I have found two problems regarding the update from Fedora 30 Server to Fedora 31 Server that I want to share with you.
Problem #1: Docker and the CGroups
With the update to version 31, Fedora now uses CgroupsV2 – the latest version of the control groups to manage Linux processes in hierarchies.
Error response from daemon: OCI runtime create failed: container_linux.go:346: starting container process caused "process_linux.go:297: applying cgroup configuration for process caused \"open /sys/fs/cgroup/docker/cpuset.cpus.effective: no such file or directory\"": unknown Error: failed to start containers:
Unfortunately, after updating to version 31 with the new control groups, it is no longer possible to run the existing containers on the system. In order to achieve backwards compatibility, the CgroupsV1 must be activated via boot parameters on the kernel. This can be done with the following command:
grubby --update-kernel=ALL --args="systemd.unified_cgroup_hierarchy=0"
After a restart, Docker works again and the containers present on the system can be started without any problems.
Problem #2: Decryption via TPM does not work any more
Obviously the program used to read the PCR lists from the TPM has been moved to another package. After the update one of my computers was not able to read the TPM pin with Dracut in the early boot phase.
To reinstall the necessary tool, the following commands are necessary:
dnf install tpm2-tools dracut -f
- Red Hat “System Administrator’s Guide”: 26.4. Making Persistent Changes to a GRUB 2 Menu Using the grubby Tool
- Docker for Linux Issue Discussion: Please provide repo for docker-ce on Fedora 31 #665 on Github
- Fedora Project: Modify Fedora 31 to use CgroupsV2 by default