Re: [lxc-users] lxc-ls - not in the rpm?

2014-11-18 Thread István Király 
Oh,.. ok, thank you. .)

On Tue, Nov 18, 2014 at 3:00 PM, Denis Müller  wrote:

>
> lxc-extra.x86_64 on fedora 20
>
> No package lxc-extras available.
>
> I dont mind if lxc-ls is canceled, .. just wanted to know for sure, that
> this is not a bug in the packaging.
>
> On Tue, Nov 18, 2014 at 2:28 PM, Denis Müller  wrote:
>
>> try to install "lxc-extras"
>>
>>
>> Hello list, ..
>>
>> i just realised that lxc-ls is not packages in the  lxc-1.0.6-1.fc20.x86_64
>> package.
>>
>> Is, lxc-ls officially discarded?
>>
>> --
>> Király István
>> +36 209 753 758
>> lak...@d250.hu
>> 
>>
>>
>>
>>
>>
>> ___
>> lxc-users mailing list
>> lxc-users@lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>
>
>
>
> --
> Király István
> +36 209 753 758
> lak...@d250.hu
> 
>
>
>
>
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] lxc-ls - not in the rpm?

2014-11-18 Thread István Király 
No package lxc-extras available.

I dont mind if lxc-ls is canceled, .. just wanted to know for sure, that
this is not a bug in the packaging.

On Tue, Nov 18, 2014 at 2:28 PM, Denis Müller  wrote:

>  try to install "lxc-extras"
>
>
> Hello list, ..
>
> i just realised that lxc-ls is not packages in the  lxc-1.0.6-1.fc20.x86_64
> package.
>
> Is, lxc-ls officially discarded?
>
> --
> Király István
> +36 209 753 758
> lak...@d250.hu
> 
>
>
>
>
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] lxc-ls - not in the rpm?

2014-11-18 Thread István Király 
Hello list, ..

i just realised that lxc-ls is not packages in the  lxc-1.0.6-1.fc20.x86_64
package.

Is, lxc-ls officially discarded?

-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] Crontab in fedora containers.

2014-10-28 Thread István Király 
Hello again.

Yes, I see now that LXC 1.0.6 is there as rpm, but that is the first time
since 0.8.0, and I started to use LXC 1.0.

I use my script called srvctl to control the creation and configuration of
containers.
https://github.com/LaKing/Fedora-scripts

It compiled with "autogen - configure - make - make install" before, but I
added the option to use yum and the rpm now.

The user addition part adds user, set password and creates a keypair.
I usually log in as root with key, .. but the problem came to light when
users su-ed to a normal user and run capistrano - a ruby deploy script.
So, I think the password should be ther, valid, not expired. Users use keys
though.

[user@crontest root]$ crontab -l
You (user) are not allowed to use this program (crontab)
See crontab(1) for more information


I will test it on another system that runs srvctl based on rpm installation.

And, .. I will be on holidays the next 12 days, ...

Greetings, ..

On Thu, Oct 23, 2014 at 7:10 PM, Michael H. Warfield 
wrote:

> On Thu, 2014-10-23 at 17:17 +0200, István Király wrote:
> > Hello Mike.
> >
> >
> > Host is Fedora 20 with kernel 3.16.4-200.fc20.x86_64
> >
> >
> > LXC: 1.0.6 compiled from latest release
>
>
> Ooo???  LXC 1.0.6 is in the repositories.  Any reason for not using the
> repo based LXC rpms?
>
> When you say "compiled from latest release", did you do a "configure ;
> make ; make install" or did you do a "configure ; make rpm ; yum
> localinstall" (the later is preferred for maintainability and to avoid
> library skew).
>
> > Host is fedora with SELinux disabled.
>
> Ok...  That setup matches mine exactly.
> >
> > Container was created with the fedora template but in an earlier
> > version of LXC.
>
> That SHOULD be OK unless it was a very early version of LXC (like 0.8 or
> earlier).
> >
> > I'm not sure what you mean by container version. Containers are also
> > Fedora 20.
>
> That's what I meant.
> >
> > Logged in with ssh. LXC is running on the background.
>
> Matches what I'm doing...  Are you logging with with a password or an
> SSH auth key?  If the later, does the user have a valid, non-expired,
> password?
> >
> > I just created a new test-container, added my user and it behaves
> > exactly the same.
>
> Ok...  How did you add your user?  Just useradd and then run passwd to
> set the passwd?  I'm seeing similar complaints when the user password is
> expired or locked but you can still connecting using ssh via an ssh auth
> key.
>
> > Without /etc/cron.allow
> > You (user) are not allowed to access to (crontab) because of pam
> > configuration.
>
> Ok...  This is what's not making any sense to me.  That's saying
> "because of pam configuration" and I'm trying to understand WHAT pam
> configuration.  I do see a potential problem in /etc/pam.d/crond that
> could impact cron jobs running (it's the session line referencing
> pam_loginuid.so that could blow up) but that should not affect running
> "contab -e"
>
> Did you install any additional software after the container creation?
> >
> > With ALL (then newline) in /etc/cron.allow
>
> This should not be necessary in any case...
> >
> > [user@crontest ~]$ crontab -e
> > You (user) are not allowed to use this program (crontab)
> > See crontab(1) for more information
>
> What happens if you run "crontab -l"?
>
> Looking around, you might have something quirky going on with
> that /etc/pam.d/crond file after all.
>
>
> http://www.linuxquestions.org/questions/linux-security-4/failed-to-authorize-user-with-pam-permission-denied-4175492110/
>
> Could try editing the "pam_access.so" like and setting that with debug
> to find out why it's being refused.  While you're in there, commend out
> this line and see if it makes a difference:
>
> sessionrequired   pam_loginuid.so
>
> The whole pam loginuid thing is a problem in containers.  Doesn't
> explain why I don't see it through...
>
> > Thank you very much.
> >
> Regards,
> Mike
>
> > Greetings, ...
> >
> > On Thu, Oct 23, 2014 at 2:57 PM, Michael H. Warfield
> >  wrote:
> > On Thu, 2014-10-23 at 06:18 +0200, István Király wrote:
> > > Hello list, ..
> > >
> > >
> > > I noticed some strange behavior, that I could not resolve so
> > far,
> > > regarding cron and crontab.
> > >
> > >
> > > [user@container]$ crontab -e
>

Re: [lxc-users] Crontab in fedora containers.

2014-10-23 Thread István Király 
Hello Mike.

Host is Fedora 20 with kernel 3.16.4-200.fc20.x86_64

LXC: 1.0.6 compiled from latest release

Host is fedora with SELinux disabled.

Container was created with the fedora template but in an earlier version of
LXC.

I'm not sure what you mean by container version. Containers are also Fedora
20.

Logged in with ssh. LXC is running on the background.

I just created a new test-container, added my user and it behaves exactly
the same.

Without /etc/cron.allow
You (user) are not allowed to access to (crontab) because of pam
configuration.

With ALL (then newline) in /etc/cron.allow

[user@crontest ~]$ crontab -e
You (user) are not allowed to use this program (crontab)
See crontab(1) for more information

Thank you very much.

Greetings, ...

On Thu, Oct 23, 2014 at 2:57 PM, Michael H. Warfield 
wrote:

> On Thu, 2014-10-23 at 06:18 +0200, István Király wrote:
> > Hello list, ..
> >
> >
> > I noticed some strange behavior, that I could not resolve so far,
> > regarding cron and crontab.
> >
> >
> > [user@container]$ crontab -e
> > You (user) are not allowed to access to (crontab) because of pam
> > configuration.
> >
> >
> > While digging in, I created /etc/cron.allow  and added ALL. The
> > message changed to:
> >
> >
> > You (user) are not allowed to use this program (crontab)
> > See crontab(1) for more information
> >
> >
> > Google search didn't bring me closer to a solution.
> >
> >
> > On a native fedora, crontab works out of the box, even without a
> > cron.allow file.
> >
> >
> > If someone has ideas / suggestions, I would look at them.
>
> It's working fine here with all my Fedora containers of various vintage
> (all Fedora hosts).
>
> 1) What is the host distro and version?
>
> 2) What is the container version?
>
> 3) If the host is Ubuntu or Debian, are you running with apparmor
> enabled and have you set lxc.aa_profile = unconfined in the container
> config?
>
> 4) How did you create the container (lxc-create, hand rolled, fedora
> template, download template)?
>
> 5) Version of LXC in the host?
>
> 6) How are you logged in?  From lxc-start in forground?  From
> lxc-console?  From ssh connection?
>
> > Greetings, ...
> >
> >
> > --
> > Király István
> > +36 209 753 758
> > lak...@d250.hu
>
> Regards,
> Mike
> --
> Michael H. Warfield (AI4NB) | (770) 978-7061 |  m...@wittsend.com
>/\/\|=mhw=|\/\/  | (678) 463-0932 |
> http://www.wittsend.com/mhw/
>NIC whois: MHW9  | An optimist believes we live in the best of
> all
>  PGP Key: 0x674627FF| possible worlds.  A pessimist is sure of it!
>
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu
<http://d250.hu>
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] Crontab in fedora containers.

2014-10-22 Thread István Király 
Hello list, ..

I noticed some strange behavior, that I could not resolve so far, regarding
cron and crontab.

[user@container]$ crontab -e
You (user) are not allowed to access to (crontab) because of pam
configuration.

While digging in, I created /etc/cron.allow  and added ALL. The message
changed to:

You (user) are not allowed to use this program (crontab)
See crontab(1) for more information

Google search didn't bring me closer to a solution.

On a native fedora, crontab works out of the box, even without a cron.allow
file.

If someone has ideas / suggestions, I would look at them.

Greetings, ...

-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] openstack support

2014-09-25 Thread István Király 
I'm planning to write a web-gui with nodejs.

Currently I have a bash backend script that does the management of
containers, network, proxies, mail, etc, ..
With LXC, it creates a virtual server farm ... it is fedora based though.
Probably can be ported to other OS.

For now, it can be managed over ssh only.
https://github.com/LaKing/Fedora-scripts


On Thu, Sep 25, 2014 at 10:15 AM, Tamas Papp  wrote:

>
> On 09/24/2014 09:29 AM, Tamas Papp wrote:
>
> hi,
>
> Is that still(?) right, that openstack supports only the libvirt based
> implementation?
>
>
> Wooff, I thought, it's a quick question with a short answer:)
> Actually I am interested in anything else, is there any web based
> dashboard, management tool, where containers could be managed?
>
> 10x
> tamas
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] CAP_SETFCAP effective capability

2014-07-30 Thread István Király 
Hi folks, ..

I'm trying to figure out what the proper method will be to use node.js as
web server.
The problem is, that node, when run as user, can not bind to port 80, or
ports lower then 1024.

I would like to give the container permission to bind node to port 80, and
eventually 443.

[root@dev node-project]# setcap cap_net_bind_service=+ep /usr/bin/node
unable to set CAP_SETFCAP effective capability: Operation not permitted

I can run this command on the host, and set file capabilities on the host
for node in the rootfs of the container, but that seems to have no effect
on the container's node instance.

Anyone with more expertise has any suggestion?

... Yes, I know I can set my reverse proxy, but I would like to have node
on these ports, so i can use them directly on an IPv6 enabled network.

.. and yes, I know that port forwarding is another option.

Thank you. .)

-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] High Memory utilization with lxc containers

2014-07-05 Thread István Király 
hi, ..

systemd-journald is not really fixed yet, it uses up CPU, and resources.

systemctl mask systemd-journald

.. and then reboot your containers.

Greetings,..


On Sat, Jul 5, 2014 at 12:19 PM, Ajith Adapa  wrote:

> I mean there is around 1.5GB RAM freely available when I just start
> the containers.
>
> KiB Mem:   2025228 total,   593388 used,  1431840 free,36708 buffers
> KiB Swap:  2129916 total,0 used,  2129916 free.   394116 cached Mem
>
> Regards,
> Ajith
>
> On Sat, Jul 5, 2014 at 3:33 PM, Ajith Adapa  wrote:
> > Hi,
> >
> > I am not exactly sure if LXC is the reason but atleast I am seeing
> > that memory is exhausted after running lxc containers for more than a
> > day.
> >
> > Setup information:
> > Guest VM running Fedora 20 with 2GB RAM and 4 logical cores assigned.
> > It is only used for running LXC containers. lxc version 1.0.3
> >
> > I have 4 containers created using the default templates. When I
> > started all the containers the amount of free ram available is around
> > 500MB (As per the output from top).
> >
> > After 24 hours, I have got only 100MB free as per top command output.
> > I am not starting any process inside lxc-containers after starting
> > them.
> >
> > # lxc-ls -f
> > NAMESTATEIPV4 IPV6  AUTOSTART
> > -
> > centostest  RUNNING  10.12.4.101  - NO
> > debiantest  RUNNING  10.12.4.117  - NO
> > f19i686 RUNNING  10.12.4.122  - NO
> > ubuntu  RUNNING  10.12.4.131  - NO
> >
> > As per below output systemd-journald seems the culprit but I am not sure
> why.
> >
> > # ps -eo pmem,pcpu,vsize,pid,cmd | sort -k 1 -nr | head -5
> >  2.7  0.0 124036  1997 /usr/lib/systemd/systemd-journald
> >  1.2  0.0 325168   558 /usr/bin/python /usr/sbin/firewalld --nofork
> --nopid
> >  0.6  0.0 511304  1348 /usr/lib/polkit-1/polkitd --no-debug
> >  0.6  0.0 102340  1342 /sbin/dhclient -H blrlt1144 -1 -q -lf
> > /var/lib/dhclient/dhclient--virbr0.lease -pf
> > /var/run/dhclient-virbr0.pid virbr0
> >  0.4  0.0  40636 1 /usr/lib/systemd/systemd --switched-root
> > --system --deserialize 26
> >
> > Have anyone faced similar issue ?
> >
> > Regards,
> > Ajith
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] lxc-start failing in Fedora 20

2014-06-30 Thread István Király 
>> systemd-journald had a bad propensity to run amok

I updated my system, updated lxc to 1.0.4, created a new container.
(complete re-install)
Unfortunately, systemd-journald was running on 100% CPU usage, as seen in
previous versions.
The bug is still there, ... but now the mask is not applied automatically.


On Mon, Jun 30, 2014 at 3:46 PM, Serge Hallyn 
wrote:

> Quoting Michael H. Warfield (m...@wittsend.com):
> > On Sat, 2014-06-28 at 20:12 +0530, Ajith Adapa wrote:
> > > Thanks @Michael
> >
> > > I am running lxc 1.0.3 version in rawhide.
> >
> > Ah.  Ok...  Understand that lxc-autostart is not fully functional in
> > 1.0.3 and will not autoboot containers on host boot.  That's in 1.0.4
> > which should be in there rsn.
> >
> > > My fedora 20 setup is a VM and hasn't got libvirtd running. As you
> > > mentioned earlier thats the reason why virbr0 is not created by
> > > default.
> >
> > > Why doesn't lxc directly support creating virbr0 ? Might be one more
> > > option in the template.
> >
> > For that, I think I'll have to defer to Serge or Stéphane for a
> > definitive answer but, IMHO, it's largely because libvirt is already
> > responsible for virbr0 and we could result in conflicts.  Not saying we
> > would but just that there could be.  Worse case would be a race
> > condition between us in lxc-autostart-helper and the libvirt service in
> > trying to create that bridge.  It could result in a failure in one
> > service or the other.
> >
> > It's also possible that we've just never really looked into it.  Perhaps
> > there should be a run-time dependency on libvirt running that we could
> > detect and document better.  The error message leaves a little bit to be
> > desired.
>
> Right, the setup of host bridges is not for lxc-start to do, but for the
> distro-dependent init scripts.  In Ubuntu we create lxcbr0 - perhaps the
> fedora/centos/oracle scripts should do the same?  If they depend on virbr0
> then indeed they should depend on libvirt being started before proceeding
> to autostart containers.
>
> We're definately open to patches that make for clearer error messages,
> Stéphane pushed one like that recently.  It'd be nice if you didn't have
> to understand every detail about container startup to debug why a
> container failed.
>
> > Given that, it's not a template issue at all and wouldn't (shouldn't)
> > require any container config changes.  It would need to be some sort of
> > lxc service startup option to precreate the needed bridges or a helper.
> >
> > Given all that, 1.0.4 may very well resolve (or may compound) the
> > problem as the lxc.service systemd service uses a script that waits for
> > virbr0 from libvirt to settle before autobooting containers (there's
> > where your race conditions would live).  I'm not sure how that's going
> > to play out if libvirt is not running.  It looks like we may need to add
> > code to /usr/libexec/lxc/lxc-autostart-helper to insure that the default
> > lxc network bridge is running.  I'd be reluctant to adding it to the
> > lxc-start code as it would be difficult to insure it would always be
> > doing the right thing including cases like unpriv containers.
> >
> > This is a corner case that, maybe, Dwight and I may need to address or
> > punt it over to Serge or Stéphane.  It's complicated in that we don't
> > always know the bridges that are needed or even if they are need if a
> > site is using "macvlan" or "physical" network types.  It definitely
> > needs to be tested.
> >
> > > I will try out the steps given regarding password.
> >
> > Cool.
> >
> > > Regards,
> > > Ajith
> >
> > Regards,
> > Mike
> >
> > > On Sat, Jun 28, 2014 at 7:13 PM, Michael H. Warfield 
> wrote:
> > > > On Sat, 2014-06-28 at 15:34 +0530, Ajith Adapa wrote:
> > > >> Hi,
> > > >
> > > >> lxc-start is failing in latest fedora 20 saying virbr0 is not found.
> > > >
> > > > What version of LXC?  AFAIK, it's still 0.9.0 with 1.0.3 (hopefully
> > > > 1.0.4 real soon now) in rawhide.
> > > >
> > > >> 1. Is it madatory for the admin to create virbr0 interface before
> > > >> starting a container ?
> > > >
> > > > Yes.  You have two ways to do this.
> > > >
> > > > 1) [Preferred] have libvirt running.  That's the default bridge for
> > > > libvirt and it wills set it up and manage it for you.
> > > >
> > > > 2) Create the bridge manually.
> > > >
> > > > If you have another bridge already on the system, you can change the
> > > > bridge name in the configuration files and in /etc/lxc/default.conf.
> > > > Personally, I keep libvirt and virbr0 up and running for my nat'ed
> > > > bridge while I have a static lxcbr0 to which the primary interface
> has
> > > > been added for a true bridge to the outer network (but I have lots of
> > > > IPv4 addresses so I can allow them direct access to the address pool.
> > > >
> > > >> 2. How can I create a container with a default password for root
> > > >> rather than auto-generating the same ?
> > > >
> > > > It's a tuning knob in the

Re: [lxc-users] systemd and logging in containers

2014-06-20 Thread István Király 
I enabled systemd-journald on all containers now, and in each container it
was using ~ 7% cpu power. Since there are over 100 containers, it slowed
down the system too much. 0% idle.

:(

Seems I need another solution for logging.


On Wed, Jun 11, 2014 at 12:15 AM, Michael H. Warfield 
wrote:

> On Tue, 2014-06-10 at 16:51 -0400, Leonid Isaev wrote:
> > Hi,
> >
> > On Tue, Jun 10, 2014 at 03:43:12PM -0400, Michael H. Warfield wrote:
> > > Date: Tue, 10 Jun 2014 15:43:12 -0400
> > > From: "Michael H. Warfield" 
> > > To: LXC users mailing-list 
> > > Subject: Re: [lxc-users] systemd and logging in containers
> > > X-Mailer: Evolution 3.10.4 (3.10.4-2.fc20)
> > >
> > > On Tue, 2014-06-10 at 21:19 +0200, István Király wrote:
> > > > Hi list, ..
> > >
> > > > Fedora 20 host and containers.
> > >
> > > > Some programms are logging normal, apache, mariadb, ..
> > >
> > > > But some others have no log at all, for example maillog is 0 in all
> my
> > > > containers, but they have postfix / dovecot running.
> > >
> > > > I experimented a little today, with a custom script echoing messages
> > > > to standard output, and created a systemd unit file for it. ..
> > >
> > > > When I run this script as service on the host, I get the messages
> from
> > > > systemctl status test.service.
> > >
> > > > When I run this script from a container, the messages are not in
> > > > systemctl status, and I can't find them.
> > >
> > > > Checked if maybe packages are missing, but all seems to be okay, ..
> > >
> > > > .. anyone have any ideas?
> > >
> > > Yes.
> > >
> > > Several revs back on systemd, the systemd-journald.service was horribly
> > > broken and, at random, eating CPU time for lunch, particularly in
> > > containers.  That turned out to be a bug involving (iirc) logging
> > > objects and object id's and user logs with conflicting ids.
> > >
> > > During this period of time, I coded the Fedora template to disable and
> > > mask systemd-journald.service.  They have since fixed this bug and I've
> > > reenabled it in the template, but containers built prior to this will
> > > have the systemd-journal service disabled and masked.
>
> > I'm surprised it actually worked -- what systemd version was that?
>
> It did at the time.  :-)=)  I don't recall the specific version but I
> recall having a hell of a time with journald sucking down the CPU under
> F18 and F19.
>
> > I don't think you can 'disable' (stop) journal in new-ish systemd (i.e.
> >=210)
> > because it is a core module, so the best you can do is to set
> Storage=none in
> > journald.conf.
>
> I'll have to look into that.
>
> > HTH,
>
> Thanks!
>
> Regards,
> Mike
> --
> Michael H. Warfield (AI4NB) | (770) 978-7061 |  m...@wittsend.com
>/\/\|=mhw=|\/\/  | (678) 463-0932 |
> http://www.wittsend.com/mhw/
>NIC whois: MHW9  | An optimist believes we live in the best of
> all
>  PGP Key: 0x674627FF| possible worlds.  A pessimist is sure of it!
>
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu
<http://d250.hu>
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] systemd and logging in containers

2014-06-10 Thread István Király 
Hi list, ..

Fedora 20 host and containers.

Some programms are logging normal, apache, mariadb, ..

But some others have no log at all, for example maillog is 0 in all my
containers, but they have postfix / dovecot running.

I experimented a little today, with a custom script echoing messages to
standard output, and created a systemd unit file for it. ..

When I run this script as service on the host, I get the messages from
systemctl status test.service.

When I run this script from a container, the messages are not in systemctl
status, and I can't find them.

Checked if maybe packages are missing, but all seems to be okay, ..

.. anyone have any ideas?

Thank you.

-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] cpio: cap_set_file

2014-06-07 Thread István Király 
Hello list, ..


I have tried your suggestion. Since LXC is built from source, the
common's file is at /usr/local/share/lxc/config. I rebooted the
container after commenting out that line, but still no go.



> I have trouble updating httpd in my containers. fedora host, fedora
> containers, LXC 1.0.3
>
>
error: unpacking of archive failed on file /usr/bin/systemd-detect-virt:
> cpio: cap_set_file
>

Look for /usr/share/lxc/config/fedora.common.conf (or whatever it is on
fedora, try "rpm -ql lxc"), then comment out this line

lxc.cap.drop = setfcap


-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] lxc-fedora template

2014-06-04 Thread István Király 
The template displays the password at creation, and its not root:root.
Username is root, but password is something like
Root-Containername-randompass ...


On Wed, Jun 4, 2014 at 11:44 PM, Dmitry Kolesov  wrote:

> Hi,
>
> Yes, The first I tried to use root:root and then I changed the root's
> password.
> But always I have message "Login incorrect" on login.
>
> Regards,
> Dmitry
>
>
> 2014-06-05 2:43 GMT+11:00 :
>
>> Hi, ..
>>
>> Do you try to login as root? With the password generated by the template?
>>
>>
>> On Wed, Jun 4, 2014 at 5:10 PM, Dmitry Kolesov 
>>  wrote:
>>
>>> Hello,
>>>
>>> I created container from lxc-fedora template. My operation system is
>>> Fedora 20.
>>> The kernel is 3.14.0 x86_64.
>>> When I start conteiner there is one fail message:
>>>  [FAILED] Failed to set up automount Arbitrary Executable
>>> File...utomount Point.
>>> All another messages are "OK".
>>> But when I try to login into I have message: "Login incorrect".
>>> I tryed to chroot into rootfs directory and I have changed root's
>>> password.
>>> But I always have this message: "Login incorrect".
>>> SELinux is disabled in my main OS.
>>> Could somebody help me to login into?
>>>
>>> Regards,
>>> Dmitry
>>>
>>
>>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] lxc-fedora template

2014-06-04 Thread István Király 
Hi, ..

Do you try to login as root? With the password generated by the template?


On Wed, Jun 4, 2014 at 5:10 PM, Dmitry Kolesov  wrote:

> Hello,
>
> I created container from lxc-fedora template. My operation system is
> Fedora 20.
> The kernel is 3.14.0 x86_64.
> When I start conteiner there is one fail message:
>  [FAILED] Failed to set up automount Arbitrary Executable File...utomount
> Point.
> All another messages are "OK".
> But when I try to login into I have message: "Login incorrect".
> I tryed to chroot into rootfs directory and I have changed root's password.
> But I always have this message: "Login incorrect".
> SELinux is disabled in my main OS.
> Could somebody help me to login into?
>
> Regards,
> Dmitry
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] cpio: cap_set_file

2014-06-02 Thread István Király 
Oopps, ... sorry for the double mail. Hi folks.

I have trouble updating httpd in my containers. fedora host, fedora
containers, LXC 1.0.3

Here is the full output from yum:

Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.4.7-3.fc20 will be updated
---> Package httpd.x86_64 0:2.4.9-2.fc20 will be an update
---> Package iputils.x86_64 0:20121221-4.fc20 will be updated
---> Package iputils.x86_64 0:20121221-6.fc20 will be an update
---> Package systemd.x86_64 0:208-15.fc20 will be updated
---> Package systemd.x86_64 0:208-16.fc20 will be an update
--> Finished Dependency Resolution

Dependencies Resolved


 Package Arch   Version   Repository
Size

Updating:
 httpd   x86_64 2.4.9-2.fc20  updates
1.2 M
 iputils x86_64 20121221-6.fc20   updates
155 k
 systemd x86_64 208-16.fc20   updates
2.6 M

Transaction Summary

Upgrade  3 Packages

Total download size: 4.0 M
Downloading packages:
Delta RPMs disabled because /usr/bin/applydeltarpm not installed.

Total   18 MB/s | 4.0 MB  00:00

Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Updating   : systemd-208-16.fc20.x86_64
1/6
Error unpacking rpm package systemd-208-16.fc20.x86_64

error: unpacking of archive failed on file /usr/bin/systemd-detect-virt:
cpio: cap_set_file
error: systemd-208-16.fc20.x86_64: install failed
  Updating   : httpd-2.4.9-2.fc20.x86_64
 2/6
Error unpacking rpm package httpd-2.4.9-2.fc20.x86_64

error: unpacking of archive failed on file /usr/sbin/suexec: cpio:
cap_set_file
  Updating   : iputils-20121221-6.fc20.x86_64
3/6
Error unpacking rpm package iputils-20121221-6.fc20.x86_64

error: httpd-2.4.9-2.fc20.x86_64: install failed
error: unpacking of archive failed on file /usr/bin/ping: cpio: cap_set_file
systemd-208-15.fc20.x86_64 was supposed to be removed but is not!
  Verifying  : systemd-208-15.fc20.x86_64
1/6
  Verifying  : systemd-208-16.fc20.x86_64
2/6
iputils-20121221-4.fc20.x86_64 was supposed to be removed but is not!

  Verifying  : iputils-20121221-4.fc20.x86_64
3/6
  Verifying  : httpd-2.4.9-2.fc20.x86_64
 4/6
  Verifying  : iputils-20121221-6.fc20.x86_64
5/6
httpd-2.4.7-3.fc20.x86_64 was supposed to be removed but is not!

  Verifying  : httpd-2.4.7-3.fc20.x86_64
 6/6

Failed:
  httpd.x86_64 0:2.4.7-3.fc20httpd.x86_64 0:2.4.9-2.fc20

  iputils.x86_64 0:20121221-4.fc20   iputils.x86_64 0:20121221-6.fc20

  systemd.x86_64 0:208-15.fc20   systemd.x86_64 0:208-16.fc20


Complete!

Any ideas about this issue?
.. everything else got updated normally.

On Tue, Jun 3, 2014 at 3:35 AM, István Király  wrote:

>
> Here is the full output from yum:
>
> --
> Király István
> +36 209 753 758
> lak...@d250.hu
> <http://d250.hu>
>



-- 
Király István
+36 209 753 758
lak...@d250.hu
<http://d250.hu>
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] (no subject)

2014-06-02 Thread István Király 
Here is the full output from yum:

-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] LXC 1.0.0 - lxc-start: command get_cgroup failed to receive response

2014-05-27 Thread István Király 
I'm not sure if I remember correctly, I think I saw this error .. try this,
as root.

export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/libexport
LD_LIBRARY_PATH=:/usr/local/lib:/usr/local/lib

.. this is for fedora.


On Tue, May 27, 2014 at 3:40 PM, Serge Hallyn wrote:

> Quoting Phiho Hoang (hohoang...@gmail.com):
> > Dear List,
> >
> > I got this problem with lxc built from git source code, cloned May 25.
>
> You give no indication of how you buit and installed it.  The easiest
> way to build from git reliably is to grab the debian/ tree from the
> lxc package and copy it under the git tree, then run
> debian/rules build
> fakeroot debian/rules binary
>
> and install the resulting binaries.
>
> might try 'ps -ef' on the host and see if the only things running in
> the container are 3 or 4 tasks including mountall.  That would suggest
> there is a filesystem which isn't being pre-mounted for the container,
> which mountall then tries to mount (and is denied).
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users




-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] We need a lxc-top utility

2014-05-20 Thread István Király 
Hello CDR, ..

If your containers are accessible over ssh, you can iterate through the
containers and run a top or top-like command in each of them. You might
need unique users though.

 for C in $(lxc-ls)
 do
 ssh $C "top -n 1"
 sleep 1
 done

On the other hand, yes, it would be practical to see this directly on the
top of the host.
I think with a proper UID and GID mapping that should be possible somehow.

As long we do not have unprivileged containers, and GID / UID mappings, we
are still in development IMO.


https://github.com/LaKing/Fedora-scripts

greetings, ...






On Wed, May 21, 2014 at 2:07 AM, CDR  wrote:

> Dear Friends
> I have 20+ containers with the same programs running. All of them are
> cpu-intensive. But one of them is eating way more CPU than the
> average. With "top" I have no idea which container "owns" that
> program. Perhaps we need a new "lxc-top" that would identify the
> process and the container, and maybe allow to sort by container-cpu or
> memory, or show cpu-container, memory-container, etc.
>
> Philip
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users




-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] LXC package on default templates

2014-05-07 Thread István Király 
You may add packages by modifying the corresponding line in the lxc-fedora
template file.


On Tue, May 6, 2014 at 10:28 PM, Marcello Lorenzi wrote:

> Hi All,
> I'm trying to install a test environment on my local server and I used the
> default template lxc-fedora provided by the lxc-templates package. I need
> to add some packages to the default installation but i can't find the
> correct way to install these packages from the lxc-create command.
>
> Can someone help me to undestand the correct way to add these packages?
>
> Thanks,
> Marcello
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] LXC Service fails to start in Fedora

2014-05-01 Thread István Király 
I have no experience with the pre-packed rpm, I usually build it from
source ...

So my questions would be:

Can you create and start containers - without the service running.
Does this directory exists, and what if not and you create it?
/usr/libexec/lxc/lxc-startup




On Thu, May 1, 2014 at 5:57 AM, CDR  wrote:

> Dear Friends
> I am using the latest version of LXC
>
> rpm -qa | grep lxc
> lxc-devel-1.0.3-1.fc20.x86_64
> libvirt-daemon-driver-lxc-1.1.3.4-4.fc20.x86_64
> lxc-libs-1.0.3-1.fc20.x86_64
> lxc-1.0.3-1.fc20.x86_64
> lxc-debuginfo-1.0.3-1.fc20.x86_64
>
>  systemctl start lxc.service
>
>
> - Unit lxc.service has begun starting up.
> Apr 30 15:51:49 nat-1 lxc-devsetup[8036]: Creating /dev/.lxc
> Apr 30 15:51:49 nat-1 lxc-devsetup[8036]: /dev is devtmpfs
> Apr 30 15:51:49 nat-1 lxc-devsetup[8036]: Creating /dev/.lxc/user
> Apr 30 15:51:49 nat-1 systemd[8042]: Failed at step EXEC spawning
> /usr/libexec/lxc/lxc-startup: No such file or directory
> -- Subject: Process /usr/libexec/lxc/lxc-startup could not be executed
> -- Defined-By: systemd
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- The process /usr/libexec/lxc/lxc-startup could not be executed and
> failed.
> --
> -- The error number returned while executing this process is 2.
> Apr 30 15:51:49 nat-1 systemd[1]: lxc.service: main process exited,
> code=exited, status=203/EXEC
> Apr 30 15:51:49 nat-1 systemd[1]: Failed to start LXC Container
> Initialization and Autoboot Code.
> -- Subject: Unit lxc.service has failed
> -- Defined-By: systemd
> -- Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel
> --
> -- Unit lxc.service has failed.
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users




-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] php mail on fedora containers

2014-04-29 Thread István Király 
Hello list, ...

I have a simple test.php that uses the mail function to send a test email,
used in an lxc-fedora-template based container.

When called from command line, it works fine, but when called over the web:

PHP Warning:  mail: failed to open stream: Permission denied in
/var/www/html/test.php on line 7
Program mode requires special privileges, e.g., root or TrustedUser.

I was able to get rid of some error messages and to get mail return true by
adding some permissions for the /var/spool directory, but not to get the
mail out. ...
This seems to be hacking around, and I'm not sure this should be done this
way. usually  full fedora has no such problems, do I miss some package
possibly? Mail, sendmail, postfix - all installed, and working.


Anyone had similar issues with the fedora or other templates - and a
solution, or suggestions?

Thank you - greetings.


-- 
Király István
+36 209 753 758
lak...@d250.hu

___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] PAM auth-user problem in containers

2014-04-07 Thread István Király 
I just realized that the IMAP auth mechanism works after the kernel upgrade.

Actually I never tryed su -ing between users before. Maybe it never
worked. But I will give it a try on another system, and let you know.


Thank you for your help!


On Tue, Apr 8, 2014 at 12:03 AM, Serge Hallyn  wrote:
> Quoting István Király (lak...@d250.hu):
>> I updated the kernel, still no go.
>
> Try downgrading to 3.12.
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users



-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] PAM auth-user problem in containers

2014-04-07 Thread István Király 
I updated the kernel, still no go.

3.13.9-200.fc20.x86_64

Cannot get PAM debug to work. :|

On Mon, Apr 7, 2014 at 8:07 PM, István Király  wrote:
> uname -r
> 3.13.6-200.fc20.x86_64
>
> .. its strange as it was working for a while, and I didn't update the
> kernel recently.
>
> uptime
>  20:06:41 up 13 days, 20:01,  1 user,  load average: 2.16, 2.61, 2.12
>
>
>
> On Mon, Apr 7, 2014 at 8:00 PM, Serge Hallyn  wrote:
>> Quoting István Király (lak...@d250.hu):
>>> Hello List, ..
>>>
>>> I have a couple of Fedora containers on a Fedora host.
>>> Everything was working fine for a while but suddenly, users can not login.
>>>
>>> - I set password for a certain-user.
>>> - I log in as another-user
>>> su certain-user
>>> password: 
>>> su: Authentication failure
>>>
>>> The main problem is actually that dovecot auth is failing too, as it
>>> is PAM based.
>>>
>>> Any ideas how to troubleshoot this?
>>>
>>> Thank you in advance.
>>
>> I suspect it's pam-loginuid.  What is your kernel version?
>>
>> -serge
>> _______
>> lxc-users mailing list
>> lxc-users@lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>
>
>
> --
> István Király
> +36 209 753 758
> lak...@d250.hu



-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] PAM auth-user problem in containers

2014-04-07 Thread István Király 
uname -r
3.13.6-200.fc20.x86_64

.. its strange as it was working for a while, and I didn't update the
kernel recently.

uptime
 20:06:41 up 13 days, 20:01,  1 user,  load average: 2.16, 2.61, 2.12



On Mon, Apr 7, 2014 at 8:00 PM, Serge Hallyn  wrote:
> Quoting István Király (lak...@d250.hu):
>> Hello List, ..
>>
>> I have a couple of Fedora containers on a Fedora host.
>> Everything was working fine for a while but suddenly, users can not login.
>>
>> - I set password for a certain-user.
>> - I log in as another-user
>> su certain-user
>> password: 
>> su: Authentication failure
>>
>> The main problem is actually that dovecot auth is failing too, as it
>> is PAM based.
>>
>> Any ideas how to troubleshoot this?
>>
>> Thank you in advance.
>
> I suspect it's pam-loginuid.  What is your kernel version?
>
> -serge
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users



-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] PAM auth-user problem in containers

2014-04-07 Thread István Király 
Hello List, ..

I have a couple of Fedora containers on a Fedora host.
Everything was working fine for a while but suddenly, users can not login.

- I set password for a certain-user.
- I log in as another-user
su certain-user
password: 
su: Authentication failure

The main problem is actually that dovecot auth is failing too, as it
is PAM based.

Any ideas how to troubleshoot this?

Thank you in advance.

-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] Error: Too many open files

2014-03-26 Thread István Király 
Hello list, ..

I have now approx. 30 fedora template based containers running.
The ulimit option is increased.

ulimit -n
90

lsof | wc -l
142579

Everything seems to be running fine, but I get this error message when I
restart a service.
Error: Too many open files

The hardware is fairly strong, and I keep creating containers, but I'm also
worried a bit.
Anyone has any experience in running a lot of containers at once?


Thank you.
-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] best way to create network segments for containers

2014-03-23 Thread István Király 
Yes, I was reading this one, and experimented with it already, .. but I'm
still not on the right path yet.
I though there is an easy way, like in openVPN where you can choose between
a tap and a tun device ...




On Sun, Mar 23, 2014 at 1:12 PM, brian mullan wrote:

> One of the best write-ups I saw on networking and LXC is this one:
>
> Exploring LXC Networking by Posted by Milos Gajdos Nov 19th, 
> 2013<http://containerops.org/2013/11/19/lxc-networking/?utm_source=Docker+News&utm_campaign=3faedf3ccf-Docker_0_5_0_7_18_2013&utm_medium=email&utm_term=0_c0995b6e8f-3faedf3ccf-235708077>
>



-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] best way to create network segments for containers ..

2014-03-22 Thread István Király 
Hello fellow users, ..

I have the default libvirt provided simple veth network setup for now, can
create containers, connect to network, and so on. .. so far so good. In the
default setup, containers can see each other, however, ...

I also would also like to have network where they can not see each-other.
Goal would be to prevent a container from sniffing on the unencrypted data
flow of another container.

is it possible to have an interface/network-type that has only direct
connections to the host, without a gateway or internet of course? What
would be the best approach for this? macvlan? openvpn? .. I hope I don't
need to create an interface for each connection on the host. :)

Can someone give me some advice?

Thank you. .)



-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] Some Questions.

2014-03-13 Thread István Király 
Thanks.

I think I remembered there is a kill function, just forgot that that is an
argument of lxc-stop.




On Thu, Mar 13, 2014 at 8:14 PM, Tamas Papp  wrote:

>
> On 03/13/2014 08:06 PM, István Király wrote:
>
>
> lxcpath:
>
> I see, I can use this argument to place containers to different path's.
> Is there a general config that can set the default fedora path
> /usr/local/var/lib/lxc to some custom path? For now I need to use this
> argument every time, in every lxc command.
>
>
> echo "lxc.lxcpath=/some/custom/path" > /usr/local/etc/lxc/lxc.conf
>
> However, it's always better if you use distro packages.
>
>
>  lxc-kill
>
>  When running fedora containers on a fedora host, I see some situations
> where I would need to force to stop a container. I have a container running
> in a terminal at the login prompt, I use lxc-stop in another terminal
> window, and see the "Received SIGPWR." message, but nothing happens.
> lxc.info reports my container running, and I didnt find a way to shut it
> down. Is there a way to "hard reset" or "hard poweroff" a container?
>
>
> man lxc-stop
>
>-k,--kill
>   Rather than requesting a clean shutdown of the container,
> explicitly kill all tasks in the container. This is the legacy lxc-stop
> behavior.
>
> Where did you get lxc-kill from?
>
>
> tamas
>
> _______
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

[lxc-users] Some Questions.

2014-03-13 Thread István Király 
Hello all in the LXC crew.

I'm playing with LXC, and some minor questions came across my way.

Version:

First I built LXC from source, via git clone.
- I didn't really find the general lxc version number in the source, nor a
command for it.
-- Later then I realized lxc-create --version displays 1.0.0

Shouldn't the git clone command get the latest version, 1.0.1? ...
I later downloaded the gz release, and that displayed 1.0.1 correctly.
Maybe lxc-checkconfig should also display the version number?
Or might all lxc tools have different versions? ... I'm a bit confused
about that.

lxcpath:

I see, I can use this argument to place containers to different path's.
Is there a general config that can set the default fedora path
/usr/local/var/lib/lxc to some custom path? For now I need to use this
argument every time, in every lxc command.


lxc-kill

When running fedora containers on a fedora host, I see some situations
where I would need to force to stop a container. I have a container running
in a terminal at the login prompt, I use lxc-stop in another terminal
window, and see the "Received SIGPWR." message, but nothing happens.
lxc.info reports my container running, and I didnt find a way to shut it
down. Is there a way to "hard reset" or "hard poweroff" a container?

I also met some strange behavior, in my container network.manager service
exits with some failure I didn't find out yet, but the container is still
connected to my bridge device, .. strange.


Thank you for your answers. Greetings.

-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users

Re: [lxc-users] Unable to connect to internet from LXC container

2014-01-21 Thread István Király 
Hello Ibha, ...

To me it seems, that you have a private address for your container,
10.x.x.x, and you connect the network over a bridge interface.

if you are using bridging, you need a separate public-IP for your
container(s).
If you want to connect to the internet over a single public IP (the IP of
your eth0 I assume) you will need to set up IP-mascarading or NAT, or a
reverse proxy, to translate communication between your virtual LAN, and the
internet.
Depending on your needs, you might have also the option to use IPv6, the
above is for classic IPv4.

Greetings, ..


On Tue, Jan 21, 2014 at 7:26 PM, Gandhi, Ibha (HP Software) wrote:

>  Hi,
>
>
>
> I am new to LXC and networking in Ubuntu and need help urgently.
>
> I am able to ping the container from the host and vice versa.
>
> The host can connect to internet but the container cannot.
>
> I pinged gateway from container but that also doesn’t work.
>
>
>
> However, output of route –n from the container is:
>
> ubuntu@root-local-machine-2:~$ route -n
>
> Kernel IP routing table
>
> Destination Gateway Genmask Flags Metric RefUse
> Iface
>
> 0.0.0.0   10.x.x.x0.0.0.0  UG
> 10000 eth0
>
> 10.x.x.x0.0.0.0   255.255.x.x U
>  0  00 eth0
>
>
>
> From the host:
>
> eth0  Link encap:Ethernet  HWaddr 00:50:56:9c:24:d5
>
>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>   RX packets:268433 errors:0 dropped:1103 overruns:0 frame:0
>
>   TX packets:37678 errors:0 dropped:0 overruns:0 carrier:0
>
>   collisions:0 txqueuelen:1000
>
>   RX bytes:29370538 (29.3 MB)  TX bytes:2921285 (2.9 MB)
>
>
>
> loLink encap:Local Loopback
>
>   inet addr:127.0.0.1  Mask:255.0.0.0
>
>   inet6 addr: ::1/128 Scope:Host
>
>   UP LOOPBACK RUNNING  MTU:65536  Metric:1
>
>   RX packets:1957142 errors:0 dropped:0 overruns:0 frame:0
>
>   TX packets:1957142 errors:0 dropped:0 overruns:0 carrier:0
>
>   collisions:0 txqueuelen:0
>
>   RX bytes:523335220 (523.3 MB)  TX bytes:523335220 (523.3 MB)
>
>
>
> lxcbr0Link encap:Ethernet  HWaddr 00:50:56:9c:24:d5
>
>   inet addr:10.x.x.x  Bcast:10.x.x.x  Mask:255.x.x.x
>
>   inet6 addr: fe80::250:56ff:fe9c:24d5/64 Scope:Link
>
>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>   RX packets:1458768 errors:0 dropped:179 overruns:0 frame:0
>
>   TX packets:767080 errors:0 dropped:0 overruns:0 carrier:0
>
>   collisions:0 txqueuelen:0
>
>   RX bytes:226231989 (226.2 MB)  TX bytes:127523082 (127.5 MB)
>
>
>
> vethSkshFq Link encap:Ethernet  HWaddr fe:d5:d2:af:33:89
>
>   inet6 addr: fe80::fcd5:d2ff:feaf:3389/64 Scope:Link
>
>   UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>   RX packets:616967 errors:0 dropped:0 overruns:0 frame:0
>
>   TX packets:597510 errors:0 dropped:0 overruns:0 carrier:0
>
>   collisions:0 txqueuelen:1000
>
>   RX bytes:112249698 (112.2 MB)  TX bytes:82433706 (82.4
> MB)
>
>
>
> Any help will be appreciated.
>
>
>
> Thanks,
>
> Ibha
>
> ___
> lxc-users mailing list
> lxc-users@lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>



-- 
István Király
+36 209 753 758
lak...@d250.hu
___
lxc-users mailing list
lxc-users@lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users