host.cgroupControllers is missing cpu on rootless

[soltysh]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description

This seems to be similar problem to #11931 in that when invoking podman info I'm not getting all the information:

$ podman info --format json
{
  "host": {
    "arch": "amd64",
    "buildahVersion": "1.26.1",
    "cgroupManager": "systemd",
    "cgroupVersion": "v2",
    "cgroupControllers": [
      "memory",
      "pids"
    ],

but

$ cat /sys/fs/cgroup/user.slice/user-1000.slice/cgroup.controllers
cpuset cpu io memory pids

and

$ cat /sys/fs/cgroup/user.slice/user-1000.slice/cgroup.subtree_control
cpuset cpu io memory pids

both have cpu. Unfortunately this prevents kind from working properly,
because it checks for memory, pids and cpu being present there.

Describe the results you expected:

podman info to contain:

"cgroupControllers": [
      "memory",
      "pids",
      "cpu",
    ],

Additional information you deem important (e.g. issue happens only occasionally):

Output of podman version:

$ podman version
Client:       Podman Engine
Version:      4.1.1
API Version:  4.1.1
Go Version:   go1.18.3
Built:        Wed Jun 15 16:31:58 2022
OS/Arch:      linux/amd64

Output of podman info --debug:

$ podman info --debug
host:
  arch: amd64
  buildahVersion: 1.26.1
  cgroupControllers:
  - memory
  - pids
  cgroupManager: systemd
  cgroupVersion: v2
  conmon:
    package: conmon-2.1.0-2.fc36.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.1.0, commit: '
  cpuUtilization:
    idlePercent: 92.91
    systemPercent: 1.41
    userPercent: 5.68
  cpus: 8
  distribution:
    distribution: fedora
    version: "36"
  eventLogger: journald
  hostname: redhat
  idMappings:
    gidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 1000
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  kernel: 5.18.9-200.fc36.x86_64
  linkmode: dynamic
  logDriver: journald
  memFree: 11449970688
  memTotal: 33315454976
  networkBackend: cni
  ociRuntime:
    name: crun
    package: crun-1.4.5-1.fc36.x86_64
    path: /usr/bin/crun
    version: |-
      crun version 1.4.5
      commit: c381048530aa750495cf502ddb7181f2ded5b400
      spec: 1.0.0
      +SYSTEMD +SELINUX +APPARMOR +CAP +SECCOMP +EBPF +CRIU +YAJL
  os: linux
  remoteSocket:
    path: /run/user/1000/podman/podman.sock
  security:
    apparmorEnabled: false
    capabilities: CAP_CHOWN,CAP_DAC_OVERRIDE,CAP_FOWNER,CAP_FSETID,CAP_KILL,CAP_NET_BIND_SERVICE,CAP_SETFCAP,CAP_SETGID,CAP_SETPCAP,CAP_SETUID,CAP_SYS_CHROOT
    rootless: true
    seccompEnabled: true
    seccompProfilePath: /usr/share/containers/seccomp.json
    selinuxEnabled: true
  serviceIsRemote: false
  slirp4netns:
    executable: /usr/bin/slirp4netns
    package: slirp4netns-1.2.0-0.2.beta.0.fc36.x86_64
    version: |-
      slirp4netns version 1.2.0-beta.0
      commit: 477db14a24ff1a3de3a705e51ca2c4c1fe3dda64
      libslirp: 4.6.1
      SLIRP_CONFIG_VERSION_MAX: 3
      libseccomp: 2.5.3
  swapFree: 12884893696
  swapTotal: 12884893696
  uptime: 6h 34m 43.21s (Approximately 0.25 days)
plugins:
  log:
  - k8s-file
  - none
  - passthrough
  - journald
  network:
  - bridge
  - macvlan
  - ipvlan
  volume:
  - local
registries:
  search:
  - registry.fedoraproject.org
  - registry.access.redhat.com
  - docker.io
  - quay.io
store:
  configFile: /home/maszulik/.config/containers/storage.conf
  containerStore:
    number: 0
    paused: 0
    running: 0
    stopped: 0
  graphDriverName: overlay
  graphOptions: {}
  graphRoot: /home/maszulik/.local/share/containers/storage
  graphRootAllocated: 128732655616
  graphRootUsed: 74746859520
  graphStatus:
    Backing Filesystem: xfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  imageCopyTmpDir: /var/tmp
  imageStore:
    number: 1
  runRoot: /run/user/1000/containers
  volumePath: /home/maszulik/.local/share/containers/storage/volumes
version:
  APIVersion: 4.1.1
  Built: 1655303518
  BuiltTime: Wed Jun 15 16:31:58 2022
  GitCommit: ""
  GoVersion: go1.18.3
  Os: linux
  OsArch: linux/amd64
  Version: 4.1.1

Package info (e.g. output of rpm -q podman or apt list podman):

podman-4.1.1-1.fc36.x86_64

Have you tested with the latest version of Podman and have you checked the Podman Troubleshooting Guide? (https://github.com/containers/podman/blob/main/troubleshooting.md)

No

Additional environment details (AWS, VirtualBox, physical, etc.):

physical

[soltysh]

I spoke with @giuseppe and he helped me figured it out. In my case the problem was that my service cgroup cat /proc/self/cgroup did not have the cpu in it. The two possible approaches that worked for me are:

1. add Delegate=true in that particular service as described in https://kind.sigs.k8s.io/docs/user/rootless/
2. run a new shell in a new systemd scope systemd-run --scope --user -p Delegate=true bash