[lxc-devel] nested containers

Stéphane Graber stgraber at ubuntu.com
Sat Dec 28 10:21:10 UTC 2013 

On Fri, Dec 27, 2013 at 06:56:15PM -0500, S.Çağlar Onur wrote:
> Hey Pauk,
> 
> On Fri, Dec 27, 2013 at 6:49 PM, Paul Wexler
> <paul at prometheusresearch.com> wrote:
> > Hello lxc community,
> >
> > Has anyone used nested containers?
> >
> > I am trying with limited success.  I cannot re-start them.
> > I can:
> >   1. create a container.
> >   2. configure it for nesting (I uncomment 2 lines in config).
> >   3. start the container.
> >   4. stop the container.
> >   5. but I cannot re-start the container.
> >
> > However, if I do not configure the container for nesting then
> > I can stop and re-start the container repeatedly without errors.
> >
> > Specifically, the following command line sequence fails on the
> > second lxc-start (please note I do not show the normal lxc-
> > output below, only the error msg):
> >
> >   # lxc-create -t ubuntu -n C00
> >   # X="lxc.aa_profile = lxc-container-default-with-nesting"
> >   # sed -i -e "s/^#$X/$X/" /var/lib/lxc/C00/config
> >   # X="lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups"
> >   # sed -i -e "s/^#$X/$X/" /var/lib/lxc/C00/config
> >   # lxc-start -d -n C00
> >   # lxc-stop -n C00
> >   # lxc-start -d -n C00
> >   lxc-start: command get_cgroup failed to receive response
> 
> I believe this issue fixed after alpha has been released [1] so could
> you try replacing your mountcgroups hook with [2] and try again to see
> what will happen?

Right, the issue here appears to be mountcgroups not cleaning up after
itself and being confused on the second run.

Hopefully we'll be dropping that hook entirely with the introduction of
cgmanger in the next few weeks...

Depending on what you are doing, you may also just comment that hook
entirely as cgroup-lite in the container will then simply mount the
cgroupfs controllers and LXC will be able to use them (however this will
most likely bypass any cgroup restriction you applied on the first
container, if any).

> 
> > When I start the container the first time, lxc-ls --fancy
> > displays the container's IP address.  Then I can ssh to the
> > container as 'ubuntu', install packages there such as lxc,
> > and even create containers there, the container is working
> > just fine.
> >
> > But once I stop the container I can never start it again.
> > Always with the same get_cgroup error as above.
> >
> > I am using:
> >   lxc version ==  '1.0.0.alpha2'
> >   kernel == 3.11.0-12-generic
> >
> > Any ideas/suggestions on how one might re-start such a container?
> > Thank you.
> >
> >
> > _______________________________________________
> > lxc-devel mailing list
> > lxc-devel at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-devel
> >
> 
> [1] https://github.com/lxc/lxc/commit/fa7fced87899ae37f193c81115543d1df5c28fbb
> [2] https://raw.github.com/lxc/lxc/master/hooks/mountcgroups
> 
> Best,
> -- 
> S.Çağlar Onur <caglar at 10ur.org>
> _______________________________________________
> lxc-devel mailing list
> lxc-devel at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-devel

-- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20131228/9cf841a6/attachment.pgp>

More information about the lxc-devel mailing list