[lxc-users] lxc-start failing in Fedora 20
Ajith Adapa
ajith.adapa at gmail.com
Sat Jun 28 14:42:21 UTC 2014
Thanks @Michael
I am running lxc 1.0.3 version in rawhide.
My fedora 20 setup is a VM and hasn't got libvirtd running. As you
mentioned earlier thats the reason why virbr0 is not created by
default.
Why doesn't lxc directly support creating virbr0 ? Might be one more
option in the template.
I will try out the steps given regarding password.
Regards,
Ajith
On Sat, Jun 28, 2014 at 7:13 PM, Michael H. Warfield <mhw at wittsend.com> wrote:
> On Sat, 2014-06-28 at 15:34 +0530, Ajith Adapa wrote:
>> Hi,
>
>> lxc-start is failing in latest fedora 20 saying virbr0 is not found.
>
> What version of LXC? AFAIK, it's still 0.9.0 with 1.0.3 (hopefully
> 1.0.4 real soon now) in rawhide.
>
>> 1. Is it madatory for the admin to create virbr0 interface before
>> starting a container ?
>
> Yes. You have two ways to do this.
>
> 1) [Preferred] have libvirt running. That's the default bridge for
> libvirt and it wills set it up and manage it for you.
>
> 2) Create the bridge manually.
>
> If you have another bridge already on the system, you can change the
> bridge name in the configuration files and in /etc/lxc/default.conf.
> Personally, I keep libvirt and virbr0 up and running for my nat'ed
> bridge while I have a static lxcbr0 to which the primary interface has
> been added for a true bridge to the outer network (but I have lots of
> IPv4 addresses so I can allow them direct access to the address pool.
>
>> 2. How can I create a container with a default password for root
>> rather than auto-generating the same ?
>
> It's a tuning knob in the template. Read the comments in
> the /usr/share/lxc/templates/lxc-fedora file starting around line 32...
>
> --
>
> # Some combinations of the tunning knobs below do not exactly make sense.
> # but that's ok.
> #
> # If the "root_password" is non-blank, use it, else set a default.
> # This can be passed to the script as an environment variable and is
> # set by a shell conditional assignment. Looks weird but it is what it is.
> #
> # If the root password contains a ding ($) then try to expand it.
> # That will pick up things like ${name} and ${RANDOM}.
> # If the root password contians more than 3 consecutive X's, pass it as
> # a template to mktemp and take the result.
> #
> # If root_display_password = yes, display the temporary root password at exit.
> # If root_store_password = yes, store it in the configuration directory
> # If root_prompt_password = yes, invoke "passwd" to force the user to change
> # the root password after the container is created.
> #
> # These are conditional assignments... The can be overridden from the
> # preexisting environment variables...
> #
> # Make sure this is in single quotes to defer expansion to later!
> # :{root_password='Root-${name}-${RANDOM}'}
> : ${root_password='Root-${name}-XXXXXX'}
>
> # Now, it doesn't make much sense to display, store, and force change
> # together. But, we gotta test, right???
> : ${root_display_password='no'}
> : ${root_store_password='yes'}
> # Prompting for something interactive has potential for mayhem
> # with users running under the API... Don't default to "yes"
> : ${root_prompt_password='no'}
>
> --
>
> Stated plainly, create your container with the following:
>
> export root_store_password='no'
> export root_password='my_root_password'
> lxc-create -n container1 -t fedora
> lxc-create -n container2 -t fedora
>
> etc, etc, etc... Each container will have the root password set to
> "my_root_password".
>
> Or this:
>
> export root_prompt_password='yes'
>
> Then run lxc-create and it will then prompt you for the new root
> password.
>
> NOTE: This only works for the Fedora and CentOS templates. It has not
> been ported to any of the other templates at this time!
>
>>
>> # lxc-create -n test -t fedora
>> Host CPE ID from /etc/os-release: cpe:/o:fedoraproject:fedora:20
>> Checking cache download in /var/cache/lxc/fedora/x86_64/20/rootfs ...
>> Cache found. Updating...
>> No packages marked for update
>> Update finished
>> Copy /var/cache/lxc/fedora/x86_64/20/rootfs to /var/lib/lxc/test/rootfs ...
>> Copying rootfs to /var/lib/lxc/test/rootfs ...
>> Storing root password in '/var/lib/lxc/test/tmp_root_pass'
>> Expiring password for user root.
>> passwd: Success
>> installing fedora-release package
>> Package fedora-release-20-3.noarch already installed and latest version
>> Nothing to do
>>
>> Container rootfs and config have been created.
>> Edit the config file to check/enable networking setup.
>>
>> The temporary root password is stored in:
>>
>> '/var/lib/lxc/test/tmp_root_pass'
>>
>>
>> The root password is set up as expired and will require it to be changed
>> at first login, which you should do as soon as possible. If you lose the
>> root password or wish to change it without starting the container, you
>> can change it from the host by running the following command (which will
>> also reset the expired flag):
>>
>> chroot /var/lib/lxc/test/rootfs passwd
>>
>> # lxc-start -n test
>> lxc-start: failed to attach 'vethKOT10G' to the bridge 'virbr0' : No such device
>> lxc-start: failed to create netdev
>> lxc-start: failed to create the network
>> lxc-start: failed to spawn 'test'
>>
>> ======================================================
>> configuration
>> ======================================================
>>
>> # yum install lxc*
>> Loaded plugins: langpacks
>> Package lxc-extra-1.0.3-2.fc21.x86_64 already installed and latest version
>> Package lxc-templates-1.0.3-2.fc21.x86_64 already installed and latest version
>> Package lxc-libs-1.0.3-2.fc21.x86_64 already installed and latest version
>> Package lxc-1.0.3-2.fc21.x86_64 already installed and latest version
>> Package lxc-doc-1.0.3-2.fc21.noarch already installed and latest version
>> Package lxc-devel-1.0.3-2.fc21.x86_64 already installed and latest version
>>
>> -------------------------------------------
>>
>> # lxc-checkconfig
>> Kernel configuration not found at /proc/config.gz; searching...
>> Kernel configuration found at /boot/config-3.14.5-200.fc20.x86_64
>> --- Namespaces ---
>> Namespaces: enabled
>> Utsname namespace: enabled
>> Ipc namespace: enabled
>> Pid namespace: enabled
>> User namespace: enabled
>> Network namespace: enabled
>> Multiple /dev/pts instances: enabled
>>
>> --- Control groups ---
>> Cgroup: enabled
>> Cgroup clone_children flag: enabled
>> Cgroup device: enabled
>> Cgroup sched: enabled
>> Cgroup cpu account: enabled
>> Cgroup memory controller: enabled
>> Cgroup cpuset: enabled
>>
>> --- Misc ---
>> Veth pair device: enabled
>> Macvlan: enabled
>> Vlan: enabled
>> File capabilities: enabled
>>
>> Note : Before booting a new kernel, you can check its configuration
>> usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig
>>
>> Regards,
>> Ajith
>
> Regards,
> Mike
> --
> Michael H. Warfield (AI4NB) | (770) 978-7061 | mhw at WittsEnd.com
> /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the best of all
> PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
>
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
More information about the lxc-users
mailing list