[Lxc-users] lxc-centos/lxc-rhel?

Thu Oct 10 16:21:31 UTC 2013

On 10/02/2013 05:41 PM, Dwight Engen wrote:
> On Mon, 30 Sep 2013 23:18:59 +0200
> Tamas Papp <tompos at martos.bme.hu> wrote:
>
>> On 09/30/2013 08:37 PM, Michael H. Warfield wrote:
>>
>>
>> Dwight,
>>
>> Actually I have a problem with the Oracle template.
>> I have a a couple of Oracle Linux containers and they are running
>> fine. There are running Oracle Databases as well...
>>
>> But I cannot run anything through an ssh session noninteractively or
>> copy files to the containers by scp as a destionation.
>>
>> Eg.:
>>
>> $ ssh container echo
>> $ scp file container:
>>
>> It's waiting for something and I could not find out.
> Hi Tamas, sorry, I know you brought this up before and I wasn't sure if
> you got it solved or not. First off the host doesn't know the
> container by name so unless you've done something special the resolving
> of "container" isn't going to just work (ie. "ping container" should fail

Yes, I know about that. This not that case:)

> to resolve to an IP). You can use a recent version of lxc-info to get
> the containers' IP. Here is a session I just did in Ubuntu that I think
> is similar to what you are trying to do:
>
> root at xubu:~# lxc-create -n ol -t oracle -- -u ftp://mymirror/ol-public-yum
> <lots of output>
> root at xubu:~# lxc-start -d -n ol
> <wait a few seconds for it to start>
> root at xubu:~# lxc-info -n ol
> state:  RUNNING
> pid:    8685
> ip:     10.0.3.163
> root at xubu:~# ssh 10.0.3.163
> The authenticity of host '10.0.3.163 (10.0.3.163)' can't be established.
> RSA key fingerprint is 2c:1a:82:14:24:72:c5:41:db:3e:b8:65:f9:c6:7e:35.
> Are you sure you want to continue connecting (yes/no)? yes
> Warning: Permanently added '10.0.3.163' (RSA) to the list of known hosts.
> <long pause here...>
> root at 10.0.3.163's password: 
> [root at ol ~]# vi /etc/ssh/sshd_config
> <set GSSAPIAuthentication no>
> [root at ol ~]# halt
> <container shuts down>
> root at xubu:~# lxc-start -d -n ol
> root at xubu:~# ssh 10.0.3.163
> root at 10.0.3.163's password: 
> Last login: Wed Oct  2 11:09:07 2013 from 10.0.3.1
> [root at ol ~]# 
> [root at ol ~]# exit
> logout
> Connection to 10.0.3.163 closed.
> root at xubu:~# scp 10.0.3.163:/etc/fstab .
> root at 10.0.3.163's password: 
> bash: scp: command not found
> <This is because openssh-clients wasn't installed in the container, so
>  we have to go install that. I think I should add that to be installed
>  by default in the template>

[Good idea.]

> root at xubu:~# ssh 10.0.3.163
> root at 10.0.3.163's password: 
> Last login: Wed Oct  2 11:11:38 2013 from 10.0.3.1
> [root at ol ~]# echo "192.168.1.30 mymirror" >>/etc/hosts
> [root at ol ~]# yum install openssh-clients
> <lots of yum output>
> [root at ol ~]# exit
> logout
> Connection to 10.0.3.163 closed.
> root at xubu:~# scp 10.0.3.163:/etc/fstab .
> root at 10.0.3.163's password: 
> fstab
> 100%    0     0.0KB/s   00:00    
> root at xubu:~# 
> root at xubu:~# scp fstab 10.0.3.163:
> root at 10.0.3.163's password: 
> fstab
> 100%    0     0.0KB/s   00:00    
>
> So I hopefully your situation is similar and disabling the
> GSSAPIAuthentication or setting UseDNS no in the containers sshd_config
> will reduce the wait times. Also, the openssh-clients package has to be
> installed in the container for scp to work. For now you can manually
> install it in the container using yum or the -r option to the template
> when creating a new OL container. I'll submit a patch for the template
> that includes that package by default so scp in/out will work out of
> the box.

Unfortunately disabling GSSAPI* and UseDNS options doesn't help. I
experience the same problem.
BTW, our system works fine, DNS is fine, Ubuntu and Debian containers,
HW based OL installations and everything works as they expected.
In fact OL containers are working fine, except this issue. For I can run
Oracel DB inside one.

If you tell me, how to debug, what to do, I can try that. Currently I'm
out of ideas:/

10x
tamas

ps.: Sorry again and thanks for not forgetting this email;)