[BUG] system-probe resolvePidCgroupFallback Failed to add pid #44352
Description
Agent version
7.73.0-jmx
Bug Report
We use datadog-operator on EKS and in latest stable release of operator (helm chart version 2.15.2) it produces a lot of warnings like:
system-probe 2025-12-17 15:40:12 UTC | SYS-PROBE | INFO | (pkg/security/resolvers/cgroup/resolver.go:270 in resolvePidCgroupFallback) | Failed to add pid 1910503, error on fallback to resol
ve its cgroup: no cgroup mount point found
system-probe 2025-12-17 15:40:12 UTC | SYS-PROBE | INFO | (pkg/security/resolvers/cgroup/resolver.go:270 in resolvePidCgroupFallback) | Failed to add pid 1910504, error on fallback to resol
ve its cgroup: no cgroup mount point found
system-probe 2025-12-17 15:40:14 UTC | SYS-PROBE | INFO | (pkg/security/resolvers/cgroup/resolver.go:270 in resolvePidCgroupFallback) | Failed to add pid 1910505, error on fallback to resol
ve its cgroup: no cgroup mount point found
system-probe 2025-12-17 15:40:14 UTC | SYS-PROBE | INFO | (pkg/security/resolvers/cgroup/resolver.go:270 in resolvePidCgroupFallback) | Failed to add pid 1910515, error on fallback to resol
ve its cgroup: no cgroup mount point found
system-probe 2025-12-17 15:40:14 UTC | SYS-PROBE | INFO | (pkg/security/resolvers/cgroup/resolver.go:270 in resolvePidCgroupFallback) | Failed to add pid 1910516, error on fallback to resol
ve its cgroup: no cgroup mount point found
system-probe 2025-12-17 15:40:14 UTC | SYS-PROBE | INFO | (pkg/security/resolvers/cgroup/resolver.go:270 in resolvePidCgroupFallback) | Failed to add pid 1910517, error on fallback to resol
ve its cgroup: no cgroup mount point found
Tried also latest RC 2.16.0-dev.6 but problem is the same. Am I doing something wrong?
Reproduction Steps
Just setup latest stable datadog-operator 2.15.2 in EKS.
Agent configuration
apiVersion: datadoghq.com/v2alpha1
kind: DatadogAgent
spec:
features:
admissionController:
enabled: true
apm:
enabled: false
clusterChecks:
enabled: true
cspm:
enabled: false
cws:
enabled: false
dogstatsd:
hostPortConfig:
enabled: false
originDetectionEnabled: true
tagCardinality: low
unixDomainSocketConfig:
enabled: true
ebpfCheck:
enabled: false
eventCollection:
collectKubernetesEvents: true
externalMetricsServer:
enabled: false
kubeStateMetricsCore:
enabled: true
liveContainerCollection:
enabled: true
liveProcessCollection:
enabled: true
logCollection:
containerCollectAll: false
enabled: false
npm:
enabled: false
oomKill:
enabled: true
orchestratorExplorer:
enabled: true
otlp:
receiver:
protocols:
grpc:
enabled: false
http:
enabled: false
processDiscovery:
enabled: true
prometheusScrape:
enabled: false
remoteConfiguration:
enabled: false
sbom:
enabled: false
tcpQueueLength:
enabled: true
usm:
enabled: false
global:
clusterName: sandbox-apps
credentials:
apiSecret:
keyName: api-key
secretName: datadog-secret
appSecret:
keyName: app-key
secretName: datadog-secret
criSocketPath: /run/dockershim.sock
logLevel: info
podLabelsAsTags:
app.kubernetes.io/env-name: env_name
app.kubernetes.io/env-tag: env_tag
app.kubernetes.io/team: team
env: env
env_name: env_name
env_tag: env_tag
statefulset.kubernetes.io/pod-name: pod_name
team: team
registry: our.own.registry.mirror/ecr-public/datadog
override:
clusterAgent:
replicas: 2
nodeAgent:
env:
- name: DD_EC2_PREFER_IMDSV2
value: "true"
- name: DD_COLLECT_EC2_TAGS
value: "true"
- name: DD_SECRET_BACKEND_COMMAND
value: /readsecret_multiple_providers.sh
extraConfd:
configDataMap:
kube_metrics_server.yaml: |-
ad_identifiers:
- metrics-server
init_config:
instances:
- {"prometheus_url": "https://%%host%%:10250/metrics", "tls_verify": false}
image:
jmxEnabled: true
tolerations:
- operator: Exists
Operating System
2.1.5+bottlerocket
Other environment details
No response