[lxc-users] Hotplug new network interfaces not working

Michael H. Warfield mhw at WittsEnd.com
Tue May 13 17:24:29 UTC 2014 

On Tue, 2014-05-13 at 13:00 -0400, CDR wrote:
> I am forced to use libvirt-lxc only because nobody can help me solve
> this issue. If somebody can figure this out, then I will only use lXC.
> In a Fedora20 container, if I start it with the "-d" flag, then it
> never let's me enter the container via the console, it times out on me
> when I use
> lxc-console -n mycontainer.

I guess the problem is, here, that this doesn't make sense (to me).  I
work and develop under Fedora (17,18,19,20,rawhide).  I have containers
of virtually every guest distro, even Gentoo and SUSE and a few others
(NST, Kali) which are not supported.  I've got Fedora20 containers of
both x86_64 and i686 archs.  I'm not seeing this problem.  I've started
them without the -d as well as with the -d and currently start them
using lxc-autostart and I'm just not seeing this problem.

The problem is in trying to decide why your setup is (or your containers
are) different or what you are doing different so we might address it
(either in code or documentation).

These are Fedora20 containers you are trying to start?  Under what rev
where they created (not what you're running now)?  I know I had to add
some code to the Fedora template to create the console devices...

Look here:

/var/lib/lxc/{container}/rootfs/etc/systemd/system/getty.target.wants

Now look for a series of symlinks like this:

[root at hydra getty.target.wants]# pwd
/var/lib/lxc/Fedora20/rootfs/etc/systemd/system/getty.target.wants
[root at hydra getty.target.wants]# ls -l
total 0
lrwxrwxrwx. 1 root root 17 Mar  7 19:02 getty at tty1.service -> ../getty at .service
lrwxrwxrwx. 1 root root 17 Mar  7 19:02 getty at tty2.service -> ../getty at .service
lrwxrwxrwx. 1 root root 17 Mar  7 19:02 getty at tty3.service -> ../getty at .service
lrwxrwxrwx. 1 root root 17 Mar  7 19:02 getty at tty4.service -> ../getty at .service

If you don't have them, that's your problem.  The lxc-fedora template
now creates these automatically.  This is systemd stuff.  The
pre-systemd Fedora template did not do this.  If you want more than
four, you're going to have to create them yourself and add the changes
to the config file for the vty's.

If you don't have them, you probably DON'T have the properly munged
getty at .service file in the parent directory, so you can't just copy the
systemd default or blindly create them

This change has to be made!

[root at hydra rootfs]# diff lib/systemd/system/getty at .service etc/systemd/system/getty at .service 
24c24
< ConditionPathExists=/dev/tty0
---
> # ConditionPathExists=/dev/tty0

If you don't have that...  That's your problem.

> This happens only in Fedora 20 containers. But that does not happen
> under libvirt. I have 3  different OS' containers, and the other two
> work fine under pure LXC.

It's not just under Fedora 20 containers but will impact any containers
running systemd in a container, which has proven to be a black art for
me.

Regards,
Mike

> I think that the bug is in LXC. If I ask Libvirt, they will respond
> "it does work, doesn't it?
> Any idea?
> Philip
> 
> On Tue, May 13, 2014 at 12:35 PM, Stéphane Graber <stgraber at ubuntu.com> wrote:
> > On Tue, May 13, 2014 at 12:29:07PM -0400, Michael H. Warfield wrote:
> >> On Tue, 2014-05-13 at 12:09 -0400, CDR wrote:
> >> > Dear Friends
> >> > I have a Fedora 20 LXC (libirt) container in production and I cannot reboot it.
> >> > So I used "virsh edit mycontainer" and added several
> >> >
> >> > <interface type='direct'>
> >> >       <mac address='00:5A:0C:18:C9:E9'/>
> >> >       <source dev='eth1' mode='bridge'/>
> >> >     </interface>
> >>
> >> Ok...  But that's libvirt LXC, not LXC-Tools LXC.
> >>
> >> > The problem is that after it gets saved, the new interfaces never show
> >> > up in ip link, and I have no idea how to make Fedora under LXC to
> >> > check for the new hardware.
> >>
> >> > Is this a limitation of LXC in general?
> >>
> >> The term "LXC" in this case is ambiguous.  Are you talking about libvirt
> >> lxc or this project.  They are not the same.
> >>
> >> > I bet there is a workaround.
> >>
> >> Only if you're skilled at creating hotplug and udev rules.  It has to be
> >> done under the host and the host has to transfer that device into the
> >> container.  It's not something that's really controllable from the
> >> container per se.  I can run devices and such in and out of LXC
> >> containers (NOT libvirt) with some scripting and some rules in the host,
> >> but I doubt that would help you (I take advantage of some of the
> >> devtmpfs stuff I wrote for this project).  Libvirt may have a way to
> >> work around that but you'll have to consult with them.
> >>
> >> I think Stéphane also had some utility for moving devices (interfaces,
> >> I'm not so sure) but, again, that's for this project, not libvirt.
> >
> > Correct, lxc-device will let you do that with our LXC.
> >
> >>
> >> > Yours
> >> > Philip
> >>
> >>
> >> --
> >> Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
> >>    /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
> >>    NIC whois: MHW9          | An optimist believes we live in the best of all
> >>  PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!
> >>
> >
> >
> >
> >> _______________________________________________
> >> lxc-users mailing list
> >> lxc-users at lists.linuxcontainers.org
> >> http://lists.linuxcontainers.org/listinfo/lxc-users
> >
> >
> > --
> > Stéphane Graber
> > Ubuntu developer
> > http://www.ubuntu.com
> >
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users

-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140513/da3a078a/attachment.sig>

More information about the lxc-users mailing list