[lxc-users] Moving files to a guest fs from the host
I'm in the middle of migrating some users from VZ to LXC/LXD with ZFS backed guest fs. I'm using rsync with --numeric-ids to copy the files with the correct uid/gid to the container's private area. It was suggested to me that I could get the uid/gid remapping done by making the destination container privileged and starting/stopping it before the xfer, which does appear to work from the host side. Unfortunately after setting the container back to unprivileged mode and starting it, the new files are gone and the fs is back to its pre-rsync state. Setting the container to privileged mode again shows that the files are still there, just being hidden by some overlay. I'm wondering if there is a mechanism to mount a non-uid/gid remapped guest fs that will not end up being overridden when the remapping is done. root@atl-comp1:~# lxc config set instance-0019 security.privileged false root@atl-comp1:~# lxc start instance-0019 root@atl-comp1:~# ls -hal /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release ls: cannot access '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': No such file or directory root@atl-comp1:~# lxc stop instance-0019 root@atl-comp1:~# lxc config set instance-0019 security.privileged true root@atl-comp1:~# lxc start instance-0019 root@atl-comp1:~# ls -hal /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release ls: cannot access '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': No such file or directory root@atl-comp1:~# lxc stop instance-0019 root@atl-comp1:~# ls -hal /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release lrwxrwxrwx 1 root root 14 Apr 3 12:53 /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release -> centos-release ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
[lxc-users] Network and snapshots copied to another server
All, We have a native LXD server (3.0.0) and I was curious about upgrading to 3.11 via snap. I installed an 18.04 LTS server and then installed lxd via snap (3.11). I copied a few containers over that I could easily stop on the native server. Installing 18.04 LTS server installs a native copy of LXD (3.0.3) and so my first tests were just starting the container using the native installed packages (no snap at this point). What I wasn't expecting is that the static IP set on the CentOS 7 container did not follow it with the snapshot, in fact it had the generic sysconfig ifcfg-eth0 settings as if it was a new CentOS 7 container unconfigured: DEVICE=eth0 BOOTPROTO=dhcp ONBOOT=yes HOSTNAME=rocketchat NM_CONTROLLED=no TYPE=Ethernet MTU= DHCP_HOSTNAME=`hostname` If I set the configuration to a static IP and upped the interface, it worked as expected. I did a fair amount of searching on why the snapshot does not contain the network information, but came up empty. Is this by design and if so, is there a way to include the network settings as they are on the production container with the snapshot? My goal here was ultimately to test lxd.migrate with a few containers copied over (snapshots) and that does seem to work, sans the network information. (yes, the lxd.migrate is a totally separate issue, just letting you know what my goal was when I started this.) Thanks, Steven G. Spencer ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Moving files to a guest fs from the host
LXD only mounts the ZFS datasets when the container is started, so you should: - Set security.privileged to true - Start the container (or alternatively manually "zfs mount" it) - Rsync - Stop or unmount the container - Unset security.privileged - Start it On Thu, Apr 04, 2019 at 10:42:38AM -0400, Brandon Whaley wrote: > I'm in the middle of migrating some users from VZ to LXC/LXD with ZFS > backed guest fs. I'm using rsync with --numeric-ids to copy the files > with the correct uid/gid to the container's private area. It was > suggested to me that I could get the uid/gid remapping done by making > the destination container privileged and starting/stopping it before > the xfer, which does appear to work from the host side. Unfortunately > after setting the container back to unprivileged mode and starting it, > the new files are gone and the fs is back to its pre-rsync state. > Setting the container to privileged mode again shows that the files > are still there, just being hidden by some overlay. > > I'm wondering if there is a mechanism to mount a non-uid/gid remapped > guest fs that will not end up being overridden when the remapping is > done. > > root@atl-comp1:~# lxc config set instance-0019 security.privileged false > root@atl-comp1:~# lxc start instance-0019 > root@atl-comp1:~# ls -hal > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > ls: cannot access > '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': > No such file or directory > root@atl-comp1:~# lxc stop instance-0019 > root@atl-comp1:~# lxc config set instance-0019 security.privileged true > root@atl-comp1:~# lxc start instance-0019 > root@atl-comp1:~# ls -hal > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > ls: cannot access > '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': > No such file or directory > root@atl-comp1:~# lxc stop instance-0019 > root@atl-comp1:~# ls -hal > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > lrwxrwxrwx 1 root root 14 Apr 3 12:53 > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > -> centos-release > ___ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users -- Stéphane Graber Ubuntu developer http://www.ubuntu.com signature.asc Description: PGP signature ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Moving files to a guest fs from the host
Thank you for taking a look. I was able to rsync and confirm that everything worked as expected if I leave the instance running in privileged mode during the rsync. I was wondering if you could elaborate on the zfs mount option. When I try to mount it via `zfs mount default/containers/instance-0019` I get the following error: root@atl-comp1:~# zfs mount default/containers/instance-0019 cannot mount '/var/lib/lxd/storage-pools/default/containers/instance-0019': directory is not empty I would of course prefer to not have the guest running during this xfer. On Thu, Apr 4, 2019 at 12:50 PM Stéphane Graber wrote: > > LXD only mounts the ZFS datasets when the container is started, so you should: > - Set security.privileged to true > - Start the container (or alternatively manually "zfs mount" it) > - Rsync > - Stop or unmount the container > - Unset security.privileged > - Start it > > On Thu, Apr 04, 2019 at 10:42:38AM -0400, Brandon Whaley wrote: > > I'm in the middle of migrating some users from VZ to LXC/LXD with ZFS > > backed guest fs. I'm using rsync with --numeric-ids to copy the files > > with the correct uid/gid to the container's private area. It was > > suggested to me that I could get the uid/gid remapping done by making > > the destination container privileged and starting/stopping it before > > the xfer, which does appear to work from the host side. Unfortunately > > after setting the container back to unprivileged mode and starting it, > > the new files are gone and the fs is back to its pre-rsync state. > > Setting the container to privileged mode again shows that the files > > are still there, just being hidden by some overlay. > > > > I'm wondering if there is a mechanism to mount a non-uid/gid remapped > > guest fs that will not end up being overridden when the remapping is > > done. > > > > root@atl-comp1:~# lxc config set instance-0019 security.privileged false > > root@atl-comp1:~# lxc start instance-0019 > > root@atl-comp1:~# ls -hal > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > ls: cannot access > > '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': > > No such file or directory > > root@atl-comp1:~# lxc stop instance-0019 > > root@atl-comp1:~# lxc config set instance-0019 security.privileged true > > root@atl-comp1:~# lxc start instance-0019 > > root@atl-comp1:~# ls -hal > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > ls: cannot access > > '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': > > No such file or directory > > root@atl-comp1:~# lxc stop instance-0019 > > root@atl-comp1:~# ls -hal > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > lrwxrwxrwx 1 root root 14 Apr 3 12:53 > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > -> centos-release > > ___ > > lxc-users mailing list > > lxc-users@lists.linuxcontainers.org > > http://lists.linuxcontainers.org/listinfo/lxc-users > > -- > Stéphane Graber > Ubuntu developer > http://www.ubuntu.com > ___ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
Re: [lxc-users] Moving files to a guest fs from the host
That error is pointing to a problem, the directory should be empty when this isn't mounted, if it's got stuff, then that stuff is not actually in the container rootfs. On Thu, Apr 04, 2019 at 05:30:16PM -0400, Brandon Whaley wrote: > Thank you for taking a look. I was able to rsync and confirm that > everything worked as expected if I leave the instance running in > privileged mode during the rsync. I was wondering if you could > elaborate on the zfs mount option. When I try to mount it via `zfs > mount default/containers/instance-0019` I get the following error: > > root@atl-comp1:~# zfs mount default/containers/instance-0019 > cannot mount > '/var/lib/lxd/storage-pools/default/containers/instance-0019': > directory is not empty > > I would of course prefer to not have the guest running during this xfer. > > On Thu, Apr 4, 2019 at 12:50 PM Stéphane Graber wrote: > > > > LXD only mounts the ZFS datasets when the container is started, so you > > should: > > - Set security.privileged to true > > - Start the container (or alternatively manually "zfs mount" it) > > - Rsync > > - Stop or unmount the container > > - Unset security.privileged > > - Start it > > > > On Thu, Apr 04, 2019 at 10:42:38AM -0400, Brandon Whaley wrote: > > > I'm in the middle of migrating some users from VZ to LXC/LXD with ZFS > > > backed guest fs. I'm using rsync with --numeric-ids to copy the files > > > with the correct uid/gid to the container's private area. It was > > > suggested to me that I could get the uid/gid remapping done by making > > > the destination container privileged and starting/stopping it before > > > the xfer, which does appear to work from the host side. Unfortunately > > > after setting the container back to unprivileged mode and starting it, > > > the new files are gone and the fs is back to its pre-rsync state. > > > Setting the container to privileged mode again shows that the files > > > are still there, just being hidden by some overlay. > > > > > > I'm wondering if there is a mechanism to mount a non-uid/gid remapped > > > guest fs that will not end up being overridden when the remapping is > > > done. > > > > > > root@atl-comp1:~# lxc config set instance-0019 security.privileged > > > false > > > root@atl-comp1:~# lxc start instance-0019 > > > root@atl-comp1:~# ls -hal > > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > > ls: cannot access > > > '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': > > > No such file or directory > > > root@atl-comp1:~# lxc stop instance-0019 > > > root@atl-comp1:~# lxc config set instance-0019 security.privileged > > > true > > > root@atl-comp1:~# lxc start instance-0019 > > > root@atl-comp1:~# ls -hal > > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > > ls: cannot access > > > '/var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release': > > > No such file or directory > > > root@atl-comp1:~# lxc stop instance-0019 > > > root@atl-comp1:~# ls -hal > > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > > lrwxrwxrwx 1 root root 14 Apr 3 12:53 > > > /var/lib/lxd/storage-pools/default/containers/instance-0019/rootfs/etc/redhat-release > > > -> centos-release > > > ___ > > > lxc-users mailing list > > > lxc-users@lists.linuxcontainers.org > > > http://lists.linuxcontainers.org/listinfo/lxc-users > > > > -- > > Stéphane Graber > > Ubuntu developer > > http://www.ubuntu.com > > ___ > > lxc-users mailing list > > lxc-users@lists.linuxcontainers.org > > http://lists.linuxcontainers.org/listinfo/lxc-users > ___ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users -- Stéphane Graber Ubuntu developer http://www.ubuntu.com signature.asc Description: PGP signature ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users