<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Thu, May 15, 2014 at 9:06 PM, Michael H. Warfield <span dir="ltr"><<a href="mailto:mhw@wittsend.com" target="_blank">mhw@wittsend.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div class="">On Thu, 2014-05-15 at 04:40 -0400, CDR wrote:<br>
</div><div class="">> The container is started, because I am inside it via ssh<br>
> but I cannot use its console<br>
> lxc-console -n msterfe<br>
> msterfe is not running<br>
><br>
> I am uploading the configuration as an attachment<br>
> The container was created from the template, LXC 1.0.3<br>
<br>
</div>Ah, but that config obviously was not. (And totally aside, why do you<br>
need 20 macvlan eth interfaces in a container???) What happened to the<br>
config that the template created? Was it thrown away and a new one<br>
created from whole cloth?<br>
<br>
Did you first try the container with the initial configuration file<br>
generated by the template? That would be a good place to start and you<br>
might want to check /usr/share/lxc/config/fedora.common.conf. The<br>
initial configuration file generated by the template will "include" that<br>
common set of parameters but you can override those defaults.<br>
<br></blockquote><div><br></div><div>The default default config file created by the template on Ubuntu should work, as long as you remember to uncomment this line:<br></div><div>####</div><div><div># When using LXC with apparmor, uncomment the next line to run unconfined:<br>
</div><div>#lxc.aa_profile = unconfined</div><div>####<br></div></div><div><br></div><div>With that commented out, you'd get</div><div>####<br></div><div><div><30>systemd[1]: Starting Root Slice.<br></div><div><27>systemd[1]: Caught <SEGV>, dumped core as pid 12.</div>
<div><30>systemd[1]: Freezing execution.</div></div><div>####</div><div><br></div><div>With the unconfied apparmor profile, it works as expected</div><div><br></div><div><div>####</div><div># lxc-ls -f f20</div><div>
NAME STATE IPV4 IPV6 AUTOSTART </div><div>------------------------------------------</div><div>f20 RUNNING 10.0.3.205 - NO </div></div><div><div>####</div></div><div><br></div><div><br></div><div>lxc-stop doesn't work without "-k". I remember reading about this on the list some time ago, might be useful to integrate the workaround in the template.</div>
<div><div>####</div><div>[root@f20 ~]# Received SIGPWR.</div><div>####<br></div></div><div><br></div><div><br></div><div>Using 20 veth interfaces in the container works, by adding blocks like this in the config file (and adding appropriate configuration inside the container). Each veth needs is its own unique hwaddr</div>
<div>###</div><div><div>lxc.network.type = veth</div><div>lxc.network.flags = up</div><div>lxc.network.link = lxcbr0<br></div><div>lxc.network.hwaddr = fe:8b:ee:bc:52:c0</div></div><div>###<br></div><div><div><br></div><div>
<br></div><div>###</div><div><div># lxc-ls -f f20</div><div>NAME STATE IPV4 IPV6 AUTOSTART </div>
<div>------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------</div>
<div>f20 RUNNING 10.0.3.205, 10.0.3.207, 10.0.3.208, 10.0.3.209, 10.0.3.210, 10.0.3.217, 10.0.3.218, 10.0.3.219, 10.0.3.220, 10.0.3.221, 10.0.3.222, 10.0.3.223, 10.0.3.224, 10.0.3.225, 10.0.3.226, 10.0.3.233, 10.0.3.234, 10.0.3.235, 10.0.3.236, 10.0.3.237 - NO </div>
</div><div>###<br></div><div><br></div><div>-- <br></div></div><div>Fajar</div></div></div></div>