[Lxc-users] what's the difference in lxc-attach

Michael H. Warfield mhw at WittsEnd.com
Fri Jul 15 17:07:37 UTC 2011 

On Fri, 2011-07-15 at 19:41 +0300, Ramez Hanna wrote: 
> On Fri, Jul 15, 2011 at 7:28 PM, Michael H. Warfield <mhw at wittsend.com>wrote:
> 
> > On Fri, 2011-07-15 at 18:36 +0300, Ramez Hanna wrote:
> > > On Fri, Jul 15, 2011 at 6:04 PM, Michael H. Warfield <mhw at wittsend.com
> > >wrote:
> > >
> > > > On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote:
> > > > > how can i check if lxc-attach is not working because of the kernel or
> > > > > because of other bug?
> > > > >
> > > > > On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater <legoater at free.fr>
> > > > wrote:
> > > > >
> > > > > > On 04/07/2011 07:46 AM, Ramez Hanna wrote:
> > > > > > > from a post that i found earlier in the archive
> > > > > > > subject "entering a container" by Daniel Lezcano
> > > > > > >
> > > > > > > i cannot see the differece between lxc-attach and lxc-execute
> > > > > > > could someone explain?
> > > > > >
> > > > > > lxc-execute creates a container and exec's a command/application
> > > > > > inside it (see manual).
> > > > > >
> > > > > > lxc-attach enters a *running* container and exec's a command inside
> > > > > > it (manual soon to come). This ability of creating an exogenous
> > > > > > process inside a container requires a kernel patchset.
> > > >
> > > > Has that patch set even made it into a release?  If so, what version is
> > > > it in and what version are you running.  It does not work on my F15
> > > > system with a 2.6.38 kernel.  If it has not made it into a released
> > > > kernel, have you built a custom kernel with it?
> >
> > > I don't know about that patch, so hence my question if there is anyway to
> > > know from the host if that capability is available
> >
> > From what I can tell, based on some threads from back in March, the
> > patchset has not been merged into the upstream kernel at this time and
> > is almost certainly NOT in 2.6.38.*.
> >
> > I'm currently running Fedora 15 2.6.38.8-32.fc15.x86_64 which does not
> > have the patch and lxc-attach gives this error:
> >
> > [root at forest Alcove]# lxc-attach --name Alcove
> > lxc-attach: Does this kernel version support 'attach' ?
> > lxc-attach: failed to enter the namespace
> >
> > That's probably about the best answer you're going to get.
> >
> > From what I can tell, the last patchset is here:
> >
> > http://lxc.sourceforge.net/patches/linux/2.6.38/
> >
> > If you want it, you're probably going to have to build yourself a custom
> > kernel with it patched in.
> >
> > Some of the patches have been merged into the upstream kernel but it's
> > not clear to me if we'll have to wait for 3.0 to be released to see them
> > but I suspect that to be the case.  We're currently sitting at 3.0-rc7
> > on that one.  2.6.39.3 is released and stable nut I have no clue what's
> > in there.  2.6.38 is currently at 2.6.38.8, which is what we see in F15
> > so it is what it is.
> >
> > > > > > C.
> > > > > >
> >
> > Regards,
> > Mike
> > --
> > Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
> >   /\/\|=mhw=|\/\/          | (678) 463-0932 |
> > http://www.wittsend.com/mhw/
> >   NIC whois: MHW9          | An optimist believes we live in the best of
> > all
> >  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
> >

> thanks a lot for the detailed answer
> by the way have you been succesfull in starting a f15 container on your f15?
> I have been debuggin for 2 hours now
> when i start f15 container it screws my host by interfering with my hosts's
> systemd which somehow doesn't make sense
> and when i use systemd-nspawn i get a bunch of errors and the system doesn't
> finish starting
> here is a paste of systemd log from systemd-nspawn session
> http://pastie.org/2218625

I haven't tried it yet.  Will see what I can do.

Couple of quick questions.

1) You say it screws your host if you don't uses nospawn.  What happens?

2) Have you disabled the sys_admin cap by dropping it in that container?
I find that causes me all sorts of grief.

3) Was this a fresh template build or did you upgrade an F14 machine to
F15 (I was going to use "yum --releasever=15 distro-sync" in one of my
running F14 containers).

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110715/6fd9e0bd/attachment.pgp>

More information about the lxc-users mailing list