<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<tt><br>
</tt>
<div class="moz-cite-prefix"><tt>On 12/02/2015 07:23 AM, Fajar A.
Nugraha wrote:</tt><tt><br>
</tt></div>
<blockquote
cite="mid:CAG1y0seeMw3Xq=9yHtiJPW7s4s8QAm+UsSS-416Wm+rakh-g9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote"><tt>On Wed, Dec 2, 2015 at 9:49 PM,
Peter Steele </tt><tt><span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:pwsteele@gmail.com" target="_blank">pwsteele@gmail.com</a>></span></tt><tt>
wrote:</tt><tt><br>
</tt>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><tt><span class="">
On 12/01/2015 08:25 PM, Fajar A. Nugraha wrote:<br>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">Is there a reason why
you can't install a centos7 container using
the download template? It would've been MUCH
easier, and some of the things you asked
wouldn't even be an issue.</div>
</div>
</div>
</blockquote>
</span></tt><tt><br>
</tt><tt> So, that long winded answer is why we can't
just use the LXC template for CentOS directly. I was
assuming (hoping) that the libvirt container image we
build would be largely LXC friendly. Apparently it's
not going to be quite as straightforward as I'd hoped.
I'm going to have to dissect the steps used for
creating a CentOS LXC template and make sure our
container image provides what is needed/expected by
LXC.</tt></div>
</blockquote>
<div><tt><br>
</tt></div>
<div><tt><br>
</tt></div>
<div><tt>Actually my point was about the config file :)</tt></div>
</div>
</div>
</div>
</blockquote>
<tt>D'oh! My mistake; sorry for the history lesson then, I hope it
was interesting reading... :-)</tt><tt><br>
</tt><tt><br>
</tt><tt>As for the config file, I believe what I am now using is
the same config file, more or less, that's used by LXC containers
created with the CentOS template. I just incorporated the
centos.common.conf settings into my own config file directly.
Although I did tweak some things a bit and eliminated things that
weren't needed (like lxc.seccomp). </tt><tt>I did a quick test
and ran the command</tt><tt><br>
</tt><tt><br>
</tt><tt>lxc-create -t centos -n test1</tt><tt><br>
</tt><tt><br>
</tt><tt>to create a container using the centos default settings.
The resulting config file doesn't look a whole lot different than
my manually crafted version. Something doesn't seem quite right
though; when I run lxc-start -n test1 the container takes forever
to boot. I could log in eventually </tt><tt>but it's not working
too well:<br>
</tt><tt><br>
</tt><tt>[root@test1 ~]# systemctl<br>
Starting Trigger Flushing of Journal to Persistent
Storage...<br>
[FAILED] Failed to start LSB: Bring up/down networking.<br>
See 'systemctl status network.service' for details.<br>
<28>systemd-sysctl[261]: Failed to write '1' to
'/proc/sys/kernel/core_uses_pid': Read-only file system<br>
Failed to get D-Bus connection: Failed to authenticate in time.<br>
</tt><tt><br>
Shouldn't a container built with the stock config work "out of the
box"?<br>
<br>
</tt>
<blockquote
cite="mid:CAG1y0seeMw3Xq=9yHtiJPW7s4s8QAm+UsSS-416Wm+rakh-g9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div><tt>The rootfs should be OK as is, as any
systemd-related problem inside the container should've
also been fixed if you've managed to run it under
libvirt. I was suggesting to create a centos7 container
from the download template (which would reference the
common configs, and use lxcfs), then copy its config
file.</tt></div>
</div>
</div>
</div>
</blockquote>
<tt><br>
</tt><tt>There was no explicit reference to lxcfs in the
centos.common.conf file, nor in any of the config files for the
other templates. </tt><tt>My impression is that this is not part
of the LXC version that I am using.</tt><tt><br>
</tt><tt><br>
</tt>
<blockquote
cite="mid:CAG1y0seeMw3Xq=9yHtiJPW7s4s8QAm+UsSS-416Wm+rakh-g9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote"><tt>It occurs to me that the
difference might be related to lxcfs. It provides a
private, customized copy of parts of /sys and /proc to the
container, so the container doesn't need to see what the
host has. And IIRC libvirt has something that functions
similarly to lxcfs.</tt></div>
</div>
</div>
</blockquote>
<tt>Containers in libvirt have private versions of /sys and /proc,
although there is nothing to configure to provide this
functionality, this is the default behavior. There is nothing
really quite like lxcfs</tt><tt>. </tt><tt><br>
</tt><tt><br>
</tt>
<blockquote
cite="mid:CAG1y0seeMw3Xq=9yHtiJPW7s4s8QAm+UsSS-416Wm+rakh-g9A@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div><tt>Do you also have lxcfs installed? What version of
lxc are you using? </tt></div>
<div><tt>Try installing lxcfs and use lxc-1.1.x. Then try to
install a new container using download template to see
if it's similar to what you want. If it is, copy it's
config file (and modify things like name and paths,
obviously) for your former-libvirt container.</tt></div>
</div>
</div>
</div>
</blockquote>
<tt><br>
</tt><tt>I am using the version 1.0.7 RPMs that are available on
EPEL. I assume there are no RPMs available for 1.1? We tend to use
binary versions of the third party packages we've included in our
system but I will check out 1.1 and investigate lxcfs. The set of
LXC RPMs I installed from EPEL are:</tt><tt><br>
</tt><tt><br>
</tt><tt>lua-lxc.</tt><tt><tt>1.0.7-4.el7</tt>.x86_64</tt><tt><br>
</tt><tt>lxc.</tt><tt><tt>1.0.7-4.el7</tt>.x86_64</tt><tt><br>
</tt><tt>lxc-libs.</tt><tt><tt>1.0.7-4.el7</tt>.x86_64</tt><tt><br>
</tt><tt>lxc-templates.</tt><tt><tt>1.0.7-4.el7</tt>.x86_64</tt><tt><br>
</tt><tt><br>
</tt><tt>Peter<br>
<br>
</tt>
</body>
</html>