[lxc-users] Container not started

Michael H. Warfield mhw at WittsEnd.com
Thu Jun 19 21:02:51 UTC 2014 

On Thu, 2014-06-19 at 16:34 -0400, CDR wrote:
> I disable selinux in the kernel line, for all my boxes.
> I also disable apparmor in Ubuntu servers, using the kernel line.
> This issue is difficult to explain.
> Any way, I already erased the Fedora virtual machine and installed an
> Ubuntu virtual machine, and I am in production.
> But there is a big issue here, hidden.
> If somebody has a Fedora 20 virtual machine, and wants to reproduce
> it, I am more than   happy to upload my container. It contains no
> proprietary code

I'm up to my eyeballs in them.  Point me at it, though I won't be able
to get to it in the next week.

Regards,
Mike

> On Thu, Jun 19, 2014 at 11:11 AM, Michael H. Warfield <mhw at wittsend.com> wrote:
> > On Tue, 2014-06-17 at 09:42 -0400, CDR wrote:
> >> I already created a new Ubuntu Host and the container works fine.
> >> The question is: We have been living under the assumption that
> >> containers act like virtual machines, you may move them from host to
> >> host.
> >> It is not the case, I can see. A Fedora 20 container created under
> >> Ubuntu will never start under a Fedora 20 host.
> >> In my opinion this is a big flaw. Containers built by libvirt are
> >> truly portable, I have already verified that.
> >> I think we should fix this.
> >
> > Couple of things to check and try.  I just ran into a nasty corner case
> > with Ubuntu running on a Fedora 20 host where the Fedora 20 system was
> > in selinux permissive mode and caused all kinds of grief in the Ubuntu
> > Trusty container.
> >
> > Since your problem is Fedora on Fedora, check your selinux settings in
> > the host and in the container...
> >
> > /etc/selinux/config
> > /selinux/enforcing
> >
> > If they are NOT the same between host and container, make them the same and retest.
> >
> > If your host is in "enforcing" mode or "permissive" mode, try switching
> > it to "disabled".  The Fedora template sets up containers set to
> > "disabled" by default.  I cringe at making that a recommendation but we
> > should, at least, test at that level.
> >
> > Regards,
> > Mike
> >
> >> On Tue, Jun 17, 2014 at 9:23 AM, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> >> > Quoting CDR (venefax at gmail.com):
> >> >> I copied an LXC container fro Ubuntu Server to Fedora 20 and when I
> >> >> start it I get
> >> >> xc-start -n masterfe
> >> >> systemd 208 running in system mode. (+PAM +LIBWRAP +AUDIT +SELINUX
> >> >> +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ)
> >> >> Detected virtualization 'lxc'.
> >> >>
> >> >> Welcome to Fedora 20 (Heisenbug)!
> >> >>
> >> >> Set hostname to <masterfe>.
> >> >> No control group support available, not creating root group.
> >> >> [  OK  ] Reached target Remote File Systems.
> >> >> Socket service systemd-journald.service not loaded, refusing.
> >> >> [FAILED] Failed to listen on Journal Socket.
> >> >
> >> > Two suggestions for investigating:
> >> >
> >> > 1. create a new fedora container on the ubuntu host, see if it
> >> > has the same behavior.
> >> >
> >> > 2. Look at the systemd source and see under what conditions the two
> >> > lines above occur.
> >> >
> >> > _______________________________________________
> >> > lxc-users mailing list
> >> > lxc-users at lists.linuxcontainers.org
> >> > http://lists.linuxcontainers.org/listinfo/lxc-users
> >> _______________________________________________
> >> lxc-users mailing list
> >> lxc-users at lists.linuxcontainers.org
> >> http://lists.linuxcontainers.org/listinfo/lxc-users
> >
> > --
> > Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
> >    /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
> >    NIC whois: MHW9          | An optimist believes we live in the best of all
> >  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
> >
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140619/2544cb3c/attachment.sig>

More information about the lxc-users mailing list