Comment 6 for bug 1834374

Thanks. This is the fatal error:

F0626 19:55:06.745273 60563 kubelet.go:1384] Failed to start ContainerManager [open /proc/sys/vm/overcommit_memory: permission denied, open /proc/sys/kernel/panic: permission denied, open /proc/sys/kernel/panic_on_oops: permission denied

We usually see this error when the LXD profile hasn't been applied. Can you confirm that the profile has been applied with the name "juju-kubernetes", and that the instances are using it?

Command with example output below. This will show you both the profile contents, and the instances that are using the profile:

$ lxc profile show juju-kubernetes
config:
  boot.autostart: "true"
  linux.kernel_modules: ip_tables,ip6_tables,netlink_diag,nf_nat,overlay
  raw.lxc: |
    lxc.apparmor.profile=unconfined
    lxc.mount.auto=proc:rw sys:rw
    lxc.cap.drop=
  security.nesting: "true"
  security.privileged: "true"
description: ""
devices:
  aadisable:
    path: /sys/module/nf_conntrack/parameters/hashsize
    source: /dev/null
    type: disk
  aadisable1:
    path: /sys/module/apparmor/parameters/enabled
    source: /dev/null
    type: disk
  aadisable2:
    path: /dev/kmsg
    source: /dev/kmsg
    type: unix-char
name: juju-kubernetes
used_by:
- /1.0/containers/juju-d5cfa2-0
- /1.0/containers/juju-d5cfa2-1
- /1.0/containers/juju-d5cfa2-2
- /1.0/containers/juju-d5cfa2-3
- /1.0/containers/juju-d5cfa2-4
- /1.0/containers/juju-d5cfa2-6
- /1.0/containers/juju-d5cfa2-5
- /1.0/containers/juju-d5cfa2-7
- /1.0/containers/juju-d5cfa2-9
- /1.0/containers/juju-d5cfa2-8

Reading through your original description more carefully, this stood out:

> I have built a five machine lxd cluster using MaaS.

Ah! I don't think we've tested the case where an LXD cluster spans multiple machines. I'm not too familiar with this scenario - is it possible you need to apply the LXD profile on all five hosts?