Re: [lxc-users] Running LXC and LXD on the same host

2 PM, jjs - mainphrame > wrote: > > > I'm running both lxc and lxd containers on the same box. There is no > > > conflict, as the commands and data paths are different. > > > > > > Jake > > > > > > On Mon, Apr 11, 2016 at 5:12 PM, Bos

Re: [lxc-users] Running LXC and LXD on the same host

On 12 April 2016 at 02:32, jjs - mainphrame wrote: > I'm running both lxc and lxd containers on the same box. There is no > conflict, as the commands and data paths are different. > Excellent news! Are you running Ubuntu, some other distro or custom rolled lx* installs? tnx, b. ___

[lxc-users] Running LXC and LXD on the same host

Is it possible? Or is running LXC on host and LXD as one of LXC containers more inclined to work out of the box? (just fishing for info, haven't tried LXD out yet) Tnx, b. ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linux

Re: [lxc-users] Better error logging when starting containers?

Dear Akshay, I do agree with you and find this behaviour a bit annoying, yet I believe "patches welcome" response will follow shortly :) On a more serious note: As I skimmed over LXC code a while ago, it seems LXC bails out on first error that occurs. This means that implementing your suggestion

Re: [lxc-users] Setting up unprivileged container in LVM

I think 770 permission on /home/gmc/.local/share/lxc/xxx or somewhere above are the cause of it. Usually when I create container and uidmapshift it (rootfs), I have to chmod 755 /var/lib/lxc/container-name before it can start. This chmod step is not needed for privileged containers. I think this

Re: [lxc-users] lxc insttability

container, i > have to get rid of it to start the Container again. I use > > ip link set dev $DEV name away.$RANDOM > > to archive this > > Guido > > > > > On 19.02.2016 17:08, Bostjan Skufca wrote: > > Does it delete both interfaces, the on

Re: [lxc-users] lxc insttability

Does it delete both interfaces, the one in host's namespace which is added to bridge (vethX) and the one in container's namespace (appears as ethX in there) too? b. On 19 February 2016 at 11:58, Fajar A. Nugraha wrote: > On Fri, Feb 19, 2016 at 5:41 PM, Bostjan Skufca wrot

Re: [lxc-users] lxc insttability

I had similar experience using CentOS 7 as host. I did not investigate it yet, but for some reason veth network interfaces were not being destroyed when containers stopped, and this could only be seen with "brctl show" as more interfaces were attached to a bridge than there were containers running

Re: [lxc-users] LXC not responsive after update

ib/python3.5/lib-dynload/_bz2.cpython-35m-x86_64-linux-gnu.so > ", > O_RDONLY|O_CLOEXEC) = 3 > open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 > open("/usr/lib/libbz2.so.1.0", O_RDONLY|O_CLOEXEC) = 3 > open("/usr/lib/python3.5/__pycache__/lzma.cpython

Re: [lxc-users] LXC not responsive after update

strace command is your friend. b. On 21 January 2016 at 12:12, Viktor Trojanovic wrote: > > > On 20.01.2016 23:50, Fajar A. Nugraha wrote: > > On Thu, Jan 21, 2016 at 5:49 AM, Fajar A. Nugraha < > l...@fajar.net> wrote: > >> On Thu, Jan 21, 2016 at 5:23 AM, Viktor Trojanovic >> wrote: >> >>>

Re: [lxc-users] Live disk iops?

I agree lxc-top is somewhat confusing. For example, all columns except Mem show totals, while Mem shows current memory usage. I believe lxc-top needs some work to become actually usable. Data it displays should be in one of the following modes: - current value, like top - total divided by containe

Re: [lxc-users] What is right way to backup and restore linux containers?

ichael wrote: > What would it be the right tar parameters to compress and decompress all > the rootfs, including devices and special files? > > On Fri, Dec 4, 2015 at 11:58 AM, Bostjan Skufca wrote: > >> Depends if you need consistent copy and how much downtime you can >&g

Re: [lxc-users] What is right way to backup and restore linux containers?

ichael wrote: > What would it be the right tar parameters to compress and decompress all > the rootfs, including devices and special files? > > On Fri, Dec 4, 2015 at 11:58 AM, Bostjan Skufca wrote: > >> Depends if you need consistent copy and how much downtime you can >&g

Re: [lxc-users] What is right way to backup and restore linux containers?

Depends if you need consistent copy and how much downtime you can tolerate. If inconsistent copy is enough, then you can run rsync over storage of running container (on host, not in container) and be done with it. Rsync: I find rsync useful and fast, providing that: - whole container filesystem m

Re: [lxc-users] Migrating LXD VMs/containers between nodes

I recently asked a similar questions (did not mention rdb though that was exactly what I had in my mind:), maybe you will find Stephane's answer informative: https://lists.linuxcontainers.org/pipermail/lxc-users/2015-November/010414.html b. On 25 November 2015 at 16:40, Dilvan Moreira wrote: >

Re: [lxc-users] Migrating LXD VMs/containers between nodes

... or the one from Georg: https://lists.linuxcontainers.org/pipermail/lxc-users/2015-November/010417.html On 25 November 2015 at 18:48, Bostjan Skufca wrote: > I recently asked a similar questions (did not mention rdb though that was > exactly what I had in my mind:), maybe you wil

Re: [lxc-users] LXD - Feature - globbing lxc start/stop

t;>> web50 >>> web51 >>> webWithOtherService >>> >>> $lxc start [pattern], depends on the pattern I can several containers >>> with common names. >>> >>> Even though, I find it useful to start and stop container, using patterns >

Re: [lxc-users] properly shutdown jessie container on wheezy host

Speaking off the top of my head, but does not lxc-stop send sigterm signal to all processes in a container, and then waits for configurable amount of time (default=60s), before sending sigkill? If your processes expect to be shut down by init scripts that need to do some additional tasks, well, th

Re: [lxc-users] LXD - Feature - globbing lxc start/stop

+1 Luis: how do you see this implemented, as simple shell-like globbing, or full regex support? b. On 13 November 2015 at 14:29, Luis Michael Ibarra wrote: > > Hi all, > > I think this is a minor feature, but it would be nice to have globbing > support for lxc [command] parameters. I do know

Re: [lxc-users] [BUG] lxc-destroy destroying wrong containers

> Looks like lxc-clone should copy the config file at the very end, after > rootfs. +1 Use cp analogy for example (with behaviour that most users got used to expect in the last few decades): cp -pR dir1 dir2 # (cp gets interrupted for some reason, ctrl+c or whatever, ok, I need to start again)

Re: [lxc-users] Ownership changes after container move

LXC/LXD? How did you move the containers? Did you use rsync without --numeric-ids maybe? b. On 10 November 2015 at 10:37, Jamie Brown wrote: > Correction; the user was changed to “ubuntu” but the group was changed to > “admin”. Though I’m guessing it is more to do with matching of the > underl

[lxc-users] Question about LXD

Hello, if one wants to have container host cluster with HA feature (restarting containers on non-failed hosts), is this something that is planned for LXD, or is going the OpenStack route the way to go for the foreseeable future? Am I missing some other already existing product (Proxmox I know of)?

Re: [lxc-users] 1.1.5 setproctitle bug

Hello Tycho On 9 November 2015 at 21:30, Tycho Andersen wrote: > Hello Boštjan, > > On Mon, Nov 09, 2015 at 06:47:42PM +0100, Boštjan Škufca @ Teon.si wrote: > > Containers start, but this is what I am getting: > > lxc-start: utils.c: setproctitle: 1461 Invalid argument - setting cmdline > > fai

Re: [lxc-users] LXD Live Migration

Depends on what your requirements for "production" are. Live migration? I guess not. Environment isolation for more-or-less trusted containers? Yes, using it here for quite a while (since 1.0.6 - lxc, not lxd), if possible as unprivileged containers, as it removes A LOT of attack surface for host.

Re: [lxc-users] Raw socket works not right in lxc

This seems like NAT issue on the host. Did you do "iptables -t nat -I -o lxcbrX -o phyY -j MASQUERADE"? b. On 14 October 2015 at 11:25, wrote: > I use raw socket to send an ip packet and fill the source ip 5.5.5.5. I > use tcpdump to capture it: > > * 15:01:29.385061 IP 5.5.5.5 > 224.0.0.18

Re: [lxc-users] Tool for shifting subuids and subgids

Hi Teemu, does this tool have a name? IMHO it is missing -r switch that is present in uidmapshift.c (info about existing uids, gids). Additionally, uidmapshift can limit its scope of operation, and not just directory-wise, but also by id-range. For example, if you run uidmapshift on a directory

Re: [lxc-users] Dotted container names now invalid?

Mark, you are probably talking about lxD, not lxC, right? b. On 6 October 2015 at 07:36, Mark Constable wrote: > lxc v0.19 on Ubuntu 15.10 host. > > ~ lxc launch wily abc > Creating abc done. > Starting abc done. > > ~ lxc launch wily abc.lxc > Creating abc.lxc error: Invalid container name >

Re: [lxc-users] Elegant way for unprivileged container ulimits

On 15 September 2015 at 19:46, Serge Hallyn wrote: > It sounds like it may be worthwhile. The patch shouldn't be huge, so > I think it's worth creating the patch and sending it to the list. Do > make sure to give a detailed description of how you'll use it. (Don't > assume I'll remember :) Tnx

Re: [lxc-users] Elegant way for unprivileged container ulimits

process that is starting the lxc-start is the way currently, but awkward. b. On 14 September 2015 at 18:45, Serge Hallyn wrote: > Which limits would you be intending to set? > > Quoting Bostjan Skufca (bost...@a2o.si): >> (there was no response on this subject) >> >> I check

Re: [lxc-users] Elegant way for unprivileged container ulimits

11:18, Bostjan Skufca wrote: > Hi all, > > is there any elegant way for setting unpriv. container ulimits, other > than setting it in current shell and starting container from that > shell (and scripting all this together)? > > Hooks do not work, as they are executed a

Re: [lxc-users] Containers have network issues when their host uses a bonded interface

Hi Peter, since you mentioned you are using bridged interfaces, is my assumption correct that your containers's network connection is joined directly to this bridge and containers talk to the world direcly (L2) and not via routed (L3) network over host OS? Did you try using routed setup (using bo

[lxc-users] Elegant way for unprivileged container ulimits

Hi all, is there any elegant way for setting unpriv. container ulimits, other than setting it in current shell and starting container from that shell (and scripting all this together)? Hooks do not work, as they are executed as subprocesses. b. ___ lxc

Re: [lxc-users] How to create lxc container from installed system

I did not do what you describe exactly, but went through adaptation of regular linux to support container-based version. I short, what you need to take care of, is: - /dev - copy from one of existing containers, replace. You need very few devices in container. - filesystems /proc, dev and sys - ud

Re: [lxc-users] lxc 1.1.2 on kernel 3.14

Hi Siva, how does your output of command "lxc-checkconfig" look like? b. On 1 August 2015 at 00:11, SIVA SUBRAMANIAN.P wrote: > Hi, > I'm trying to generate a image with lxc 1.1.2 on 3.14 kernel, but not able > to boot it. Is there any hard dependency I need to account in? > > Regards, > Siv

Re: [lxc-users] Find out if one is inside a container

On 15 July 2015 at 08:29, Christoph Mathys wrote: > On Wed, Jul 15, 2015 at 4:08 AM, Bostjan Skufca wrote: > > > > > > Does anyone know where that container variable gets its value from? > > > > src/lxc/start.c in do_start() contains: > > if (putenv("

Re: [lxc-users] Find out if one is inside a container

On 14 July 2015 at 22:33, Tycho Andersen wrote: > On Mon, Jul 13, 2015 at 10:53:10AM +0200, Christoph Mathys wrote: > > Is there an unhacky way of knowing if a script runs inside a > > container? In my case, a sysV initscript that tries to load some > > kernel modules needs to know if it runs ins

Re: [lxc-users] Container cannot write to /var/run

Is systemd now supported as LXC guest's init system? Anyhow, I would guess systemd creates ramdisk for /run (and /var/run) which, by some funky interaction ends up non-writeable. I had (somewhat) similar systemd issue on another project recently, where systemd created /dev/log socket preemptively,

Re: [lxc-users] Owner of an unprivileged container

Hi Serge, is there any standard implementation for starting user-unprivileged containers at boot? I am not talking about containers which are uidmapped (and started) by root to be unprivileged. I mean containers which are created by unprivileged users in their home dirs. Tnx for info, b. On 3 A

Re: [lxc-users] live migration using lxd 0.4

On 24 March 2015 at 15:34, Tycho Andersen wrote: > Hi, > > You'll also find that you need some other stuff to do live migration > (not documented anywhere, unfortunately): > ... > 2. only non-uidmapped containers work (you can do this in lxd by just >setting the uidmap for lxd to be 0-65536,

Re: [lxc-users] Ping between containers LXC

I guess without additional data (container network configuration, host network configuration, and ifconfig and route output to check if specified configuration actually matches the current state of your system), no one will be able to help you. b. On 23 March 2015 at 16:41, Thouraya TH wrote:

Re: [lxc-users] lxc bridge setup

Do you want your containers to use public IPs direcly, or do you want to use local IPs and then forward whole traffic for certain IP towards particular container? In first case, just set lxc.network.link = br0 and configure public IP as you have described it. Container uses the same GW as your hos

Re: [lxc-users] installation of package fails in container

What is your host running? b. On 6 March 2015 at 22:25, CDR wrote: > Downloading packages: > mtr-0.85-7.el7.x86_64.rpm > | 71 kB 00:00:00 > Running transaction check > Running transaction test > Transaction test succeeded > Running transaction > Installing : > 2:mtr-0.85-7.el7.x86_64 > 1/1

[lxc-users] Containers not starting with lxc.autodev=1

LXC 1.1.0: I am getting this error which I fail to fully understand ATM, as I did not dig around code too much yet. If I try to start a container with autodev = 1, it fails to start and results in this error: lxc-start: conf.c: setup_ttydir_console: 1525 Device or resource busy - error unlinking /

Re: [lxc-users] lxc-console breaks on container reboot if someone is attached to it

On 6 March 2015 at 13:41, Bostjan Skufca wrote: > > > On 6 March 2015 at 08:21, Fajar A. Nugraha wrote: > >> On Fri, Mar 6, 2015 at 8:40 AM, Bostjan Skufca wrote: >> > How compatible is LXC 1.1.x with 1.0.7? >> > > I do not have problems with updati

Re: [lxc-users] lxc-console breaks on container reboot if someone is attached to it

On 5 March 2015 at 03:32, Fajar A. Nugraha wrote: > On Thu, Mar 5, 2015 at 9:21 AM, Bostjan Skufca wrote: > > Here are the steps to reproduce (lxc 1.0.7), assuming container is > already > > running: > > > ### Step 3: watch the shutdown messages in console on h

Re: [lxc-users] lxc-console breaks on container reboot if someone is attached to it

On 6 March 2015 at 08:21, Fajar A. Nugraha wrote: > On Fri, Mar 6, 2015 at 8:40 AM, Bostjan Skufca wrote: > > How compatible is LXC 1.1.x with 1.0.7? > > Did you try it? > Not yet, will do in the following days (machine has just been acquired for this). > > I d

Re: [lxc-users] lxc-console breaks on container reboot if someone is attached to it

On 5 March 2015 at 03:32, Fajar A. Nugraha wrote: > > Works for me. Try upgrading lxc. > How compatible is LXC 1.1.x with 1.0.7? I do not have problems with updating config files, but are there any side effects to be expected (like containers not starting for no apparent reason, etc)? Is 1.1.1

Re: [lxc-users] Autostart: container ordering for various multi-container operations

On 5 March 2015 at 09:23, Jäkel, Guido wrote: > Dear Bostjan, > > I already told my 5ct on this many month ago, but now -- with LXC 1.x -- > it might be the time to discuss about it, again. > > > IMHO one want to describe dependencies and it's up to the computer to > derive any order from that. I

[lxc-users] lxc-console breaks on container reboot if someone is attached to it

Hi there, if container is rebooted while someone is attached to its primary console (/dev/lxc/console), then than console becomes "unreachable" until container is shut down and started again. Consoles /dev/lxc/ttyX work as expected all the time. Here are the steps to reproduce (lxc 1.0.7), assumi

[lxc-users] Autostart: container ordering for various multi-container operations

Hi there, I would like to open a discussion about container ordering regarding to lxc.start.order and lxc-autostart operations. Currently, let's presume that pull request https://github.com/lxc/lxc/pull/461 is merged and that containers start in ascending lxc.start.order fashion. This makes sens

Re: [lxc-users] lxc.start.order honored in reverse

On 4 March 2015 at 14:48, Jean-Gabriel Gill-Couture < jeangabriel...@gmail.com> wrote: > > Is it possible that the order is respected but the first containers are > just slower to start up? > Nope, just checked it again, with longer delays to be able to watch what is going on. Containers with orde

[lxc-users] lxc.start.order honored in reverse

I understood from man pages that lxc.start.order setting should cause containers to start in ascending order (lower the value, earlier the startup). It turns out that with 1.0.7 this acts more like priority - the higher the value, the sooner container starts. Is anyone else experiencing this with

Re: [lxc-users] Installing packages in a container while boot up or via script?

If I want to do something like that (i.e. when bootstrapping custom linux system as LXC guest), I just chroot into newly-created container root and do the "apt-get install ...". This method uses host's network connection, but it requires container's /etc/resolv.conf correctly configured. Also, if

Re: [lxc-users] User namespaces

Hope? :) To get the actual value, one should probably explore uid_t type definition if you want to skip reading sources of the shadow suite. Online search returns this nice and clickable page: http://lxr.free-electrons.com/ident?i=uid_t This leads to "unsigned int" as final definition. On 64-bit

[lxc-users] Default container IPv6 autoconfiguration settings

Hi all, I was just debugging some IPv6 connectivity problems and realised that container interfaces do not inherit host's default settings about IPv6 autoconfiguration. More precisely I am talking about these two parameters: - /proc/sys/net/ipv6/conf/*/accept_ra - /proc/sys/net/ipv6/conf/*/autoco

Re: [lxc-users] lxc scaling numbers

This is not lxc-specific, but James Bottomley gave a insightful talk about containers vs full VMs: http://www.youtube.com/watch?v=p-x9wC94E38 Charts around 14min gives nice general (ballpark) comparison figures. b. On 16 October 2014 08:33, Ritesh Ranjan wrote: > Any docs/links that some one

[lxc-users] Mounting samba/cifs for unprivileged containers

Hi, I am using LXC quite successfully and most of my containers are already ported to unprivileged mode of operation (started from root, but uidmapped). One thing that is getting in the way are CIFS mounts. If I mount it either via pre-start hook or via lxc.mount.entry config variable, when cont