Re: [lxc-devel] lxc-create: file-based capabilities are lost
Quoting Harald Dunkel (harald.dun...@aixigo.de): > Hi Serge, > > On 06/14/16 17:10, Serge E. Hallyn wrote: > > > > Well I notice that copy_debian() rsyncs without -X. Does > > adding -X fix it for you? > > Using "rsync -SHaAX" in lxc-debian it works (on Jessie). > Attached you can find a suggested patch for all (lxc 1.1.5). Thanks this looks good. Do you mind sending a signed-off-by? > Thanx for your help > Harri > > Index: lxc-1.1.5.1/templates/lxc-altlinux.in > === > --- lxc-1.1.5.1.orig/templates/lxc-altlinux.in > +++ lxc-1.1.5.1/templates/lxc-altlinux.in > @@ -208,7 +208,7 @@ copy_altlinux() > #cp -a $cache/rootfs-$arch $rootfs_path || return 1 > # i prefer rsync (no reason really) > mkdir -p $rootfs_path > -rsync -Ha $cache/rootfs/ $rootfs_path/ > +rsync -SHaAX $cache/rootfs/ $rootfs_path/ > return 0 > } > > Index: lxc-1.1.5.1/templates/lxc-centos.in > === > --- lxc-1.1.5.1.orig/templates/lxc-centos.in > +++ lxc-1.1.5.1/templates/lxc-centos.in > @@ -512,7 +512,7 @@ copy_centos() > #cp -a $cache/rootfs-$arch $rootfs_path || return 1 > # i prefer rsync (no reason really) > mkdir -p $rootfs_path > -rsync -a $cache/rootfs/ $rootfs_path/ > +rsync -SHaAX $cache/rootfs/ $rootfs_path/ > echo > return 0 > } > Index: lxc-1.1.5.1/templates/lxc-debian.in > === > --- lxc-1.1.5.1.orig/templates/lxc-debian.in > +++ lxc-1.1.5.1/templates/lxc-debian.in > @@ -283,7 +283,7 @@ copy_debian() > # make a local copy of the minidebian > echo -n "Copying rootfs to $rootfs..." > mkdir -p $rootfs > -rsync -Ha "$cache/rootfs-$release-$arch"/ $rootfs/ || return 1 > +rsync -SHaAX "$cache/rootfs-$release-$arch"/ $rootfs/ || return 1 > return 0 > } > > Index: lxc-1.1.5.1/templates/lxc-fedora.in > === > --- lxc-1.1.5.1.orig/templates/lxc-fedora.in > +++ lxc-1.1.5.1/templates/lxc-fedora.in > @@ -641,7 +641,7 @@ This will take a couple of minutes. Pat > > echo "Creating Stage 1 r/w copy of r/o Stage 0 squashfs image from > LiveOS." > > -rsync -aAHS stage0/. stage1/ > +rsync -aAHSX stage0/. stage1/ > > umount stage0 > umount squashfs > @@ -1015,7 +1015,7 @@ copy_fedora() > #cp -a $cache/rootfs-$basearch $rootfs_path || return 1 > # i prefer rsync (no reason really) > mkdir -p $rootfs_path > -rsync -Ha $cache/rootfs/ $rootfs_path/ > +rsync -SHaAX $cache/rootfs/ $rootfs_path/ > echo > return 0 > } > Index: lxc-1.1.5.1/templates/lxc-openmandriva.in > === > --- lxc-1.1.5.1.orig/templates/lxc-openmandriva.in > +++ lxc-1.1.5.1/templates/lxc-openmandriva.in > @@ -155,7 +155,7 @@ copy_openmandriva() > > echo -n "Copying rootfs to $rootfs_path ..." > mkdir -p $rootfs_path > -rsync -Ha $cache/rootfs/ $rootfs_path/ > +rsync -SHaAX $cache/rootfs/ $rootfs_path/ > return 0 > } > > Index: lxc-1.1.5.1/templates/lxc-opensuse.in > === > --- lxc-1.1.5.1.orig/templates/lxc-opensuse.in > +++ lxc-1.1.5.1/templates/lxc-opensuse.in > @@ -221,7 +221,7 @@ copy_opensuse() > # make a local copy of the mini opensuse > echo "Copying rootfs to $rootfs ..." > mkdir -p $rootfs > -rsync -Ha $cache/rootfs-$arch/ $rootfs/ || return 1 > +rsync -SHaAX $cache/rootfs-$arch/ $rootfs/ || return 1 > return 0 > } > > Index: lxc-1.1.5.1/templates/lxc-ubuntu.in > === > --- lxc-1.1.5.1.orig/templates/lxc-ubuntu.in > +++ lxc-1.1.5.1/templates/lxc-ubuntu.in > @@ -413,7 +413,7 @@ copy_ubuntu() >btrfs subvolume snapshot $cache/rootfs-$arch $realrootfs || return 1 >[ "$rootfs" = "$realrootfs" ] || mount --bind $realrootfs $rootfs || > return 1 > else > - rsync -Ha $cache/rootfs-$arch/ $rootfs/ || return 1 > + rsync -SHaAX $cache/rootfs-$arch/ $rootfs/ || return 1 > fi > return 0 > } > ___ > lxc-devel mailing list > lxc-devel@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-devel ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/master] Update README.md
The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2123 This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === the example was improved to mount shared folder inside container from host From 376a17fc6cb0d58ff4a635933883de4aeee3b717 Mon Sep 17 00:00:00 2001 From: Nicolas Lastra Date: Wed, 15 Jun 2016 13:24:05 -0300 Subject: [PATCH] Update README.md the example was improved to mount shared folder inside container from host --- README.md | 6 -- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index e8d3d68..ad275e0 100644 --- a/README.md +++ b/README.md @@ -311,8 +311,10 @@ lxc-devel, and we can escalate to CRIU lists as necessary. Yes. The easiest way to do that is using a privileged container: -lxc launch ubuntu priv -c security.privileged=true -lxc config device add priv homedir disk source=/home/$USER path=/home/ubuntu +lxc launch ubuntu privilegedContainerName -c security.privileged=true +or +lxc config set privilegedContainerName security.privileged true +lxc config device add privilegedContainerName homedir disk source=/home/$USER path=/home/ubuntu How can I run docker inside a LXD container? ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
[lxc-devel] [lxd/stable-2.0] Stable 2.0/simplify migration code
The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/2122
This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.
=== Description (from pull-request) ===
cherry picks of a few commits from master
From 26404a098eca76ac1c05cfe2b1acff563d96bc0f Mon Sep 17 00:00:00 2001
From: Tycho Andersen
Date: Wed, 1 Jun 2016 10:40:55 -0600
Subject: [PATCH 1/2] c/r: switch to the new ->migrate API
We'll use this in the next patch to enable use of new liblxc features.
Signed-off-by: Tycho Andersen
---
lxd/container.go | 5 ++---
lxd/container_lxc.go | 14 +-
lxd/migrate.go | 3 +--
3 files changed, 12 insertions(+), 10 deletions(-)
diff --git a/lxd/container.go b/lxd/container.go
index 9c196ca..cf7884f 100644
--- a/lxd/container.go
+++ b/lxd/container.go
@@ -341,7 +341,7 @@ type container interface {
// Snapshots & migration
Restore(sourceContainer container) error
- Checkpoint(opts lxc.CheckpointOptions) error
+ Migrate(cmd uint, stateDir string, stop bool) error
StartFromMigration(imagesDir string) error
Snapshots() ([]container, error)
@@ -527,8 +527,7 @@ func containerCreateAsSnapshot(d *Daemon, args
containerArgs, sourceContainer co
* after snapshotting will fail.
*/
- opts := lxc.CheckpointOptions{Directory: stateDir, Stop: false,
Verbose: true}
- err = sourceContainer.Checkpoint(opts)
+ err = sourceContainer.Migrate(lxc.MIGRATE_DUMP, stateDir, false)
err2 := CollectCRIULogFile(sourceContainer, stateDir,
"snapshot", "dump")
if err2 != nil {
shared.Log.Warn("failed to collect criu log file",
log.Ctx{"error": err2})
diff --git a/lxd/container_lxc.go b/lxd/container_lxc.go
index 2f48cfa..6f3f117 100644
--- a/lxd/container_lxc.go
+++ b/lxd/container_lxc.go
@@ -1385,8 +1385,7 @@ func (c *containerLXC) Stop(stateful bool) error {
}
// Checkpoint
- opts := lxc.CheckpointOptions{Directory: stateDir, Stop: true,
Verbose: true}
- err = c.Checkpoint(opts)
+ err = c.Migrate(lxc.MIGRATE_DUMP, stateDir, true)
err2 := CollectCRIULogFile(c, stateDir, "snapshot", "dump")
if err2 != nil {
shared.Log.Warn("failed to collect criu log file",
log.Ctx{"error": err2})
@@ -2712,14 +2711,19 @@ func (c *containerLXC) Export(w io.Writer) error {
return tw.Close()
}
-func (c *containerLXC) Checkpoint(opts lxc.CheckpointOptions) error {
- // Load the go-lxc struct
+func (c *containerLXC) Migrate(cmd uint, stateDir string, stop bool) error {
err := c.initLXC()
if err != nil {
return err
}
- return c.c.Checkpoint(opts)
+ opts := lxc.MigrateOptions{
+ Stop: stop,
+ Directory: stateDir,
+ Verbose: true,
+ }
+
+ return c.c.Migrate(cmd, opts)
}
func (c *containerLXC) TemplateApply(trigger string) error {
diff --git a/lxd/migrate.go b/lxd/migrate.go
index fdaab35..627e6d0 100644
--- a/lxd/migrate.go
+++ b/lxd/migrate.go
@@ -368,8 +368,7 @@ func (s *migrationSourceWs) Do(op *operation) error {
}
defer os.RemoveAll(checkpointDir)
- opts := lxc.CheckpointOptions{Stop: true, Directory:
checkpointDir, Verbose: true}
- err = s.container.Checkpoint(opts)
+ err = s.container.Migrate(lxc.MIGRATE_DUMP, checkpointDir, true)
if err2 := CollectCRIULogFile(s.container, checkpointDir,
"migration", "dump"); err2 != nil {
shared.Debugf("Error collecting checkpoint log file
%s", err)
From aba85baec275f692c4d1adff044df577518a7055 Mon Sep 17 00:00:00 2001
From: Tycho Andersen
Date: Tue, 14 Jun 2016 17:40:34 +
Subject: [PATCH 2/2] simplify checkpoint/restore code everywhere
Some problems:
* We had various entry points for migration, each which collected logs in
various different and inconsistent ways.
* We also had the StartFromMigrate call, and a Migrate() to which you could
pass lxc.MIGRATE_RESTORE, which wasn't an obvious API.
* at each point we had a check that did the rootfs shifting if necessary
* we had to do findCriu everywhere manually
Now that we have a Migrate() call, let's just route everything through
that, and handle all of this in a uniform way.
Note that some findCriu calls are still prudent to do e.g. in snapshot
restore, before we actually do all the filesystem work to restore stuff if
the snapshot is stateful. I've left those sorts of calls in.
Note: this is a modified version (dropping the preserveInodes bits) from
31f1e20ca1c97e5a0b857502697fb1f9c6a8b5af.
Signed-off-by: Tycho Andersen
---
lxd/container.go
Re: [lxc-devel] lxc-create: file-based capabilities are lost
Hi Serge, On 06/14/16 17:10, Serge E. Hallyn wrote: > > Well I notice that copy_debian() rsyncs without -X. Does > adding -X fix it for you? Using "rsync -SHaAX" in lxc-debian it works (on Jessie). Attached you can find a suggested patch for all (lxc 1.1.5). Thanx for your help Harri Index: lxc-1.1.5.1/templates/lxc-altlinux.in === --- lxc-1.1.5.1.orig/templates/lxc-altlinux.in +++ lxc-1.1.5.1/templates/lxc-altlinux.in @@ -208,7 +208,7 @@ copy_altlinux() #cp -a $cache/rootfs-$arch $rootfs_path || return 1 # i prefer rsync (no reason really) mkdir -p $rootfs_path -rsync -Ha $cache/rootfs/ $rootfs_path/ +rsync -SHaAX $cache/rootfs/ $rootfs_path/ return 0 } Index: lxc-1.1.5.1/templates/lxc-centos.in === --- lxc-1.1.5.1.orig/templates/lxc-centos.in +++ lxc-1.1.5.1/templates/lxc-centos.in @@ -512,7 +512,7 @@ copy_centos() #cp -a $cache/rootfs-$arch $rootfs_path || return 1 # i prefer rsync (no reason really) mkdir -p $rootfs_path -rsync -a $cache/rootfs/ $rootfs_path/ +rsync -SHaAX $cache/rootfs/ $rootfs_path/ echo return 0 } Index: lxc-1.1.5.1/templates/lxc-debian.in === --- lxc-1.1.5.1.orig/templates/lxc-debian.in +++ lxc-1.1.5.1/templates/lxc-debian.in @@ -283,7 +283,7 @@ copy_debian() # make a local copy of the minidebian echo -n "Copying rootfs to $rootfs..." mkdir -p $rootfs -rsync -Ha "$cache/rootfs-$release-$arch"/ $rootfs/ || return 1 +rsync -SHaAX "$cache/rootfs-$release-$arch"/ $rootfs/ || return 1 return 0 } Index: lxc-1.1.5.1/templates/lxc-fedora.in === --- lxc-1.1.5.1.orig/templates/lxc-fedora.in +++ lxc-1.1.5.1/templates/lxc-fedora.in @@ -641,7 +641,7 @@ This will take a couple of minutes. Pat echo "Creating Stage 1 r/w copy of r/o Stage 0 squashfs image from LiveOS." -rsync -aAHS stage0/. stage1/ +rsync -aAHSX stage0/. stage1/ umount stage0 umount squashfs @@ -1015,7 +1015,7 @@ copy_fedora() #cp -a $cache/rootfs-$basearch $rootfs_path || return 1 # i prefer rsync (no reason really) mkdir -p $rootfs_path -rsync -Ha $cache/rootfs/ $rootfs_path/ +rsync -SHaAX $cache/rootfs/ $rootfs_path/ echo return 0 } Index: lxc-1.1.5.1/templates/lxc-openmandriva.in === --- lxc-1.1.5.1.orig/templates/lxc-openmandriva.in +++ lxc-1.1.5.1/templates/lxc-openmandriva.in @@ -155,7 +155,7 @@ copy_openmandriva() echo -n "Copying rootfs to $rootfs_path ..." mkdir -p $rootfs_path -rsync -Ha $cache/rootfs/ $rootfs_path/ +rsync -SHaAX $cache/rootfs/ $rootfs_path/ return 0 } Index: lxc-1.1.5.1/templates/lxc-opensuse.in === --- lxc-1.1.5.1.orig/templates/lxc-opensuse.in +++ lxc-1.1.5.1/templates/lxc-opensuse.in @@ -221,7 +221,7 @@ copy_opensuse() # make a local copy of the mini opensuse echo "Copying rootfs to $rootfs ..." mkdir -p $rootfs -rsync -Ha $cache/rootfs-$arch/ $rootfs/ || return 1 +rsync -SHaAX $cache/rootfs-$arch/ $rootfs/ || return 1 return 0 } Index: lxc-1.1.5.1/templates/lxc-ubuntu.in === --- lxc-1.1.5.1.orig/templates/lxc-ubuntu.in +++ lxc-1.1.5.1/templates/lxc-ubuntu.in @@ -413,7 +413,7 @@ copy_ubuntu() btrfs subvolume snapshot $cache/rootfs-$arch $realrootfs || return 1 [ "$rootfs" = "$realrootfs" ] || mount --bind $realrootfs $rootfs || return 1 else - rsync -Ha $cache/rootfs-$arch/ $rootfs/ || return 1 + rsync -SHaAX $cache/rootfs-$arch/ $rootfs/ || return 1 fi return 0 } ___ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel
