@Ian Johnson: it may not be the case that this is something inherent to LXD as i've seen similar CG issues with LXC itself and Dockers nested in it. These cgroup issues often stem from the host system's systemd setting up its unified CG hierarchy on boot, and locking namespaces out of creating their respective mounts at startup. For example, as kernel versions and systemd versions have updated in our Arch systems, it became impossible to start certain containers after rebooting (like CentOS8 and Ubuntu 20.04 with nesting) without providing a `systemd.unified_cgroup_hierarchy=0` kernel commandline parameter as they would fail with a variety of mount errors on freezer, cpu, and other CGs.
@Ian Johnson: it may not be the case that this is something inherent to LXD as i've seen similar CG issues with LXC itself and Dockers nested in it. These cgroup issues often stem from the host system's systemd setting up its unified CG hierarchy on boot, and locking namespaces out of creating their respective mounts at startup. For example, as kernel versions and systemd versions have updated in our Arch systems, it became impossible to start certain containers after rebooting (like CentOS8 and Ubuntu 20.04 with nesting) without providing a `systemd. unified_ cgroup_ hierarchy= 0` kernel commandline parameter as they would fail with a variety of mount errors on freezer, cpu, and other CGs.