[lxc-users] Nested containers
Stéphane Graber
stgraber at ubuntu.com
Tue Jan 14 20:32:46 UTC 2014
On Tue, Jan 14, 2014 at 06:16:08PM +0100, Marc Aymerich wrote:
> Hi,
>
> I'm trying to boot a Debian LXC container inside another Debian
> container, Ubuntu is my host.
>
> My base container uses the following app armor prfofile, in order to
> allow forking nested containers:
> https://dl.stgraber.org/lxc-with-nesting
>
> However I'm getting a cgroups related issue when I try to start a
> nested container:
> root at orchestra:~# lxc-start -n web
> lxc-start: No cgroup mounted on the system
> lxc-start: failed to spawn 'web'
>
> I've tried configuring the following mountpoint on the base container config:
> lxc.mount.entry = cgroup /sys/fs/cgroup cgroup defaults 0 0
>
> Also tried to define a cgroup mountpoint on the base container /etc/fstab
> cgroup /sys/fs/cgroup cgroup defaults 0 0
>
> but without any luck:
> root at orchestra:~# mount /sys/fs/cgroup
> mount: block device cgroup is write-protected, mounting read-only
> mount: cannot mount block device cgroup read-only
>
>
> Any idea about how cgroups can be enabled inside a container?
>
> Thanks!!!
Did you set "lxc.aa_profile = lxc-container-default-with-nesting" for
both the parent containers?
--
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140114/9f62f995/attachment.pgp>
More information about the lxc-users
mailing list