[Lxc-users] what's the difference in lxc-attach

Ramez Hanna rhanna at informatiq.org
Fri Jul 15 17:17:36 UTC 2011 

On Fri, Jul 15, 2011 at 8:07 PM, Michael H. Warfield <mhw at wittsend.com>wrote:

> On Fri, 2011-07-15 at 19:41 +0300, Ramez Hanna wrote:
> > On Fri, Jul 15, 2011 at 7:28 PM, Michael H. Warfield <mhw at wittsend.com
> >wrote:
> >
> > > On Fri, 2011-07-15 at 18:36 +0300, Ramez Hanna wrote:
> > > > On Fri, Jul 15, 2011 at 6:04 PM, Michael H. Warfield <
> mhw at wittsend.com
> > > >wrote:
> > > >
> > > > > On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote:
> > > > > > how can i check if lxc-attach is not working because of the
> kernel or
> > > > > > because of other bug?
> > > > > >
> > > > > > On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater <
> legoater at free.fr>
> > > > > wrote:
> > > > > >
> > > > > > > On 04/07/2011 07:46 AM, Ramez Hanna wrote:
> > > > > > > > from a post that i found earlier in the archive
> > > > > > > > subject "entering a container" by Daniel Lezcano
> > > > > > > >
> > > > > > > > i cannot see the differece between lxc-attach and lxc-execute
> > > > > > > > could someone explain?
> > > > > > >
> > > > > > > lxc-execute creates a container and exec's a
> command/application
> > > > > > > inside it (see manual).
> > > > > > >
> > > > > > > lxc-attach enters a *running* container and exec's a command
> inside
> > > > > > > it (manual soon to come). This ability of creating an exogenous
> > > > > > > process inside a container requires a kernel patchset.
> > > > >
> > > > > Has that patch set even made it into a release?  If so, what
> version is
> > > > > it in and what version are you running.  It does not work on my F15
> > > > > system with a 2.6.38 kernel.  If it has not made it into a released
> > > > > kernel, have you built a custom kernel with it?
> > >
> > > > I don't know about that patch, so hence my question if there is
> anyway to
> > > > know from the host if that capability is available
> > >
> > > From what I can tell, based on some threads from back in March, the
> > > patchset has not been merged into the upstream kernel at this time and
> > > is almost certainly NOT in 2.6.38.*.
> > >
> > > I'm currently running Fedora 15 2.6.38.8-32.fc15.x86_64 which does not
> > > have the patch and lxc-attach gives this error:
> > >
> > > [root at forest Alcove]# lxc-attach --name Alcove
> > > lxc-attach: Does this kernel version support 'attach' ?
> > > lxc-attach: failed to enter the namespace
> > >
> > > That's probably about the best answer you're going to get.
> > >
> > > From what I can tell, the last patchset is here:
> > >
> > > http://lxc.sourceforge.net/patches/linux/2.6.38/
> > >
> > > If you want it, you're probably going to have to build yourself a
> custom
> > > kernel with it patched in.
> > >
> > > Some of the patches have been merged into the upstream kernel but it's
> > > not clear to me if we'll have to wait for 3.0 to be released to see
> them
> > > but I suspect that to be the case.  We're currently sitting at 3.0-rc7
> > > on that one.  2.6.39.3 is released and stable nut I have no clue what's
> > > in there.  2.6.38 is currently at 2.6.38.8, which is what we see in F15
> > > so it is what it is.
> > >
> > > > > > > C.
> > > > > > >
> > >
> > > Regards,
> > > Mike
> > > --
> > > Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
> > >   /\/\|=mhw=|\/\/          | (678) 463-0932 |
> > > http://www.wittsend.com/mhw/
> > >   NIC whois: MHW9          | An optimist believes we live in the best
> of
> > > all
> > >  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of
> it!
> > >
>
> > thanks a lot for the detailed answer
> > by the way have you been succesfull in starting a f15 container on your
> f15?
> > I have been debuggin for 2 hours now
> > when i start f15 container it screws my host by interfering with my
> hosts's
> > systemd which somehow doesn't make sense
> > and when i use systemd-nspawn i get a bunch of errors and the system
> doesn't
> > finish starting
> > here is a paste of systemd log from systemd-nspawn session
> > http://pastie.org/2218625
>
> I haven't tried it yet.  Will see what I can do.
>
> Couple of quick questions.
>
> 1) You say it screws your host if you don't uses nospawn.  What happens?
>
host console is not useable, random issues around missing characters when i
type
unable to login on other terminals because i cannot type
and i see so many systemd logs on the console

>
> 2) Have you disabled the sys_admin cap by dropping it in that container?
> I find that causes me all sorts of grief.
>
i will try that

>
> 3) Was this a fresh template build or did you upgrade an F14 machine to
> F15 (I was going to use "yum --releasever=15 distro-sync" in one of my
> running F14 containers).
>
yes fresh install

>
> Regards,
> Mike
> --
> Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
>   /\/\|=mhw=|\/\/          | (678) 463-0932 |
> http://www.wittsend.com/mhw/
>   NIC whois: MHW9          | An optimist believes we live in the best of
> all
>  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110715/904c3ac0/attachment.html>

More information about the lxc-users mailing list