<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 12/02/2015 08:47 PM, Fajar A. Nugraha wrote:<br>
<blockquote
cite="mid:CAG1y0seVyhHYBk37NE1uZiHjHfADzvu+DuXo1Z=vWFNYLfSmUw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">On Thu, Dec 3, 2015 at 1:14 AM, Peter
Steele <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:pwsteele@gmail.com" target="_blank">pwsteele@gmail.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><span> <tt><br>
</tt>
<div><tt>On 12/02/2015 07:23 AM, Fajar A. Nugraha
wrote:</tt><tt><br>
</tt></div>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote"><tt>On Wed, Dec 2, 2015
at 9:49 PM, Peter Steele </tt><tt><span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:pwsteele@gmail.com"
target="_blank">pwsteele@gmail.com</a>></span></tt><tt>
wrote:</tt><tt><br>
</tt>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><tt><span>
On 12/01/2015 08:25 PM, Fajar A.
Nugraha wrote:<br>
<blockquote type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">Is
there a reason why you can't
install a centos7 container
using the download template?
It would've been MUCH easier,
and some of the things you
asked wouldn't even be an
issue.</div>
</div>
</div>
</blockquote>
</span></tt><tt><br>
</tt></div>
</blockquote>
</div>
</div>
</div>
</blockquote>
</span></div>
</blockquote>
<div><br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000"><tt>lxc-create -t
centos -n test1</tt><tt><br>
</tt><tt><br>
</tt><tt>to create a container using the centos default
settings. The resulting config file doesn't look a
whole lot different than my manually crafted version.
</tt></div>
</blockquote>
<div><br>
</div>
<div><br>
</div>
<div>You DID notice that repeatedly say "DOWNLOAD template"?
as in someting like</div>
<div><br>
</div>
<div># lxc-create -t download -n c7 -- -d centos -r 7 -a
amd64</div>
<div><br>
</div>
</div>
</div>
</div>
</blockquote>
The template was downloaded automatically when I ran the lxc-create
command the first time. Is there a difference in how the download is
done using the command you've listed above?<br>
<br>
<blockquote
cite="mid:CAG1y0seVyhHYBk37NE1uZiHjHfADzvu+DuXo1Z=vWFNYLfSmUw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div><br>
</div>
Short version: if you use <a moz-do-not-send="true"
href="http://copr.fedoraproject.org/coprs/thm/lxc1.1/"
target="_blank">http://copr.fedoraproject.org/coprs/thm/lxc1.1/</a>
, you need to do some things first:
<div>- edit /etc/sysconfig/lxc, USE_LXC_BRIDGE="true"<br>
</div>
<div>- systemctl enable lxc-net<br>
</div>
<div>- systemctl enable lxc<br>
</div>
<div>- systemctl start lxc-net<br>
</div>
<div>- brctl show<br>
</div>
<div>- ip ad li lxcbr0</div>
<div> </div>
<div>If you HAVE lxcbr0 with the default ip 10.0.3.1 (you
can change this later), you're all set. If not,
doublecheck your setup.</div>
<div>If you're asking "where's the docs that mention this",
as the package manager :)<br>
</div>
<div><br>
</div>
<div>The alternative is to configure your own bridge and
configure your containers to use that. After you get the
bridge working, you can start and monitor its boot
progress with something like this:</div>
<div><br>
</div>
</div>
</div>
</div>
</blockquote>
That's exactly what I did. I realized this later that the default
centos container assumes you have a lxcbr0 defined (I had hit this
issue before). My servers use br0 so I just changed my test
container's config and it came up fine. Most importantly, the udev
service was not running. So I tweaked the lxc config I had in my
custom install process to more closely match what was used in my
standalone test and my containers are now coming up fine, or at
least udev is no longer running. The /dev directory still has more
entries than my libvirt containers (for example, /dev/snd is still
present), but at least there are no udev errors in
/var/log/messages. <br>
<br>
There *are* other issues (our software isn't running properly), but
I think the major container issues have been resolved. I changed a
few things, including the version of LXC that I'm using, so it's
hard to say what the culprit was with regards to this udev issue.<br>
<br>
<blockquote
cite="mid:CAG1y0seVyhHYBk37NE1uZiHjHfADzvu+DuXo1Z=vWFNYLfSmUw@mail.gmail.com"
type="cite">
<div dir="ltr">
<div class="gmail_extra">
<div class="gmail_quote">
<div># lxc-start -n c7;lxc-console -n c7 -t 0<br>
</div>
<div><br>
</div>
<div>The benefit of using this approach instead of
"lxc-start -F" is that you can detach the console session
later using "ctrl-a q". Note that you can NOT login on
this console yet, as by default the root password is not
set. From another shell session, you need to do</div>
<div><br>
</div>
<div># lxc-attach -n c7 -- passwd<br>
</div>
<div><br>
</div>
<div>Then you can login from the console session. You'll
then see on the container (I tested this just now on
up-to-date centos7)</div>
<div><br>
</div>
<div>
<div>[root@c7 ~]# ls /dev</div>
<div>console core fd full hugepages initctl log lxc
mqueue null ptmx pts random shm stderr stdin
stdout tty tty1 tty2 tty3 tty4 urandom zero</div>
</div>
<div><br>
</div>
<div>Apparently this works even without lxfs. <br>
</div>
<div><br>
</div>
<div>If you DO manage to get lxcfs installed and working
later (disclaimer: I've only use it on ubuntu and debian),
you'll be able to get some additional benefits like the
container only seeing its allocated resources (set using
"lxc.cgroup" settings on lxc config file). For example, if
"lxc.cgroup.cpuset.cpus = 0", then the container will only
use cpu0, and "htop" or "cat /proc/cpuinfo" will only show
1 cpu even when your host has multiple cpus.</div>
<br>
</div>
</div>
</div>
</blockquote>
That would definitely be nice. Libvirt does a reasonably good job in
this area but it is far from complete, with /proc/cpuinfo being one
of the weak points. I'll definitely have to check out lxcfs.<br>
<br>
</body>
</html>