On 12/02/2015 07:23 AM, Fajar A. Nugraha wrote:
On Wed, Dec 2, 2015 at 9:49 PM, Peter Steele <pwste...@gmail.com
<mailto:pwste...@gmail.com>>wrote:
On 12/01/2015 08:25 PM, Fajar A. Nugraha wrote:
Is there a reason why you can't install a centos7 container using
the download template? It would've been MUCH easier, and some of
the things you asked wouldn't even be an issue.
So, that long winded answer is why we can't just use the LXC
template for CentOS directly. I was assuming (hoping) that the
libvirt container image we build would be largely LXC friendly.
Apparently it's not going to be quite as straightforward as I'd
hoped. I'm going to have to dissect the steps used for creating a
CentOS LXC template and make sure our container image provides
what is needed/expected by LXC.
Actually my point was about the config file :)
D'oh! My mistake; sorry for the history lesson then, I hope it was
interesting reading... :-)
As for the config file, I believe what I am now using is the same config
file, more or less, that's used by LXC containers created with the
CentOS template. I just incorporated the centos.common.conf settings
into my own config file directly. Although I did tweak some things a bit
and eliminated things that weren't needed (like lxc.seccomp). I did a
quick test and ran the command
lxc-create -t centos -n test1
to create a container using the centos default settings. The resulting
config file doesn't look a whole lot different than my manually crafted
version. Something doesn't seem quite right though; when I run lxc-start
-n test1 the container takes forever to boot. I could log in eventually
but it's not working too well:
[root@test1 ~]# systemctl
Starting Trigger Flushing of Journal to Persistent Storage...
[FAILED] Failed to start LSB: Bring up/down networking.
See 'systemctl status network.service' for details.
<28>systemd-sysctl[261]: Failed to write '1' to
'/proc/sys/kernel/core_uses_pid': Read-only file system
Failed to get D-Bus connection: Failed to authenticate in time.
Shouldn't a container built with the stock config work "out of the box"?
The rootfs should be OK as is, as any systemd-related problem inside
the container should've also been fixed if you've managed to run it
under libvirt. I was suggesting to create a centos7 container from the
download template (which would reference the common configs, and use
lxcfs), then copy its config file.
There was no explicit reference to lxcfs in the centos.common.conf file,
nor in any of the config files for the other templates. My impression is
that this is not part of the LXC version that I am using.
It occurs to me that the difference might be related to lxcfs. It
provides a private, customized copy of parts of /sys and /proc to the
container, so the container doesn't need to see what the host has. And
IIRC libvirt has something that functions similarly to lxcfs.
Containers in libvirt have private versions of /sys and /proc, although
there is nothing to configure to provide this functionality, this is the
default behavior. There is nothing really quite like lxcfs.
Do you also have lxcfs installed? What version of lxc are you using?
Try installing lxcfs and use lxc-1.1.x. Then try to install a new
container using download template to see if it's similar to what you
want. If it is, copy it's config file (and modify things like name and
paths, obviously) for your former-libvirt container.
I am using the version 1.0.7 RPMs that are available on EPEL. I assume
there are no RPMs available for 1.1? We tend to use binary versions of
the third party packages we've included in our system but I will check
out 1.1 and investigate lxcfs. The set of LXC RPMs I installed from EPEL
are:
lua-lxc.1.0.7-4.el7.x86_64
lxc.1.0.7-4.el7.x86_64
lxc-libs.1.0.7-4.el7.x86_64
lxc-templates.1.0.7-4.el7.x86_64
Peter
_______________________________________________
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
