    image: registry.access.redhat.com/ubi9/ubi-minimal:latest
    command: ["sleep", "3600"]

       

       

              tsweeney@redhat.com Tom Sweeney
              rhn-cnf-elevin Evgeny Levin
              None
              None
              Arti Sood Arti Sood
              None
              Votes:
              1 Vote for this issue
              Watchers:
              25 Start watching this issue

                Created:
                Updated: