Hi, thank you for your answer. It looks like the pxe preseed installation missed to add "swapaccount=1" to the kernel cmdline.
Regards, Flo On Thu, Apr 24, 2014 at 5:52 PM, S.Çağlar Onur <[email protected]> wrote: > Hi, > > On Thu, Apr 24, 2014 at 6:42 AM, Flo <[email protected]> wrote: > > Hi, > > > > I just installed a fresh Ubuntu 14.04 amd64 and tried to start a > container > > with the following configuration: > > > > # Common configuration > > # Autostart the container after a host reboot > > lxc.start.auto = 1 > > > > # Default pivot location > > lxc.pivotdir = lxc_putold > > > > # Default mount entries > > lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0 > > lxc.mount.entry = sysfs sys sysfs defaults 0 0 > > lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none > > bind,optional 0 0 > > lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional > 0 0 > > lxc.mount.entry = /sys/kernel/security sys/kernel/security none > > bind,optional 0 0 > > lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0 > > > > # Default console settings > > lxc.devttydir = lxc > > lxc.tty = 4 > > lxc.pts = 1024 > > > > # Default capabilities > > lxc.cap.drop = sys_module mac_admin mac_override sys_time > > > > # When using LXC with apparmor, the container will be confined by > default. > > # If you wish for it to instead run unconfined, copy the following line > > # (uncommented) to the container's configuration file. > > #lxc.aa_profile = unconfined > > > > # To support container nesting on an Ubuntu host while retaining most of > > # apparmor's added security, use the following two lines instead. > > #lxc.aa_profile = lxc-container-default-with-nesting > > #lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups > > > > # Uncomment the following line to autodetect squid-deb-proxy > configuration > > on the > > # host and forward it to the guest at start time. > > #lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client > > > > # If you wish to allow mounting block filesystems, then use the following > > # line instead, and make sure to grant access to the block device and/or > > loop > > # devices below in lxc.cgroup.devices.allow. > > #lxc.aa_profile = lxc-container-default-with-mounting > > > > # Default cgroup limits > > lxc.cgroup.devices.deny = a > > ## Allow any mknod (but not using the node) > > lxc.cgroup.devices.allow = c *:* m > > lxc.cgroup.devices.allow = b *:* m > > ## /dev/null and zero > > lxc.cgroup.devices.allow = c 1:3 rwm > > lxc.cgroup.devices.allow = c 1:5 rwm > > ## consoles > > lxc.cgroup.devices.allow = c 5:0 rwm > > lxc.cgroup.devices.allow = c 5:1 rwm > > ## /dev/{,u}random > > lxc.cgroup.devices.allow = c 1:8 rwm > > lxc.cgroup.devices.allow = c 1:9 rwm > > ## /dev/pts/* > > lxc.cgroup.devices.allow = c 5:2 rwm > > lxc.cgroup.devices.allow = c 136:* rwm > > ## rtc > > lxc.cgroup.devices.allow = c 254:0 rm > > ## fuse > > lxc.cgroup.devices.allow = c 10:229 rwm > > ## tun > > lxc.cgroup.devices.allow = c 10:200 rwm > > ## full > > lxc.cgroup.devices.allow = c 1:7 rwm > > ## hpet > > lxc.cgroup.devices.allow = c 10:228 rwm > > ## kvm > > lxc.cgroup.devices.allow = c 10:232 rwm > > ## To use loop devices, copy the following line to the container's > > ## configuration file (uncommented). > > #lxc.cgroup.devices.allow = b 7:* rwm > > > > # Container specific configuration > > lxc.rootfs = /dev/lxc1/app01-jobs2-prodm > > lxc.mount = /var/lib/lxc/app01-xxx/fstab > > lxc.utsname = app01-xxx > > lxc.arch = amd64 > > > > # Network configuration > > lxc.network.type = veth > > lxc.network.link = prodf > > lxc.network.flags = up > > lxc.network.name = front > > lxc.network.hwaddr = 00:16:3f:6c:3b:28 > > lxc.network.type = veth > > lxc.network.link = prodb > > lxc.network.flags = up > > lxc.network.name = back > > lxc.network.hwaddr = 00:16:3b:c3:8c:a5 > > > > # > > # > > # write console output to file > > lxc.console = /var/lib/lxc/app01-xxx/console.out > > # > > # restrict CPU time (default=1024) > > #lxc.cgroup.cpu.shares = 1024 > > # restrict IO weight (range 10-1000) > > #lxc.cgroup.blkio.weight = 1000 > > # limit memory > > lxc.cgroup.memory.limit_in_bytes = 16G > > ##lxc.cgroup.memory.soft_limit_in_bytes = 15G > > # memory + swap limit (20G - 16G = 4G SWAP) > > lxc.cgroup.memory.memsw.limit_in_bytes = 20G > > > > # enable cgroupd inside the container > > lxc.mount.auto = cgroup:mixed > > > > but starting the container failrs with: > > > > lxc-start 1398334434.479 ERROR lxc_cgmanager - call to > > cgmanager_set_value_sync failed: invalid request > > lxc-start 1398334434.479 ERROR lxc_cgmanager - Error setting > cgroup > > memory.memsw.limit_in_bytes limit lxc/app01-jobs2-prodm > > lxc-start 1398334434.479 ERROR lxc_cgmanager - Error setting > > memory.memsw.limit_in_bytes to 20G for app01-xxx > > lxc-start 1398334434.479 ERROR lxc_start - failed to setup the > > cgroup limits for 'app01-xxx' > > lxc-start 1398334434.603 ERROR lxc_start - failed to spawn > > 'app01-xxx' > > lxc-start 1398334434.603 ERROR lxc_commands - command get_cgroup > > failed to receive response > > > > Is that hack: > > > > cat << EOFlxc > /etc/init/lxc-unpriv-cgroup.conf > > #start on starting systemd-logind and started cgroup-lite > > # > > #script > > # set +e > > # > > # echo 1 > /sys/fs/cgroup/memory/memory.use_hierarchy > > # > > # for entry in /sys/fs/cgroup/*/cgroup.clone_children; do > > # echo 1 > $entry > > ## done > > # > > # exit 0 > > #end script > > > > still needed? > > No, it's not. The issue is swap+memory accounting needs to be > activated via kernel parameter on trusty, please take a look at > http://askubuntu.com/questions/417215/how-does-kernel-support-swap-limit > for more information. > > > > > _______________________________________________ > > lxc-users mailing list > > [email protected] > > http://lists.linuxcontainers.org/listinfo/lxc-users > > Best, > -- > S.Çağlar Onur <[email protected]> > _______________________________________________ > lxc-users mailing list > [email protected] > http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
