Public bug reported:
On Xenial, can not start a nested Trusty container inside a Trusty
container. (All containers are privileged, tests done on two different
machines, one is a fresh Xenial install)
Steps to reproduce:
* Create a nested Trusty container (ie. Trusty container in a trusty
container) on a Xenial machine
* Observe the result:
# lxc-start -d --name testt --logfile=/tmp/log
lxc-start: lxc_start.c: main: 341 The container failed to start.
lxc-start: lxc_start.c: main: 343 To get more details, run the container in
foreground mode.
lxc-start: lxc_start.c: main: 345 Additional information can be obtained by
setting the --logfile and --logpriority options.
# cat /tmp/log
lxc-start 1464425901.410 ERROR lxc_cgfs - cgfs.c:cgfs_init:2246 -
cgroupfs failed to detect cgroup metadata
lxc-start 1464425901.411 ERROR lxc_start - start.c:lxc_spawn:884 -
failed initializing cgroup support
lxc-start 1464425901.467 ERROR lxc_start - start.c:__lxc_start:1121 -
failed to spawn 'testt'
lxc-start 1464425901.467 ERROR lxc_start_ui - lxc_start.c:main:341 -
The container failed to start.
lxc-start 1464425901.467 ERROR lxc_start_ui - lxc_start.c:main:343 -
To get more details, run the container in foreground mode.
lxc-start 1464425901.467 ERROR lxc_start_ui - lxc_start.c:main:345 -
Additional information can be obtained by setting the --logfile and
--logpriority options.
Unsure if this is a Xenial or Trusty issue (tested on original
4.4.0-22-generic and 4.5.3 kernels)
Works successfully (tested):
* On Xenial, Xenial container inside Xenial container
* On Xenial, Trusty container inside Xenial container
* On Trusty, Trusty container inside Trusty container
Does NOT work:
* On Xenial, Trusty container inside Trusty container
Setup details:
* Create container:
apt-get update --yes
apt-get dist-upgrade --yes
apt-get install lxc --yes
lxc-create -n NAME -t ubuntu -- -r trusty -a amd64
--or--
lxc-create -n NAME -t ubuntu -- -r xenial -a amd64
And add in config:
lxc.include = /usr/share/lxc/config/nesting.conf
Also, for Xenial:
lxc.aa_allow_incomplete = 1
Then start and attach to create the nested container.
Additional information:
* On the Trusty container on a Xenial machine:
# cat /proc/cgroups
#subsys_name hierarchy num_cgroups enabled
cpuset 9 12 1
cpu 2 164 1
cpuacct 2 164 1
blkio 7 164 1
memory 5 702 1
devices 10 319 1
freezer 11 28 1
net_cls 8 12 1
perf_event 3 12 1
net_prio 8 12 1
hugetlb 6 12 1
pids 4 305 1
# uname -a
Linux testt 4.5.3 #1 SMP Mon May 9 08:18:24 CEST 2016 x86_64 x86_64 x86_64
GNU/Linux
Also tested on a regular 4.4.0-22 kernel:
# uname -a
Linux xavier-test 4.4.0-22-generic #40-Ubuntu SMP Thu May 12 22:03:46 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
# cat /proc/self/mountinfo
164 119 202:1 /var/lib/lxc/testt/rootfs / rw,noatime master:1 - ext4 /dev/xvda1
rw,nobarrier,errors=remount-ro,data=ordered
165 164 0:44 / /dev rw,relatime - tmpfs none rw,size=492k,mode=755
166 164 0:43 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
167 168 0:43 /sys/net /proc/sys/net rw,nosuid,nodev,noexec,relatime - proc proc
rw
168 166 0:43 /sys /proc/sys ro,nosuid,nodev,noexec,relatime - proc proc rw
169 166 0:43 /sysrq-trigger /proc/sysrq-trigger ro,nosuid,nodev,noexec,relatime
- proc proc rw
170 164 0:45 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
171 170 0:45 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
172 171 0:45 / /sys/devices/virtual/net rw,relatime - sysfs sysfs rw
173 172 0:45 /devices/virtual/net /sys/devices/virtual/net
rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
174 171 0:37 / /sys/fs/fuse/connections rw,relatime master:28 - fusectl fusectl
rw
175 171 0:7 / /sys/kernel/debug rw,relatime master:25 - debugfs debugfs rw
176 171 0:12 / /sys/kernel/security rw,nosuid,nodev,noexec,relatime master:8 -
securityfs securityfs rw
177 171 0:23 / /sys/fs/pstore rw,nosuid,nodev,noexec,relatime master:11 -
pstore pstore rw
178 165 0:42 / /dev/mqueue rw,relatime - mqueue mqueue rw
179 165 0:43 / /dev/.lxc/proc rw,relatime - proc proc rw
180 165 0:45 / /dev/.lxc/sys rw,relatime - sysfs sys rw
181 166 0:40 /proc/cpuinfo /proc/cpuinfo rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
182 166 0:40 /proc/diskstats /proc/diskstats rw,nosuid,nodev,relatime master:98
- fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
183 166 0:40 /proc/meminfo /proc/meminfo rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
184 166 0:40 /proc/stat /proc/stat rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
185 166 0:40 /proc/swaps /proc/swaps rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
186 166 0:40 /proc/uptime /proc/uptime rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
187 165 0:14 /0 /dev/lxc/console rw,nosuid,noexec,relatime master:3 - devpts
devpts rw,gid=5,mode=620,ptmxmode=000
120 165 0:46 / /dev/pts rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
121 165 0:46 /0 /dev/lxc/tty1 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
122 165 0:46 /1 /dev/lxc/tty2 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
123 165 0:46 /2 /dev/lxc/tty3 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
124 165 0:46 /3 /dev/lxc/tty4 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
125 175 0:9 / /sys/kernel/debug/tracing rw,relatime - tracefs tracefs rw
126 164 0:47 / /run rw,nosuid,noexec,relatime - tmpfs none
rw,size=3088236k,mode=755
127 171 0:48 / /sys/fs/cgroup rw,relatime - tmpfs none rw,size=4k,mode=755
128 126 0:49 / /run/lock rw,nosuid,nodev,noexec,relatime - tmpfs none
rw,size=5120k
129 126 0:50 / /run/shm rw,nosuid,nodev,relatime - tmpfs none rw
130 126 0:51 / /run/user rw,nosuid,nodev,noexec,relatime - tmpfs none
rw,size=102400k,mode=755
Possible related bugs:
* bug #1543697 (which is fixed)
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "strace lxc-start traces"
https://bugs.launchpad.net/bugs/1586608/+attachment/4671736/+files/strace.traces
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/1586608
Title:
Can not start nested trusty container inside trusty container
Status in lxc package in Ubuntu:
New
Bug description:
On Xenial, can not start a nested Trusty container inside a Trusty
container. (All containers are privileged, tests done on two different
machines, one is a fresh Xenial install)
Steps to reproduce:
* Create a nested Trusty container (ie. Trusty container in a trusty
container) on a Xenial machine
* Observe the result:
# lxc-start -d --name testt --logfile=/tmp/log
lxc-start: lxc_start.c: main: 341 The container failed to start.
lxc-start: lxc_start.c: main: 343 To get more details, run the container in
foreground mode.
lxc-start: lxc_start.c: main: 345 Additional information can be obtained by
setting the --logfile and --logpriority options.
# cat /tmp/log
lxc-start 1464425901.410 ERROR lxc_cgfs - cgfs.c:cgfs_init:2246 -
cgroupfs failed to detect cgroup metadata
lxc-start 1464425901.411 ERROR lxc_start - start.c:lxc_spawn:884 -
failed initializing cgroup support
lxc-start 1464425901.467 ERROR lxc_start - start.c:__lxc_start:1121
- failed to spawn 'testt'
lxc-start 1464425901.467 ERROR lxc_start_ui - lxc_start.c:main:341 -
The container failed to start.
lxc-start 1464425901.467 ERROR lxc_start_ui - lxc_start.c:main:343 -
To get more details, run the container in foreground mode.
lxc-start 1464425901.467 ERROR lxc_start_ui - lxc_start.c:main:345 -
Additional information can be obtained by setting the --logfile and
--logpriority options.
Unsure if this is a Xenial or Trusty issue (tested on original
4.4.0-22-generic and 4.5.3 kernels)
Works successfully (tested):
* On Xenial, Xenial container inside Xenial container
* On Xenial, Trusty container inside Xenial container
* On Trusty, Trusty container inside Trusty container
Does NOT work:
* On Xenial, Trusty container inside Trusty container
Setup details:
* Create container:
apt-get update --yes
apt-get dist-upgrade --yes
apt-get install lxc --yes
lxc-create -n NAME -t ubuntu -- -r trusty -a amd64
--or--
lxc-create -n NAME -t ubuntu -- -r xenial -a amd64
And add in config:
lxc.include = /usr/share/lxc/config/nesting.conf
Also, for Xenial:
lxc.aa_allow_incomplete = 1
Then start and attach to create the nested container.
Additional information:
* On the Trusty container on a Xenial machine:
# cat /proc/cgroups
#subsys_name hierarchy num_cgroups enabled
cpuset 9 12 1
cpu 2 164 1
cpuacct 2 164 1
blkio 7 164 1
memory 5 702 1
devices 10 319 1
freezer 11 28 1
net_cls 8 12 1
perf_event 3 12 1
net_prio 8 12 1
hugetlb 6 12 1
pids 4 305 1
# uname -a
Linux testt 4.5.3 #1 SMP Mon May 9 08:18:24 CEST 2016 x86_64 x86_64 x86_64
GNU/Linux
Also tested on a regular 4.4.0-22 kernel:
# uname -a
Linux xavier-test 4.4.0-22-generic #40-Ubuntu SMP Thu May 12 22:03:46 UTC
2016 x86_64 x86_64 x86_64 GNU/Linux
# cat /proc/self/mountinfo
164 119 202:1 /var/lib/lxc/testt/rootfs / rw,noatime master:1 - ext4
/dev/xvda1 rw,nobarrier,errors=remount-ro,data=ordered
165 164 0:44 / /dev rw,relatime - tmpfs none rw,size=492k,mode=755
166 164 0:43 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
167 168 0:43 /sys/net /proc/sys/net rw,nosuid,nodev,noexec,relatime - proc
proc rw
168 166 0:43 /sys /proc/sys ro,nosuid,nodev,noexec,relatime - proc proc rw
169 166 0:43 /sysrq-trigger /proc/sysrq-trigger
ro,nosuid,nodev,noexec,relatime - proc proc rw
170 164 0:45 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
171 170 0:45 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
172 171 0:45 / /sys/devices/virtual/net rw,relatime - sysfs sysfs rw
173 172 0:45 /devices/virtual/net /sys/devices/virtual/net
rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
174 171 0:37 / /sys/fs/fuse/connections rw,relatime master:28 - fusectl
fusectl rw
175 171 0:7 / /sys/kernel/debug rw,relatime master:25 - debugfs debugfs rw
176 171 0:12 / /sys/kernel/security rw,nosuid,nodev,noexec,relatime master:8
- securityfs securityfs rw
177 171 0:23 / /sys/fs/pstore rw,nosuid,nodev,noexec,relatime master:11 -
pstore pstore rw
178 165 0:42 / /dev/mqueue rw,relatime - mqueue mqueue rw
179 165 0:43 / /dev/.lxc/proc rw,relatime - proc proc rw
180 165 0:45 / /dev/.lxc/sys rw,relatime - sysfs sys rw
181 166 0:40 /proc/cpuinfo /proc/cpuinfo rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
182 166 0:40 /proc/diskstats /proc/diskstats rw,nosuid,nodev,relatime
master:98 - fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
183 166 0:40 /proc/meminfo /proc/meminfo rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
184 166 0:40 /proc/stat /proc/stat rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
185 166 0:40 /proc/swaps /proc/swaps rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
186 166 0:40 /proc/uptime /proc/uptime rw,nosuid,nodev,relatime master:98 -
fuse.lxcfs lxcfs rw,user_id=0,group_id=0,allow_other
187 165 0:14 /0 /dev/lxc/console rw,nosuid,noexec,relatime master:3 - devpts
devpts rw,gid=5,mode=620,ptmxmode=000
120 165 0:46 / /dev/pts rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
121 165 0:46 /0 /dev/lxc/tty1 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
122 165 0:46 /1 /dev/lxc/tty2 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
123 165 0:46 /2 /dev/lxc/tty3 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
124 165 0:46 /3 /dev/lxc/tty4 rw,relatime - devpts devpts
rw,gid=5,mode=620,ptmxmode=666
125 175 0:9 / /sys/kernel/debug/tracing rw,relatime - tracefs tracefs rw
126 164 0:47 / /run rw,nosuid,noexec,relatime - tmpfs none
rw,size=3088236k,mode=755
127 171 0:48 / /sys/fs/cgroup rw,relatime - tmpfs none rw,size=4k,mode=755
128 126 0:49 / /run/lock rw,nosuid,nodev,noexec,relatime - tmpfs none
rw,size=5120k
129 126 0:50 / /run/shm rw,nosuid,nodev,relatime - tmpfs none rw
130 126 0:51 / /run/user rw,nosuid,nodev,noexec,relatime - tmpfs none
rw,size=102400k,mode=755
Possible related bugs:
* bug #1543697 (which is fixed)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1586608/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
