[lxc-users] nested containers
Hi,Is there anyway we can have nested containers/cgroups. One parent container forming the basis for children containers. i.e subset of parent container. RegardsMohan ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
[lxc-users] LXC on ia64 processor
Hello, again to the topic of LXC on processors ia64, after compiling lxc-1.1 on a kernel 3.13.6, on debian Wheezy, I commented some of the problematic that I are presenting. As an adjunct to this email is the output of ./configure action after having installed some basic dependencies and before making the compilation. and afterwards I run make and make install Once done this, run the command lxc-checkconfig, obtaining Kernel configuration not found at /proc/config.gz; searching... Kernel configuration found at /boot/config-3.13.6 --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled Multiple /dev/pts instances: enabled --- Control groups --- Cgroup: enabled Cgroup clone_children flag: enabled Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: enabled Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/local/bin/lxc-checkconfig Below run lxc-create -n vm1 -t debian and obtaining debootstrap is /usr/sbin/debootstrap Invalid release , valid ones are: squeeze wheezy jessie sid lxc_container: lxccontainer.c: create_run_template: 1093 container creation template for vm1 failed lxc_container: lxc_create.c: main: 274 Error creating container vm1 I get an error related to the release of debian, you specify the option -r with value wheezy and gave me the same error. Then I run to prevent the error templates lxc-create -n vm1 -t none and obtaining lxc_container: lxc_create.c: main: 274 Error creating container vm1 .. We'll be very grateful if you could help me solve this. Ariel Santana Alba. "Lo mas importante no es hacer cosas extraordinarias, sino hacer las cosas ordinarias extraordinariamente bien" checking for pkg-config... no checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... no checking for mawk... mawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking build system type... ia64-unknown-linux-gnu checking host system type... ia64-unknown-linux-gnu checking for style of include used by make... GNU checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking dependency style of gcc... gcc3 checking how to run the C preprocessor... gcc -E checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking minix/config.h usability... no checking minix/config.h presence... no checking for minix/config.h... no checking whether it is safe to define __EXTENSIONS__... yes checking host distribution... debian checking for init system type... upstart,systemd checking for docbook2x-man... no checking for doxygen... no checking for aa_change_profile in -lapparmor... no checking for gnutls_hash_fast in -lgnutls... no checking for setexeccon_raw in -lselinux... no checking for seccomp_init in -lseccomp... no checking for cgmanager_create in -lcgmanager... no checking for get_pid_cgroup_abs_sync... checking for library containing cgmanager_get_pid_cgroup_abs_sync... no no checking for cap_init in -lcap... yes checking for cap_set_proc in -lcap... yes checking for cap_set_proc in -lcap... (cached) yes checking for scmp_filter_ctx... no checking whether seccomp_syscall_resolve_name_arch is declared... no checking for PYTHONDEV... no checking for LUA... no checking for LUA... no checking for LUA... no checking Whether to place logfiles in container config path... no checking for linux/unistd.h... yes checking for linux/netlink.h... yes checking for linux/genetlink.h... yes checking for bionic libc... no checking whether PR_CAPBSET_DROP is declared... yes checking sys/signalfd.h usability... yes checking sys/signalfd.h presence... yes checking for sys/signalfd.h... yes checking pty.h usability... yes checking pty.h presence... yes checking for pty.h... yes checking ifaddrs.h usability... yes checking ifaddrs.h presence... yes che
Re: [lxc-users] Issue building Kali inside container
Never mind my last message. It seems chroot chroot dpkg --configure -a Was just what the doctor ordered. Problem solved. -- "Yo, yo. I'm real happy for ya, and I'm glad you can read, but first, I wanna say that Seann has the best email signatures of all time. OF ALL TIME!" -- Kanye West, 2009 Email Signature Awards http://www.facebook.com/sdgiffin On 3 March 2015 at 12:23, Seªnn Giƒƒin wrote: > Running LXC on Ubuntu 14.04.1 x64. I'm trying to build a container for > Kali that will be used to build a non-PAE .ISO which will in turn be used > on a live machine. > > I have attempted to use the template solution provided at > https://github.com/lxc/lxc/issues/140 by copying the existing template > for Wheezy, and adding the noted lines. > > While it builds a Wheezy container with the Kali repos included, I can't > get the .ISO to build inside the container: > > Need to get 3457 MB of archives. > After this operation, 8304 MB of additional disk space will be used. > Get:1 http://archive.kali.org/kali/ kali/main bash-completion all > 1:2.0-1 [193 kB] > ... > Get:2464 http://archive.kali.org/kali/ kali/non-free zd1211-firmware > all 2.21.0.0-1 [16.5 kB] > Fetched 3457 MB in 6min 48s (8454 kB/s) > Extracting templates from packages: 100% > Preconfiguring packages ... > Selecting previously unselected package bash-completion. > (Reading database ... 9329 files and directories currently installed.) > ... > Unpacking libaspell15 (from > .../libaspell15_0.60.7~20110707-1_i386.deb) ... > Selecting previously unselected package dictionaries-common. > Unpacking dictionaries-common (from > .../dictionaries-common_1.12.11_all.deb) ... > Adding 'diversion of /usr/share/dict/words to > /usr/share/dict/words.pre-dictionaries-common by dictionaries-common' > dpkg: unrecoverable fatal error, aborting: > failed to fstat previous diversions file: No such file or directory > E: Sub-process /usr/bin/dpkg returned an error code (2) > P: Begin unmounting filesystems... > P: Saving caches... > E: dpkg was interrupted, you must manually run 'dpkg --configure -a' > to correct the problem. > > So I tried a Kali-specific template from > https://github.com/dulin/lxc-kali/blob/master/lxc-kali but that fails to > even create the template: > > root@black-beast:~# lxc-create -n kali-testing -t kali > getopt: unrecognized option '--rootfs=/var/lib/lxc/kali-testing/rootfs' > lxc-kali -h|--help -p|--path= --clean > lxc_container: lxccontainer.c: create_run_template: 1125 container > creation template for kali-testing failed > lxc_container: lxc_create.c: main: 271 Error creating container > kali-testing > > Here's what I know: > 1. The modified Wheezy container only has problems build a Kali image. > Otherwise, it seems fine. > 2. Obviously, the template from Dulin is severely flawed (at least on > Ubuntu), and I doubt that can be easily fixed. > > What I don't know: > 1. Is it a problem only inside a container? > 2. Is it a problem only in my container? > 3. When building inside a container, are extra or special steps > required? > > I've tried getting help on the Kali forums and from the container author, > but nobody seems able or willing to help. Is there something about LXC that > would prevent me from building the custom image? I followed the > instructions on > http://docs.kali.org/downloading/live-build-a-custom-kali-iso to the > letter, but it's just not working and I'm reaching out to you guys as a > last-ditch effort to get help hoping somebody has some ideas. > > My original post in the Kali forums is located at > https://forums.kali.org/showthread.php?24557-Problem-building-Kali-in-LXC-conatiner-for-non-pae-on-Ubuntu-14-04-1-x64 > if anybody wants the additional details included there. > > -- > "Yo, yo. I'm real happy for ya, and I'm glad you can read, but first, I > wanna say that Seann has the best email signatures of all time. OF ALL > TIME!" -- Kanye West, 2009 Email Signature Awards > > http://www.facebook.com/sdgiffin > > ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
[lxc-users] Issue building Kali inside container
Running LXC on Ubuntu 14.04.1 x64. I'm trying to build a container for Kali that will be used to build a non-PAE .ISO which will in turn be used on a live machine. I have attempted to use the template solution provided at https://github.com/lxc/lxc/issues/140 by copying the existing template for Wheezy, and adding the noted lines. While it builds a Wheezy container with the Kali repos included, I can't get the .ISO to build inside the container: Need to get 3457 MB of archives. After this operation, 8304 MB of additional disk space will be used. Get:1 http://archive.kali.org/kali/ kali/main bash-completion all 1:2.0-1 [193 kB] ... Get:2464 http://archive.kali.org/kali/ kali/non-free zd1211-firmware all 2.21.0.0-1 [16.5 kB] Fetched 3457 MB in 6min 48s (8454 kB/s) Extracting templates from packages: 100% Preconfiguring packages ... Selecting previously unselected package bash-completion. (Reading database ... 9329 files and directories currently installed.) ... Unpacking libaspell15 (from .../libaspell15_0.60.7~20110707-1_i386.deb) ... Selecting previously unselected package dictionaries-common. Unpacking dictionaries-common (from .../dictionaries-common_1.12.11_all.deb) ... Adding 'diversion of /usr/share/dict/words to /usr/share/dict/words.pre-dictionaries-common by dictionaries-common' dpkg: unrecoverable fatal error, aborting: failed to fstat previous diversions file: No such file or directory E: Sub-process /usr/bin/dpkg returned an error code (2) P: Begin unmounting filesystems... P: Saving caches... E: dpkg was interrupted, you must manually run 'dpkg --configure -a' to correct the problem. So I tried a Kali-specific template from https://github.com/dulin/lxc-kali/blob/master/lxc-kali but that fails to even create the template: root@black-beast:~# lxc-create -n kali-testing -t kali getopt: unrecognized option '--rootfs=/var/lib/lxc/kali-testing/rootfs' lxc-kali -h|--help -p|--path= --clean lxc_container: lxccontainer.c: create_run_template: 1125 container creation template for kali-testing failed lxc_container: lxc_create.c: main: 271 Error creating container kali-testing Here's what I know: 1. The modified Wheezy container only has problems build a Kali image. Otherwise, it seems fine. 2. Obviously, the template from Dulin is severely flawed (at least on Ubuntu), and I doubt that can be easily fixed. What I don't know: 1. Is it a problem only inside a container? 2. Is it a problem only in my container? 3. When building inside a container, are extra or special steps required? I've tried getting help on the Kali forums and from the container author, but nobody seems able or willing to help. Is there something about LXC that would prevent me from building the custom image? I followed the instructions on http://docs.kali.org/downloading/live-build-a-custom-kali-iso to the letter, but it's just not working and I'm reaching out to you guys as a last-ditch effort to get help hoping somebody has some ideas. My original post in the Kali forums is located at https://forums.kali.org/showthread.php?24557-Problem-building-Kali-in-LXC-conatiner-for-non-pae-on-Ubuntu-14-04-1-x64 if anybody wants the additional details included there. -- "Yo, yo. I'm real happy for ya, and I'm glad you can read, but first, I wanna say that Seann has the best email signatures of all time. OF ALL TIME!" -- Kanye West, 2009 Email Signature Awards http://www.facebook.com/sdgiffin ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
[lxc-users] "working" centos 7 container under ubuntu
Hi, Since systemd-219 is out, I decided to test it again for centos 7 container. It works cleaner than the previous attempt (218), no need for custom hook script anymore. Tested and works: - container start & stop (privileged container) - lxc-console - lxc-attach - login via ssh unprivileged container still shows many errors (including errors about systemd-journald and crash during poweroff), so I suggest you don't use it for now. Host: - ubuntu 14.10, with ppa:ubuntu-lxc/daily - lxc 1.1.0+master~20150224-0137-0ubuntu1~utopic, lxcfs 0.6-0ubuntu1~ubuntu14.10.1~ppa1 Built RPMs, dependency, and SRPM: https://drive.google.com/folderview?id=0BzJrniucvUn3fmRYemdwYVdHUVFNTUN4V05LVmhEbGpjTWRhcTlkYm52VUU3WVpnZG9ndzg&usp=sharing The original SRPM was from http://koji.fedoraproject.org/koji/buildinfo?buildID=614896, with added ubuntu patch for unprivileged container support from http://packages.ubuntu.com/vivid/systemd Steps: - create the container (I use zfs, use whatever backing store you prefer) # lxc-create -n c7 -B zfs --zfsroot=rpool/lxc -t download -- -d centos -r 7 -a amd64 - edit container config file (e.g. /var/lib/lxc/c7/config), change "centos.common.conf" to "fedora.common.conf" - download RPMs to container root download all files under RPMS-install in the above gdrive link. The ones newly built are under "rebuild", while the ones under "centos" and "fedora" are dependencies which can also be downloaded from your prefered centos & fedora mirrors. - chroot, and install downloaded RPMs # chroot /var/lib/lxc/c7/rootfs # rpm -Uvh RPMS-install/*/*.rpm # exit - start in foreground # lxc-start -F -n c7 systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP -BLKID +ELFUTILS +KMOD +IDN) Detected virtualization 'lxc'. Detected architecture 'x86-64'. Welcome to CentOS Linux 7 (Core)! Failed to install release agent, ignoring: No such file or directory Running in a container, ignoring fstab device entry for /dev/root. Overwriting existing symlink /run/systemd/generator.late/netconsole.service with real service Overwriting existing symlink /run/systemd/generator.late/network.service with real service Unit type .busname is not supported on this system. Unit type .device is not supported on this system. Unit type .automount is not supported on this system. Unit type .swap is not supported on this system. Cannot add dependency job for unit display-manager.service, ignoring: Unit display-manager.service failed to load: No such file or directory. Cannot add dependency job for unit systemd-readahead-replay.service, ignoring: Unit systemd-readahead-replay.service failed to load: No such file or directory. Cannot add dependency job for unit systemd-readahead-collect.service, ignoring: Unit systemd-readahead-collect.service failed to load: No such file or directory. [ OK ] Reached target Encrypted Volumes. [ OK ] Reached target Remote File Systems. [ OK ] Reached target Paths. [ OK ] Reached target Swap. [ OK ] Created slice Root Slice. [ OK ] Listening on /dev/initctl Compatibility Named Pipe. [ OK ] Listening on Journal Audit Socket. [ OK ] Created slice User and Session Slice. [ OK ] Listening on Journal Socket. [ OK ] Listening on Journal Socket (/dev/log). [ OK ] Created slice System Slice. Starting Remount Root and Kernel File Systems... Starting Journal Service... Mounting Huge Pages File System... [ OK ] Created slice system-container\x2dgetty.slice. Mounting Temporary Directory... Mounting POSIX Message Queue File System... [ OK ] Reached target Slices. [ OK ] Listening on Delayed Shutdown Socket. [ OK ] Created slice system-getty.slice. [ OK ] Mounted POSIX Message Queue File System. [ OK ] Mounted Huge Pages File System. [ OK ] Mounted Temporary Directory. [ OK ] Started Journal Service. [FAILED] Failed to start Remount Root and Kernel File Systems. See "systemctl status systemd-remount-fs.service" for details. Starting Configure read-only root support... Starting Create System Users... Starting Rebuild Hardware Database... Starting Rebuild Dynamic Linker Cache... Starting Load/Save Random Seed... Starting Flush Journal to Persistent Storage... [ OK ] Started Configure read-only root support. [ OK ] Started Create System Users. [ OK ] Started Rebuild Hardware Database. [ OK ] Started Rebuild Dynamic Linker Cache. [ OK ] Started Load/Save Random Seed. [ OK ] Reached target Local File Systems (Pre). [ OK ] Reached target Local File Systems. Starting Mark the need to relabel after reboot... Starting Rebuild Journal Catalog... [ OK ] Started Mark the need to relabel after reboot. [ OK ] Started Rebuild Journal Catalog. Starting Update is Completed... [ OK ] Started Flush Journal to Persistent Storage. [ OK ] Started Update is Com
Re: [lxc-users] Facing container freezes again
A month ago I solved the problem. I installed the package inetutils-syslogd to log system events. This package seems to crash silently with lxc, but keeps running. The services still try to send their logs to inetutils-syslogd and are waiting for a response. Because logs are send synchronously the waiting for a response is blocking. In many cases the applications do not timeout these requests which lead to non-responding services and a supposed freeze of the VM. I replaced the package inetutils-syslogd with rsyslogd and now it's working like a charm. Best regards, Lukas On Tue, Nov 11, 2014 at 10:27 PM, Lukas Schulze wrote: > HISTORY: > > After increasing the limits for opened files on the host and containers > the number of container freezes decreased, but still occurs. > The container don't react on lxc-console or ssh sessions and some services > in the container stop working, but other still work. Delivering a web page > does still work, but receiving an e-mail with postfix no longer works. > > It is really frustrating to don't get lxc working without freezes. > > My host system and containers are still up-to-date debians. > > Any system information can be found on > https://lists.linuxcontainers.org/pipermail/lxc-users/2014-July/007383.html > and > https://lists.linuxcontainers.org/pipermail/lxc-users/2014-September/007762.html > > > CURRENT PROBLEM: > > A few weeks ago a container stopped working again and I still had an > opened ssh session. > I was able to start new processes and even restart the service ssh, but I > could not open a second ssh session to this container. > When I restarted the network service my opened session closed and the > container was not responding anymore. So I had to restart the container. > > The current freezes seems to correlate with the network interfaces. But > till now I couldn't figure out any problems. > > > Host /etc/network/interfaces > ~~ > ... > auto br0 > iface br0 inet static > address 10.1.1.254 > netmask 255.255.255.0 > bridge_ports none > > > Client config > ~~ > lxc.network.type = veth > lxc.network.name = veth12 > lxc.network.flags = up > lxc.network.link = br0 > lxc.network.veth.pair = veth12-sid > lxc.network.ipv4 = 10.1.1.12/24 > lxc.network.ipv4.gateway = 10.1.1.254 > > > On https://wiki.debian.org/LXC/SimpleBridge they use a lot more > parameters. > What are your configuration options for virtual networking and bridges? > Is my configuration correct? Am I missing something? > > Are there any other good tutorials for configuring virtual networks for > lxc? > > > Thank you for your help. > > Best regards, > Lukas > > ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Start container from systemd
On Mon, 2015-03-02 at 17:15 +, Serge Hallyn wrote: > > ExecStart=/usr/bin/lxc-start -F -n ubtr1 > > Could you add "-l trace -o /tmp/lxc.out" to the ExecStart args here > and > show us the contents of /tmp/lxc.out? > NOTES: * Starting from systemd: - lxc-start -n .. doesn't work - lxc-start -f -n .. does work + but container cannot be stopped either * within systemd (ExecStop) .. doesn't work * from the cmdline (lxc-stop -n ) .. doesn't work - lxc-autostart -A .. does work + containers can be started and stopped #- SYSTEM SET UP -- # apt-get update # apt-get upgrade # dpkg-query -W lxc lxc 1.1.0+master~20150224-0137-0ubuntu1~vivid # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu Vivid Vervet (development branch) Release:15.04 Codename: vivid # reboot #- SYSTEMD SET UP -- # systemctl daemon-reload # systemctl cat lxc-start@ubtr1 [Unit] Description=Linux Container %I After=network.target [Service] Type=simple Restart=always ExecStart=/usr/bin/lxc-start -F -n %i -l trace -o /tmp/lxc.out ExecStop=/usr/bin/lxc-stop -n %i [Install] WantedBy=multi-user.target #- RUN -- # rm /tmp/lxc.out # systemctl start lxc-start@ubtr1 # journalctl -u lxc-start@ubtr1.service -- Logs begin at Tue 2015-03-03 09:08:19 UTC, end at Tue 2015-03-03 09:22:17 UTC. -- Mar 03 09:21:52 lxchst03 systemd[1]: Started Linux Container ubtr1. Mar 03 09:21:52 lxchst03 systemd[1]: Starting Linux Container ubtr1... Mar 03 09:21:52 lxchst03 lxc-start[1454]: lxc-start: lxc_start.c: main: 295 Executing '/sbin/init' with no configuration fi Mar 03 09:21:52 lxchst03 systemd[1]: lxc-start@ubtr1.service: main process exited, code=exited, status=1/FAILURE Mar 03 09:21:52 lxchst03 lxc-stop[1457]: ubtr1 is not running Mar 03 09:21:52 lxchst03 systemd[1]: lxc-start@ubtr1.service: control process exited, code=exited status=2 Mar 03 09:21:52 lxchst03 systemd[1]: Unit lxc-start@ubtr1.service entered failed state. Mar 03 09:21:52 lxchst03 systemd[1]: lxc-start@ubtr1.service failed. Mar 03 09:21:53 lxchst03 systemd[1]: lxc-start@ubtr1.service holdoff time over, scheduling restart. #- /tmp/lxc.out -- # cat /tmp/lxc.out lxc-start 1425374512.580 INFO lxc_start_ui - lxc_start.c:main:264 - using rcfile /var/lib/lxc/ ubtr1/config lxc-start 1425374512.580 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized lxc-start 1425374512.605 WARN lxc_cgmanager - cgmanager.c:cgm_get:962 - do_cgm_get exited with error lxc-start 1425374512.606 ERRORlxc_start_ui - lxc_start.c:main:295 - Executing '/sbin/init' with no configuration file may crash the host lxc-start 1425374513.156 INFO lxc_start_ui - lxc_start.c:main:264 - using rcfile /var/lib/lxc/ ubtr1/config lxc-start 1425374513.157 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized lxc-start 1425374513.179 WARN lxc_cgmanager - cgmanager.c:cgm_get:962 - do_cgm_get exited with error lxc-start 1425374513.180 ERRORlxc_start_ui - lxc_start.c:main:295 - Executing '/sbin/init' with no configuration file may crash the host lxc-start 1425374513.399 INFO lxc_start_ui - lxc_start.c:main:264 - using rcfile /var/lib/lxc/ ubtr1/config lxc-start 1425374513.399 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized lxc-start 1425374513.418 WARN lxc_cgmanager - cgmanager.c:cgm_get:962 - do_cgm_get exited with error lxc-start 1425374513.419 ERRORlxc_start_ui - lxc_start.c:main:295 - Executing '/sbin/init' with no configuration file may crash the host lxc-start 1425374513.654 INFO lxc_start_ui - lxc_start.c:main:264 - using rcfile /var/lib/lxc/ ubtr1/config lxc-start 1425374513.654 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized lxc-start 1425374513.669 WARN lxc_cgmanager - cgmanager.c:cgm_get:962 - do_cgm_get exited with error lxc-start 1425374513.670 ERRORlxc_start_ui - lxc_start.c:main:295 - Executing '/sbin/init' with no configuration file may crash the host lxc-start 1425374513.896 INFO lxc_start_ui - lxc_start.c:main:264 - using rcfile /var/lib/lxc/ ubtr1/config lxc-start 1425374513.896 WARN lxc_log - log.c:lxc_log_init:316 - lxc_log_init called with log already initialized lxc-start 1425374513.927 WARN lxc_cgmanager - cgmanager.c:cgm_get:962 - do_cgm_get exited with error lxc-start 1425374513.928 ERRORlxc_start_ui - lxc_start.c:main:295 - Executing '/sbin/init' with no configuration file may crash the host #- LXC-START WORKS WITH -f BUT CAN'T BE STOPPED -- # vim # systemctl daemon-reload # systemctl cat lxc-start@ubtr1 ... ExecStart=/usr/bin/lxc-start -F -f /var/lib/lxc
Re: [lxc-users] running NFS and cifs in a container.
Thanks Fajar,My intention is to run 2 container , one serving as a NFS mount and the other a CIFS share. I could live a bind mount for to export these mount points. ( imagine mounting 2 file system mounts on the host). Now i want NFS/cifs client to talk to this share which are in individual containers, ( the point is to contain their other resrources (mem,cpu). (NFS and CIFS kernel componenets can be on the host side).I am worried about all the user level components like AD swicth or nfs name to uid resolution service using user level config or etc files, will it appear saem on the conatiner too. From: Fajar A. Nugraha To: LXC users mailing-list Sent: Tuesday, March 3, 2015 12:14 PM Subject: Re: [lxc-users] running NFS and cifs in a container. On Tue, Mar 3, 2015 at 1:22 PM, Mohan G wrote: > Hi Folks. > can anyone point me to material/docs on running NFS /CIFS inside a > container. Short version: - if you mean nfs/cifs client, the recommended way if for the HOST to mount it (e.g. directly on /var/lib/lxc/container_name/rootfs/mnt/share1). - if you mean nfs kernel server, then containers are not designed to run that. You could work around it using lxc.aa_profile=unconfined, but some functions might still be broken (e.g. on my test "showmount -a" doesn't show connected clients) - userland cifs server (e.g. samba) should work just fine inside container -- Fajar ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] running NFS and cifs in a container.
i did not get the abstarct resource part. Can't mount ext4 from being inside a container after exporting the required >volume to it. ??? Dear Mohan, IMHO it's best practice to have an virtual environment like a LX-Container as much as independent from a concrete hosting environment. And the setup to support and run the Container should be completely outside, but nothing has to be configured inside. By other words, the container should not mount filesystems, it should get something mounted from outside by the host. It should not configure the network, it should get it configured from outside (, e.g by use of DHCP). Let's imagine an application in your container, i.e. an webserver, expect to serve data from within /var/www/ . For a first sprint, your Container's rootfs may contain this directory tree. But maybe it's more appropriate to separate the application and the data, because it's managed by different responsibilities. Then, at the host you might bind-mount this location inside the Container from a completely different location to keep this tree outside the containers rootfs. And more, if your Webserver Container is e.g a member of a cluster, this data source might be also mounted by the (or even by a bunch of) LXC-Hosts from an NFS server. Greetings Guido ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
