[lxc-users] lxc_cgmanager - call to cgmanager_set_value_sync failed
Flo
florian.engelmann at gmail.com
Thu Apr 24 18:51:05 UTC 2014
Hi,
thank you for your answer. It looks like the pxe preseed installation
missed to add "swapaccount=1" to the kernel cmdline.
Regards,
Flo
On Thu, Apr 24, 2014 at 5:52 PM, S.Çağlar Onur <caglar at 10ur.org> wrote:
> Hi,
>
> On Thu, Apr 24, 2014 at 6:42 AM, Flo <florian.engelmann at gmail.com> wrote:
> > Hi,
> >
> > I just installed a fresh Ubuntu 14.04 amd64 and tried to start a
> container
> > with the following configuration:
> >
> > # Common configuration
> > # Autostart the container after a host reboot
> > lxc.start.auto = 1
> >
> > # Default pivot location
> > lxc.pivotdir = lxc_putold
> >
> > # Default mount entries
> > lxc.mount.entry = proc proc proc nodev,noexec,nosuid 0 0
> > lxc.mount.entry = sysfs sys sysfs defaults 0 0
> > lxc.mount.entry = /sys/fs/fuse/connections sys/fs/fuse/connections none
> > bind,optional 0 0
> > lxc.mount.entry = /sys/kernel/debug sys/kernel/debug none bind,optional
> 0 0
> > lxc.mount.entry = /sys/kernel/security sys/kernel/security none
> > bind,optional 0 0
> > lxc.mount.entry = /sys/fs/pstore sys/fs/pstore none bind,optional 0 0
> >
> > # Default console settings
> > lxc.devttydir = lxc
> > lxc.tty = 4
> > lxc.pts = 1024
> >
> > # Default capabilities
> > lxc.cap.drop = sys_module mac_admin mac_override sys_time
> >
> > # When using LXC with apparmor, the container will be confined by
> default.
> > # If you wish for it to instead run unconfined, copy the following line
> > # (uncommented) to the container's configuration file.
> > #lxc.aa_profile = unconfined
> >
> > # To support container nesting on an Ubuntu host while retaining most of
> > # apparmor's added security, use the following two lines instead.
> > #lxc.aa_profile = lxc-container-default-with-nesting
> > #lxc.hook.mount = /usr/share/lxc/hooks/mountcgroups
> >
> > # Uncomment the following line to autodetect squid-deb-proxy
> configuration
> > on the
> > # host and forward it to the guest at start time.
> > #lxc.hook.pre-start = /usr/share/lxc/hooks/squid-deb-proxy-client
> >
> > # If you wish to allow mounting block filesystems, then use the following
> > # line instead, and make sure to grant access to the block device and/or
> > loop
> > # devices below in lxc.cgroup.devices.allow.
> > #lxc.aa_profile = lxc-container-default-with-mounting
> >
> > # Default cgroup limits
> > lxc.cgroup.devices.deny = a
> > ## Allow any mknod (but not using the node)
> > lxc.cgroup.devices.allow = c *:* m
> > lxc.cgroup.devices.allow = b *:* m
> > ## /dev/null and zero
> > lxc.cgroup.devices.allow = c 1:3 rwm
> > lxc.cgroup.devices.allow = c 1:5 rwm
> > ## consoles
> > lxc.cgroup.devices.allow = c 5:0 rwm
> > lxc.cgroup.devices.allow = c 5:1 rwm
> > ## /dev/{,u}random
> > lxc.cgroup.devices.allow = c 1:8 rwm
> > lxc.cgroup.devices.allow = c 1:9 rwm
> > ## /dev/pts/*
> > lxc.cgroup.devices.allow = c 5:2 rwm
> > lxc.cgroup.devices.allow = c 136:* rwm
> > ## rtc
> > lxc.cgroup.devices.allow = c 254:0 rm
> > ## fuse
> > lxc.cgroup.devices.allow = c 10:229 rwm
> > ## tun
> > lxc.cgroup.devices.allow = c 10:200 rwm
> > ## full
> > lxc.cgroup.devices.allow = c 1:7 rwm
> > ## hpet
> > lxc.cgroup.devices.allow = c 10:228 rwm
> > ## kvm
> > lxc.cgroup.devices.allow = c 10:232 rwm
> > ## To use loop devices, copy the following line to the container's
> > ## configuration file (uncommented).
> > #lxc.cgroup.devices.allow = b 7:* rwm
> >
> > # Container specific configuration
> > lxc.rootfs = /dev/lxc1/app01-jobs2-prodm
> > lxc.mount = /var/lib/lxc/app01-xxx/fstab
> > lxc.utsname = app01-xxx
> > lxc.arch = amd64
> >
> > # Network configuration
> > lxc.network.type = veth
> > lxc.network.link = prodf
> > lxc.network.flags = up
> > lxc.network.name = front
> > lxc.network.hwaddr = 00:16:3f:6c:3b:28
> > lxc.network.type = veth
> > lxc.network.link = prodb
> > lxc.network.flags = up
> > lxc.network.name = back
> > lxc.network.hwaddr = 00:16:3b:c3:8c:a5
> >
> > #
> > #
> > # write console output to file
> > lxc.console = /var/lib/lxc/app01-xxx/console.out
> > #
> > # restrict CPU time (default=1024)
> > #lxc.cgroup.cpu.shares = 1024
> > # restrict IO weight (range 10-1000)
> > #lxc.cgroup.blkio.weight = 1000
> > # limit memory
> > lxc.cgroup.memory.limit_in_bytes = 16G
> > ##lxc.cgroup.memory.soft_limit_in_bytes = 15G
> > # memory + swap limit (20G - 16G = 4G SWAP)
> > lxc.cgroup.memory.memsw.limit_in_bytes = 20G
> >
> > # enable cgroupd inside the container
> > lxc.mount.auto = cgroup:mixed
> >
> > but starting the container failrs with:
> >
> > lxc-start 1398334434.479 ERROR lxc_cgmanager - call to
> > cgmanager_set_value_sync failed: invalid request
> > lxc-start 1398334434.479 ERROR lxc_cgmanager - Error setting
> cgroup
> > memory.memsw.limit_in_bytes limit lxc/app01-jobs2-prodm
> > lxc-start 1398334434.479 ERROR lxc_cgmanager - Error setting
> > memory.memsw.limit_in_bytes to 20G for app01-xxx
> > lxc-start 1398334434.479 ERROR lxc_start - failed to setup the
> > cgroup limits for 'app01-xxx'
> > lxc-start 1398334434.603 ERROR lxc_start - failed to spawn
> > 'app01-xxx'
> > lxc-start 1398334434.603 ERROR lxc_commands - command get_cgroup
> > failed to receive response
> >
> > Is that hack:
> >
> > cat << EOFlxc > /etc/init/lxc-unpriv-cgroup.conf
> > #start on starting systemd-logind and started cgroup-lite
> > #
> > #script
> > # set +e
> > #
> > # echo 1 > /sys/fs/cgroup/memory/memory.use_hierarchy
> > #
> > # for entry in /sys/fs/cgroup/*/cgroup.clone_children; do
> > # echo 1 > $entry
> > ## done
> > #
> > # exit 0
> > #end script
> >
> > still needed?
>
> No, it's not. The issue is swap+memory accounting needs to be
> activated via kernel parameter on trusty, please take a look at
> http://askubuntu.com/questions/417215/how-does-kernel-support-swap-limit
> for more information.
>
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
>
> Best,
> --
> S.Çağlar Onur <caglar at 10ur.org>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140424/973e7c53/attachment.html>
More information about the lxc-users
mailing list