[Lxc-users] what's the difference in lxc-attach
Michael H. Warfield
mhw at WittsEnd.com
Sat Jul 16 17:27:12 UTC 2011
On Fri, 2011-07-15 at 20:17 +0300, Ramez Hanna wrote:
<< Big Snip >>
> > > thanks a lot for the detailed answer
> > > by the way have you been succesfull in starting a f15 container on your
> > f15?
I now have an F15 container working.
> > > I have been debuggin for 2 hours now
> > > when i start f15 container it screws my host by interfering with my
> > hosts's
> > > systemd which somehow doesn't make sense
> > > and when i use systemd-nspawn i get a bunch of errors and the system
> > doesn't
> > > finish starting
> > > here is a paste of systemd log from systemd-nspawn session
> > > http://pastie.org/2218625
> >
> > I haven't tried it yet. Will see what I can do.
> >
> > Couple of quick questions.
> >
> > 1) You say it screws your host if you don't uses nospawn. What happens?
> host console is not useable, random issues around missing characters when i
> type
> unable to login on other terminals because i cannot type
> and i see so many systemd logs on the console
I have a very strong suspicion that systemd is not going to be
compatible with running in a container because it wants to set up and
managed cgroups in the container which it can not do.
When I try to start it with systemd, the first process doesn't even seem
to come up (number of tasks is 0) and then the host can not remove the
container even after I've done an lxc-stop on it. But that's when I'm
logged in and running lxc-start from an ssh terminal Window. If I start
it from a real ttyX console then I get all sorts of startup messages
from the container and the consoles are hosed up like the console in the
container has gotten crosswise with the console in the host. Things try
to initialize but all sorts of things time out and eventually I have to
reset the host with an Magic SysRq sequence.
Gave up on systemd.
> > 2) Have you disabled the sys_admin cap by dropping it in that container?
> > I find that causes me all sorts of grief.
> >
> i will try that
Don't. It wouldn't do any good and causes lots of other problems (for
me at least).
> > 3) Was this a fresh template build or did you upgrade an F14 machine to
> > F15 (I was going to use "yum --releasever=15 distro-sync" in one of my
> > running F14 containers).
> yes fresh install
Here's what I've done and now gotten an F15 container to work.
I started out with an F14 container and upgraded it to F15 using the
"yum --releasever=15 distro-sync" method. I was able to reproduce your
problems above and thought there may be some conflicts over cgroups so I
decided to disable systemd.
If it's not present (it wasn't for me) install upstart into the
container from the host using "yum --installroot={your VM root}
upstart".
Next cd to {your VM root}/sbin and rm init (which is symlinked
to ../bin/systemd) and symlink it to upstart (which is in sbin).
This got me almost there. The machine was starting but I was having
your funky console problem and I realized (largely because I'm working
on other related problems) that it was the ptmx device causing this. It
was mapping incorrectly.
So, cd to {your VM root}/dev and rm ptmx if it's a hard device and not a
symlink. Then symlink pts/ptmx to ptmx. If you started with some sort
of template, this may already be done and you may not run into this
problem at all.
Now you should be able to fire your F15 container up.
Also find the lines in /etc/init.d/halt that remount file systems ro or
you'll screw your /dev/pts fs in the host when you shut that container
down or reboot it (and, no, newinstance is not helping with that
problem).
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 478 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110716/52cac343/attachment.pgp>
More information about the lxc-users
mailing list