[lxc-devel] [PATCH 0/5] Signal stuff v2 and some documentation

Tue Jun 15 15:20:58 UTC 2010

On 06/15/2010 04:47 PM, Ferenc Wagner wrote:
> Daniel Lezcano<daniel.lezcano at free.fr>  writes:
>
>> On 06/15/2010 02:13 PM, Ferenc Wagner wrote:
>>
>>> Daniel Lezcano<daniel.lezcano at free.fr>   writes:
>>>
>>>> On 06/10/2010 11:47 PM, Ferenc Wagner wrote:
>>>>
>>>>> If you provide me with an example (and some description of
>>>>> lxc.console), I can give it some testing and concretize this pure
>>>>> guesswork.
>>>>
>>>> lxc-create -n ubuntu -f ~/mynetwork.conf -t ubuntu
>>>> lxc-start -n ubuntu -s lxc.console=$(tty) -o $(tty) -l DEBUG
>>>
>>> I'm not there yet, but found something interesting.  If lxc-checkconfig
>>> reports full green, clone(NEWNS|NEWUTS|NEWIPC|NEWPID|NEWNET) in
>>> lxc-start shouldn't fail.  Who's wrong here?
>>>
>>> $ lxc-checkconfig
>>> Kernel config /proc/config.gz not found, looking in other places...
>>> Found kernel config file /boot/config-2.6.26-2-686
>>
>> 2.6.26 ? Mmmh, You need at least a 2.6.29 for a system container
>> (better to have a 2.6.32).
>
> Yeah, it runs with 2.6.32.  Btw. what happened in 2.6.29, which made it
> particularly suitable for running system containers?

The network virtualization was merged upstream.

>> Bah ! Looks like the lxc-checkconfig is buggy (fix in attachment).
>
> With your fix it indeed misses a couple of things:
>
> Network namespace: missing

Better to have it for a system container, otherwise the guest system 
will reconfigure your host network :/

> Multiple /dev/pts instances: missing

Better to have it but not mandatory until you remove the lxc.pts option.

> Cgroup memory controller: missing

Not mandatory.

> Macvlan: missing

Better to have, it is more flexible to configure the network. but not 
mandatory.

> Thanks for the fix!  Now let's see why lxc-start gets suspended when I
> try to type at the console...

I think it happens exactly what you described in the previous email, 
that is if a background process tries to read/write to the tty, then a 
SIGTTIN / SIGTTOU / is sent to it, where the default action is to stop 
the process.

> Interestingly, it stays in S state until
> I kill the container.  I'm afraid the console functionality (is there
> any documentation for it?) may make lxc-start unsuitable for pushing
> into the background. After all, it is an interactive foreground process
> in that case, a real proxy towards some getty (if I understand this
> console thingie right).  Maybe this should be handled differently to
> application containers.  But then I'm not sure how Ctrl-C and similar
> should be forwarded to a getty...

argh. yes, chicken-egg problem.