Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Hi, On Thu, Jan 12, 2017 at 01:44:12PM +0100, Thibaut Cheze wrote: > >> I reopen this because I have seen another side effect. > >> The LXC containers fail to start automatically during boot. > > I'd argue that it is a slightly different (but totally related) bug. > > But as you already merged this with #850212, let's handle it as one. > I was a little too "enthusiastic", sorry. No worries, no harm done. > > ... > >> -# Required-Start: $syslog $remote_fs > >> -# Required-Stop: $syslog $remote_fs > >> +# Required-Start: $syslog $remote_fs cgroupfs-mount > >> +# Required-Stop: $syslog $remote_fs cgroupfs-mount > >> # Should-Start: > >> # Should-Stop: > >> # Default-Start: 2 3 4 5 > > I'd add it to Should-*, not Required-*, as it is perfectly fine to have > > a different cgroupfs initializer. > > Will discuss with upstream and include in the next upload. > > > > > I thought like you, but: > - "cgroupfs-mount" was developed in such a way that it does nothing > when it detects that another initializer is at work (fstab way > included). > - It was added as a dependency of "liblxc1", not a recommend. > But no problems, it will work fine. It is a dependency if there is no systemd, yeah. What I wanted to avoid is a system with no cgroupfs-mount installed (possible with the current depends line) and sysvinit used with some other means of mounting cgroupfs. I know, it's quite constructed, but oh well :) > Otherwise, to be perfectly clean, what do you think of adding > "cgroupfs-mount" in recommends (or dependencies if in "required") on > "lxc" package ? given it's a noop on systemd systems it should be safe, but I kinda dislike pulling in packages we do not really need. we could add the same cgroupfs-mount | systemd construct as in liblxc1, but what result do you expect from that? the (weak) dependency is there anyways.
Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Hi, Le 12/01/2017 à 09:44, Evgeni Golov a écrit : > Hi, > > On Wed, Jan 11, 2017 at 10:49:49PM +0100, Thibaut Chèze wrote: >> I reopen this because I have seen another side effect. >> The LXC containers fail to start automatically during boot. > I'd argue that it is a slightly different (but totally related) bug. > But as you already merged this with #850212, let's handle it as one. I was a little too "enthusiastic", sorry. > ... >> -# Required-Start: $syslog $remote_fs >> -# Required-Stop: $syslog $remote_fs >> +# Required-Start: $syslog $remote_fs cgroupfs-mount >> +# Required-Stop: $syslog $remote_fs cgroupfs-mount >> # Should-Start: >> # Should-Stop: >> # Default-Start: 2 3 4 5 > I'd add it to Should-*, not Required-*, as it is perfectly fine to have > a different cgroupfs initializer. > Will discuss with upstream and include in the next upload. > > I thought like you, but: - "cgroupfs-mount" was developed in such a way that it does nothing when it detects that another initializer is at work (fstab way included). - It was added as a dependency of "liblxc1", not a recommend. But no problems, it will work fine. Otherwise, to be perfectly clean, what do you think of adding "cgroupfs-mount" in recommends (or dependencies if in "required") on "lxc" package ? Thanks, Regards, signature.asc Description: OpenPGP digital signature
Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Hi,
On Wed, Jan 11, 2017 at 10:49:49PM +0100, Thibaut Chèze wrote:
> I reopen this because I have seen another side effect.
> The LXC containers fail to start automatically during boot.
I'd argue that it is a slightly different (but totally related) bug.
But as you already merged this with #850212, let's handle it as one.
> I attach a patch to fix this.
> I haven't tested with "systemd" as "init", but I think it's not a
> problem ("systemd" doesn't use /etc/init.d/lxc script, right ?).
Correct, systemd uses a native unit.
And even if it would not: cgroupfs-mount does "the right thing" under
systemd.
> -# Required-Start: $syslog $remote_fs
> -# Required-Stop: $syslog $remote_fs
> +# Required-Start: $syslog $remote_fs cgroupfs-mount
> +# Required-Stop: $syslog $remote_fs cgroupfs-mount
> # Should-Start:
> # Should-Stop:
> # Default-Start: 2 3 4 5
I'd add it to Should-*, not Required-*, as it is perfectly fine to have
a different cgroupfs initializer.
Will discuss with upstream and include in the next upload.
Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Hi,
I reopen this because I have seen another side effect.
The LXC containers fail to start automatically during boot.
I attach a patch to fix this.
I haven't tested with "systemd" as "init", but I think it's not a
problem ("systemd" doesn't use /etc/init.d/lxc script, right ?).
Best regards,
--- /etc/init.d/lxc.orig 2017-01-11 11:47:00.0 +0100
+++ /etc/init.d/lxc 2017-01-11 11:48:00.0 +0100
@@ -7,8 +7,8 @@
#
### BEGIN INIT INFO
# Provides: lxc
-# Required-Start: $syslog $remote_fs
-# Required-Stop: $syslog $remote_fs
+# Required-Start: $syslog $remote_fs cgroupfs-mount
+# Required-Stop: $syslog $remote_fs cgroupfs-mount
# Should-Start:
# Should-Stop:
# Default-Start: 2 3 4 5
signature.asc
Description: OpenPGP digital signature
Bug#844086: [pkg-lxc-devel] Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Hi, On Sat, Nov 12, 2016 at 11:35:21AM +0100, Thibaut Chèze wrote: > After an upgrade from /1:2.0.4-1/, lxc containers fails to start on > /SysV init/. > It seems that it is following the removal of "cgmanager" support. Right. > A workaround is to install the "cgroupfs-mount" package or manually > mount /cgroups/. Yupp, I forgot that when I ripped out cgmanager, sorry. > Could you add some information to help ? Maybe update dependencies > (recommended or suggested, like previously "cgmanager") on "systemd" or > "cgroupfs-mount" for /cgroups/ settings. > Note: On my system, "systemd" is installed (required by other services), > but is not used as /init/. https://anonscm.debian.org/cgit/pkg-lxc/lxc.git/commit/?id=4f5f71fb39d52a7c0927fb10709c592e39cfe300 Sadly we cannot detect if systemd is pid1 for dependencies (as not everybody has systemd-sysv installed when running systemd as init). Regards Evgeni
Bug#844086: lxc: On "sysv-init", fail to initialize cgroup since "cgmanager" support dropped.
Package: lxc Version: 1:2.0.5-3 Severity: important Tags: newcomer Found: 1:2.0.5-1 Notfound: 1:2.0.4-1 Hi, After an upgrade from /1:2.0.4-1/, lxc containers fails to start on /SysV init/. It seems that it is following the removal of "cgmanager" support. A workaround is to install the "cgroupfs-mount" package or manually mount /cgroups/. Could you add some information to help ? Maybe update dependencies (recommended or suggested, like previously "cgmanager") on "systemd" or "cgroupfs-mount" for /cgroups/ settings. Note: On my system, "systemd" is installed (required by other services), but is not used as /init/. -- Before "cgroupfs-mount" installation: --- lxc-start logs: lxc-start: cgroups/cgfs.c: cgfs_init: 2288 cgroupfs failed to detect cgroup metadata lxc-start: start.c: lxc_spawn: 1094 failed initializing cgroup support lxc-start: start.c: __lxc_start: 1354 failed to spawn 'test-container' lxc-start: tools/lxc_start.c: main: 344 The container failed to start. --- lxc-checkconfig outputs: Kernel configuration not found at /proc/config.gz; searching... Kernel configuration found at /boot/config-4.7.0-1-amd64 --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled --- Control groups --- Cgroup: enabled Cgroup namespace: required Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: enabled Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled Bridges: enabled Advanced netfilter: enabled CONFIG_NF_NAT_IPV4: enabled CONFIG_NF_NAT_IPV6: enabled CONFIG_IP_NF_TARGET_MASQUERADE: enabled CONFIG_IP6_NF_TARGET_MASQUERADE: enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled FUSE (for use with lxcfs): enabled --- Checkpoint/Restore --- checkpoint restore: enabled CONFIG_FHANDLE: enabled CONFIG_EVENTFD: enabled CONFIG_EPOLL: enabled CONFIG_UNIX_DIAG: enabled CONFIG_INET_DIAG: enabled CONFIG_PACKET_DIAG: enabled CONFIG_NETLINK_DIAG: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig -- After "cgroupfs-mount" installation: --- lxc-checkconfig outputs: Kernel configuration not found at /proc/config.gz; searching... Kernel configuration found at /boot/config-4.7.0-1-amd64 --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled --- Control groups --- Cgroup: enabled Cgroup clone_children flag: enabled Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: enabled Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled Bridges: enabled Advanced netfilter: enabled CONFIG_NF_NAT_IPV4: enabled CONFIG_NF_NAT_IPV6: enabled CONFIG_IP_NF_TARGET_MASQUERADE: enabled CONFIG_IP6_NF_TARGET_MASQUERADE: enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled FUSE (for use with lxcfs): enabled --- Checkpoint/Restore --- checkpoint restore: enabled CONFIG_FHANDLE: enabled CONFIG_EVENTFD: enabled CONFIG_EPOLL: enabled CONFIG_UNIX_DIAG: enabled CONFIG_INET_DIAG: enabled CONFIG_PACKET_DIAG: enabled CONFIG_NETLINK_DIAG: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig --- Added mount entries: cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,relatime,cpuset,release_agent=/run/cgmanager/agents/cgm-release-agent.cpuset,clone_children) cgroup on /sys/fs/cgroup/cpu type cgroup (rw,relatime,cpu,release_agent=/run/cgmanager/agents/cgm-release-agent.cpu) cgroup on /sys/fs/cgroup/cpuacct type cgroup (rw,relatime,cpuacct,release_agent=/run/cgmanager/agents/cgm-release-agent.cpuacct) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,relatime,blkio,release_agent=/run/cgmanager/agents/cgm-release-agent.blkio) cgroup on /sys/fs/cgroup/memory type cgroup (rw,relatime,memory,release_agent=/run/cgmanager/agents/cgm-release-agent.memory) cgroup on /sys/fs/cgroup/devices type cgroup (rw,relatime,devices,release_agent=/run/cgmanager/agents/cgm-release-agent.devices) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,relatime,freezer,release_agent=/run/cgmanager/agents/cgm-release-agent.freezer) cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,relatime,net_cls,release_agent=/run/cgmanager/agents/cgm-release-agent.net_cls) cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,relatime,perf_event,release_agent=/run/cgmanager/agents/cgm-release-agent.perf_event) cgroup on /sys/fs/cgroup/net_prio type cgroup (rw,relatime,net_prio,release_agent=/run/cgmanager/agents/cgm-release-agent.net_prio) cgroup on /sys/fs/cgroup/pids type cgroup
