Cgroup v2 warning with unified hierarchy

We have a cluster of two hypervisors both running Debian 11 (bullseye). They were initially installed as Debian 10, then upgraded to Debian 11.

The boot seems to use unified hierarchy. In dmesg, there is this line (on each hypervisors):
[ 30.947276] systemd[1]: systemd 247.3-6 running in system mode. (+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +ZSTD +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=unified)

And also:

$ systemd --version
systemd 247 (247.3-6)
$ findmnt /sys/fs/cgroup
/sys/fs/cgroup cgroup2 cgroup2 rw,nosuid,nodev,noexec,relatime

However, lxc commands print a warning. For example:

$ sudo lxc list
WARNING: cgroup v2 is not fully supported yet, proceeding with partial confinement

On an empty hypervisor, the /sys/fs/cgroup/ is filled with:

$ ls /sys/fs/cgroup/
cgroup.controllers      cpuset.mems.effective  memory.numa_stat
cgroup.max.depth        cpu.stat               memory.pressure
cgroup.max.descendants  dev-hugepages.mount    memory.stat
cgroup.procs            dev-mqueue.mount       sys-fs-fuse-connections.mount
cgroup.stat             init.scope             sys-kernel-config.mount
cgroup.subtree_control  io.cost.model          sys-kernel-debug.mount
cgroup.threads          io.cost.qos            sys-kernel-tracing.mount
cpu.pressure            io.pressure            system.slice
cpuset.cpus.effective   io.stat                user.slice

With containers, the directory content is the same, with lxc.monitor.${container_names} and lxc.payload.${container_names} added.

  • Did we miss something and we’re not using unified hierarchy?
  • How could we fix the warning?
1 Like

The warning means that you’re using a pure cgroupv2 environment, which is not fully supported.

You can switch back to cgroupv1 by setting this in your kernel boot command line:


See also What upgrade policy is advised for clustered hypervisors - #4 by stgraber

Worth noting that the warning is coming from snapd, not from LXD. LXD does fully support cgroup2.

Also, newer snapd similarly fully supports cgroup2, so it may be worth making sure that all updates are applied to your system.

1 Like

Ah thanks for clarification @stgraber ! :slight_smile:

Debian 11(bullseye) provides 2.49:

$ apt search snapd
snapd/stable,now 2.49-1+b5 amd64 [installed]

Snapd changelog shows improvement with unified hierarchy in 2.52 release. So I guess the installed package is too old to get the cgroup2 full support.

However, it does not seems important to me because it’s not a LXD warning.