<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Thu, Dec 3, 2015 at 1:14 AM, Peter Steele <span dir="ltr"><<a href="mailto:pwsteele@gmail.com" target="_blank">pwsteele@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span>
<tt><br>
</tt>
<div><tt>On 12/02/2015 07:23 AM, Fajar A.
Nugraha wrote:</tt><tt><br>
</tt></div>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote"><tt>On Wed, Dec 2, 2015 at 9:49 PM,
Peter Steele </tt><tt><span dir="ltr"><<a href="mailto:pwsteele@gmail.com" target="_blank">pwsteele@gmail.com</a>></span></tt><tt>
wrote:</tt><tt><br>
</tt>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><tt><span>
On 12/01/2015 08:25 PM, Fajar A. Nugraha wrote:<br>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">Is there a reason why
you can't install a centos7 container using
the download template? It would've been MUCH
easier, and some of the things you asked
wouldn't even be an issue.</div>
</div>
</div>
</blockquote>
</span></tt><tt><br></tt></div></blockquote></div></div></div></blockquote></span></div></blockquote><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000"><tt>lxc-create -t centos -n test1</tt><tt><br>
</tt><tt><br>
</tt><tt>to create a container using the centos default settings.
The resulting config file doesn't look a whole lot different than
my manually crafted version. </tt></div></blockquote><div><br></div><div><br></div><div>You DID notice that repeatedly say "DOWNLOAD template"? as in someting like</div><div><br></div><div># lxc-create -t download -n c7 -- -d centos -r 7 -a amd64</div><div><br></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div bgcolor="#FFFFFF" text="#000000"><tt>Something doesn't seem quite right
though; when I run lxc-start -n test1 the container takes forever
to boot. I could log in eventually </tt><tt>but it's not working
too well:<br>
</tt><tt><br>
</tt><tt>[root@test1 ~]# systemctl<br>
Starting Trigger Flushing of Journal to Persistent
Storage...<br>
[FAILED] Failed to start LSB: Bring up/down networking.<br>
See 'systemctl status network.service' for details.<br>
<28>systemd-sysctl[261]: Failed to write '1' to
'/proc/sys/kernel/core_uses_pid': Read-only file system<br>
Failed to get D-Bus connection: Failed to authenticate in time.<br>
</tt><tt><br>
Shouldn't a container built with the stock config work "out of the
box"?<br>
<br></tt></div></blockquote><div><br></div><div><br></div><div>Short version: if you use <a href="http://copr.fedoraproject.org/coprs/thm/lxc1.1/" target="_blank">http://copr.fedoraproject.org/coprs/thm/lxc1.1/</a> , you need to do some things first:</div><div>- edit /etc/sysconfig/lxc, USE_LXC_BRIDGE="true"<br></div><div>- systemctl enable lxc-net<br></div><div>- systemctl enable lxc<br></div><div>- systemctl start lxc-net<br></div><div>- brctl show<br></div><div>- ip ad li lxcbr0</div><div> </div><div>If you HAVE lxcbr0 with the default ip 10.0.3.1 (you can change this later), you're all set. If not, doublecheck your setup.</div><div>If you're asking "where's the docs that mention this", as the package manager :)<br></div><div><br></div><div>The alternative is to configure your own bridge and configure your containers to use that. After you get the bridge working, you can start and monitor its boot progress with something like this:</div><div><br></div><div># lxc-start -n c7;lxc-console -n c7 -t 0<br></div><div><br></div><div>The benefit of using this approach instead of "lxc-start -F" is that you can detach the console session later using "ctrl-a q". Note that you can NOT login on this console yet, as by default the root password is not set. From another shell session, you need to do</div><div><br></div><div># lxc-attach -n c7 -- passwd<br></div><div><br></div><div>Then you can login from the console session. You'll then see on the container (I tested this just now on up-to-date centos7)</div><div><br></div><div><div>[root@c7 ~]# ls /dev</div><div>console core fd full hugepages initctl log lxc mqueue null ptmx pts random shm stderr stdin stdout tty tty1 tty2 tty3 tty4 urandom zero</div></div><div><br></div><div>Apparently this works even without lxfs. <br></div><div><br></div><div><br></div><div>If you DO manage to get lxcfs installed and working later (disclaimer: I've only use it on ubuntu and debian), you'll be able to get some additional benefits like the container only seeing its allocated resources (set using "lxc.cgroup" settings on lxc config file). For example, if "lxc.cgroup.cpuset.cpus = 0", then the container will only use cpu0, and "htop" or "cat /proc/cpuinfo" will only show 1 cpu even when your host has multiple cpus.</div><div><br></div><div>-- <br></div><div>Fajar</div></div></div></div>