[Lxc-users] usb devices
C Anthony Risinger
anthony at extof.me
Fri Aug 6 01:57:15 UTC 2010
On Thu, Aug 5, 2010 at 5:38 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
> On Thu, Aug 5, 2010 at 3:32 PM, C Anthony Risinger <anthony at extof.me> wrote:
>> On Thu, Aug 5, 2010 at 4:47 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
>>> On Tue, Aug 3, 2010 at 1:22 AM, Toby Corkindale
>>> <toby.corkindale at strategicdata.com.au> wrote:
>>>> On 03/08/10 17:44, Nirmal Guhan wrote:
>>>>> On Mon, Aug 2, 2010 at 6:07 PM, Toby Corkindale
>>>>> <toby.corkindale at strategicdata.com.au> wrote:
>>>>>> On 03/08/10 09:04, Nirmal Guhan wrote:
>>>>>>> 4) Hot swap does not work within the container. After usb device is
>>>>>>> reinserted, container cannot recognize it but host can.
>>>>>>> 5) "mount" within the container always displays just one single line
>>>>>>> while I have few more in fstab including the above /media stuff.
>>>>>>> none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw)
>>>>>>
>>>>>> Again, that's because of the way LXC works with the filesystem.
>>>>>>
>>>>>> Perhaps you could just bind-mount the whole /media directory into the
>>>>>> guest containers, to their /media directory? That might work better for
>>>>>> you, although still not quite what you want.
>>>>>
>>>>> Thanks Toby. I doubt if this will address #1 and #4 above. Basically,
>>>>> how to make hot swap work? Or what are the workaround to get
>>>>> notifications if I have to manually mount/umount.
>>>>
>>>>
>>>> I think you would need to adjust the devices permissions for your
>>>> container, for the usb nodes.. but I'm not sure.. then the container
>>>> could talk to the USB devices over USB, and handle the hotswapping.
>>>> However I'd expect conflicts to occur with the host trying to talk to
>>>> the same device.
>>>> Try adding this to your config file?
>>>>
>>>> lxc.cgroup.devices.allow = c 189:* rwm
>>>>
>>>> I'm no expert and I haven't tried this myself, mind, so you might prefer
>>>> to wait for someone more qualified to answer.
>>>>
>>>> -Toby
>>>>
>>> Can you explain what this config means and 189 in particular? I tried
>>> this but did not help in hot swap. I believe that is because udev is
>>> not supported within the container and yes, you are correct about
>>> host/guest accessing the same device.
>>
>> the 189:* corresponds to some device with a major number 189, and any
>> minor number. i'm guessing 189 must correspond to USB drivers. that
>> config option is basically saying "allow the container create
>> character device nodes matching 189:*" check out "man mknod" for more
>> info.
>>
>>> Any plans to support udev and usb pass-through in lxc ?
>>
>> IMO "lxc" itself is a very specific technology: to add namespaces to
>> processes/users/network/etc... it really doesn't have anything to do
>> with full blown virtualization, it's just a use case. to support
>> udev, a daemon (or is it kernel?) on the host needs to send uevents to
>> the container namespace to "fake" shared and private devices intended
>> for the container. this probably needs a lot of config... in the *nix
>> spirit, that should be handled by a separate specialized app... i
>> think the last paragraph is correct :-)
>>
>> anyways, you could try to use shared/slave mounts along with the bind
>> mount to accomplish what you want. from mount(8):
>>
>> "Since Linux 2.6.15 it is possible to mark a mount and its submounts
>> as shared, private, slave or unbindable. A shared mount provides
>> ability to create mirrors of that mount such that mounts and umounts
>> within any of the mirrors propagate to the other mirror. A slave mount
>> receives propagation from its master, but any not vice-versa. A
>> private mount carries no propagation abilities. A unbindable mount is
>> a private mount which cannot cloned through a bind operation. Detailed
>> semantics is documented in Documentation/sharedsubtree.txt file in the
>> kernel source tree."
>>
>> it might be as easy as:
>>
>> mount --make-shared /media
>>
>> providing /media itself is a mount... else you might have to:
>>
>> mount --make-shared /
>>
>> let us know if/how it goes.
>
> Actually, /proc/bus/usb/devices was working within the container. So I
> tried mount -t vfat /dev/sdb1 /myusbdir within container and it was
> able to mount the usb disk. This is on Fedora 12. Hope this is right
> thing to do :=)
yeah but then you have to manually mount it, inside the container, and
you are probably letting the container have too much freedom :-)
if you mark the initial [media] mount as "shared", and mark the bound
(created with --bind) mounts inside the containers as "slave", then
udev on the host can take care of everything for you; anything udev
mounts/umounts within /media on the host will instantly become
visible/removed on the containers. additionally, since the container
mounts are slaves, anything they do (umount/add mounts/whatever) will
_not_ be propagated to the host or other containers.
C Anthony
More information about the lxc-users
mailing list