[lxc-users] Can LVM be used in an LXC container?

Jeremiah Snapp jeremiah.snapp at gmail.com
Thu Jan 16 18:56:39 UTC 2014 

Thanks Serge!  I actually just found out in IRC that further in my config I
was denying access.  Once I allowed access it works fine.

Yours is the second warning I've received about using LVM in a container.
 I don't know the details of the concern but can you tell me if it would
require human error to cause problems?  I'm not using this in production by
the way.  These are throw away test containers.  The app installed inside
requires an LVM volume.

Thanks,
Jeremiah


On Thu, Jan 16, 2014 at 1:51 PM, Serge Hallyn <serge.hallyn at ubuntu.com>wrote:

> Quoting Jeremiah Snapp (jeremiah.snapp at gmail.com):
> > Hello I'm trying to lvcreate a small volume in an LXC container as part
> of
> > a testing environment but I get the following error.
> >
> > root at test:~# lvcreate -L 1G --name example vg01
> > >   /dev/mapper/control: open failed: Operation not permitted
> > >   Failure to communicate with kernel device-mapper driver.
> > >   striped: Required device-mapper target(s) not detected in your kernel
> > >   Run `lvcreate --help' for more information.
> >
> >
> > Is there a way to make this work?
> >
> > My host is Ubuntu 13.04 with LXC 1.0.0~beta1 and the container is Ubuntu
> > 12.04 with LVM2 installed.
> >
> > Thanks in advance!
>
> It's not really a sane thing to do, but it shoudl work if you add
> the needed devices to the container's devices whitelist.  That
> means at least
>
> lxc.cgroup.devices.allow = c 10:236 rwm
> lxc.cgroup.devices.allow = b 252:* rwm
>
> and maybe just giving full device access by removing all
> lxc.cgroup.devices lines from the config.
>
> You'll also want to make your container unconfined or modify your
> apparmor profile to allow the mounting you need.  Simplest (and least
> safe) is to do
>
> lxc.aa_profile = unconfined
>
> -serge
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140116/337cc2a7/attachment.html>

More information about the lxc-users mailing list