[lxc-users] Nested containers

Marc Aymerich glicerinu at gmail.com
Tue Jan 14 17:16:08 UTC 2014


Hi,

I'm trying to boot a Debian LXC container inside another Debian
container, Ubuntu is my host.

My base container uses the following app armor prfofile, in order to
allow forking nested containers:
https://dl.stgraber.org/lxc-with-nesting

However I'm getting a cgroups related issue when I try to start a
nested container:
root at orchestra:~# lxc-start -n web
lxc-start: No cgroup mounted on the system
lxc-start: failed to spawn 'web'

I've tried configuring the following mountpoint on the base container config:
lxc.mount.entry = cgroup  /sys/fs/cgroup  cgroup defaults 0 0

Also tried to define a cgroup mountpoint on the base container /etc/fstab
cgroup  /sys/fs/cgroup  cgroup  defaults  0   0

but without any luck:
root at orchestra:~# mount /sys/fs/cgroup
mount: block device cgroup is write-protected, mounting read-only
mount: cannot mount block device cgroup read-only


Any idea about how cgroups can be enabled inside a container?

Thanks!!!

-- 
Marc


More information about the lxc-users mailing list