[lxc-users] net_cls.classid in unprivileged container no effect
Long Nguyen Thanh
ntlong0210 at gmail.com
Sat Jul 26 11:10:38 UTC 2014
Hi,
On Fri, Jul 25, 2014 at 2:11 PM, Divya Vyas <dvyas at mvista.com> wrote:
> Hi,
>
> sudo tc class add dev vethxxxxx parent 1: classid 1:1 htb rate 10mbit
> Here you should give classid 10:2 as u are giving lxc-cgroup -n
> container net_cls.classid 0x00010002 .
>
I think 0x00010002 must be 1:2, (0xAAAABBBB )
>
> Does tc command work in unprivileged mode also ?
>
> I didn't test it in container, I use tc command in host. :)
And I has resolved 'problem 2'. Unprivileged container don't support for
command lxc.network.veth.pair.
https://github.com/lxc/lxc/issues/255
>
>
>
> On Mon, Jul 7, 2014 at 11:57 AM, Nguyễn Thành Long <longnt at viegrid.com>
> wrote:
>
>> Hi all,
>>
>> I have 2 problems when use unprivileged container.
>>
>> Problem 1:
>>
>> I configured my container with:
>> lxc.cgroup.blkio.weight = 500
>> lxc.cgroup.net_cls.classid = 0x00010002 # 1:2
>>
>> and ran tc commands:
>> $sudo tc qdisc add dev lxcbr0 root handle 1: htb
>> $sudo tc class add dev lxcbr0 parent 1: classid 1:1 htb rate 10mbit
>> $sudo tc class add dev lxcbr0 parent 1: classid 1:2 htb rate 1mbit
>> $sudo tc filter add dev lxcbr0 protocol ip parent 1: prio 1 handle 1:
>> cgroup
>>
>> then I started container and tested block i/o, network bandwidth by
>>
>> - copy a large file: dd if=/dev/zero of=/tmp/output bs=20k
>> count=100k; rm -f /tmp/output
>> - upload/download a large file. after that, I changed my config:
>>
>> lxc-cgroup -n container blkio.weight 1000.
>> lxc-cgroup -n container net_cls.classid 0x00010002
>>
>> and tested again, but i didn't see a difference.
>> I also trying the same commands on eth0 instead of lxcbr0, but there was
>> no effect.
>>
>> I changed 'lxcbr0' by veth pair name(appear when start container after
>> use ifconfig cmd, I can't set veth pair name, lxc.network.veth.pair no
>> effect), and use:
>> $sudo tc qdisc add dev vethxxxxx root handle 1: htb default 2
>> $sudo tc class add dev vethxxxxx parent 1: classid 1:1 htb rate 10mbit
>> $sudo tc class add dev vethxxxxx parent 1: classid 1:2 htb rate 1mbit
>> $sudo tc filter add dev vethxxxxx protocol ip parent 1: prio 1 handle 1:
>> cgroup
>> and test again, It's work. So I think it's a problem with net_cls, or
>> lxc.cgroup.net_cls.classid no effect.
>> I feel confused.
>>
>> I found many tutorials, but they maybe used for privileged container.
>>
>> Problem 2:
>>
>> I configured network in container:
>>
>> *lxc.network.type = veth*
>>
>> *lxc.network.veth.pair = veth-c1*
>>
>> *lxc.network.name <http://lxc.network.name> = eth0*
>>
>> *lxc.network.flags = up*
>>
>> *lxc.network.link = lxcbr0*
>>
>> *lxc.network.hwaddr = 00:16:3e:67:4f:a5*
>>
>> but veth inteface don't rename at host ( veth-$random instead veth-c1)
>>
>> So lxc.network.veth.pair is not effect, or am I missing something ?
>>
>> Host Ubuntu 14.04 LTS, container Ubuntu 12.04 LTS
>> Can someone help me ? Thanks in advance.
>>
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>>
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140726/631a0949/attachment.html>
More information about the lxc-users
mailing list