[lxc-users] Fedora container thinks it is not running
Michael H. Warfield
mhw at WittsEnd.com
Thu May 15 15:19:44 UTC 2014
On Thu, 2014-05-15 at 22:04 +0700, Fajar A. Nugraha wrote:
> On Thu, May 15, 2014 at 9:06 PM, Michael H. Warfield
> <mhw at wittsend.com> wrote:
> On Thu, 2014-05-15 at 04:40 -0400, CDR wrote:
>
> > The container is started, because I am inside it via ssh
> > but I cannot use its console
> > lxc-console -n msterfe
> > msterfe is not running
> >
> > I am uploading the configuration as an attachment
> > The container was created from the template, LXC 1.0.3
>
>
> Ah, but that config obviously was not. (And totally aside,
> why do you
> need 20 macvlan eth interfaces in a container???) What
> happened to the
> config that the template created? Was it thrown away and a
> new one
> created from whole cloth?
>
> Did you first try the container with the initial configuration
> file
> generated by the template? That would be a good place to
> start and you
> might want to check /usr/share/lxc/config/fedora.common.conf.
> The
> initial configuration file generated by the template will
> "include" that
> common set of parameters but you can override those defaults.
>
>
>
> The default default config file created by the template on Ubuntu
> should work, as long as you remember to uncomment this line:
>
> ####
> # When using LXC with apparmor, uncomment the next line to run
> unconfined:
>
> #lxc.aa_profile = unconfined
> ####
>
>
>
> With that commented out, you'd get
> ####
>
> <30>systemd[1]: Starting Root Slice.
>
> <27>systemd[1]: Caught <SEGV>, dumped core as pid 12.
> <30>systemd[1]: Freezing execution.
> ####
>
>
> With the unconfied apparmor profile, it works as expected
>
>
> ####
> # lxc-ls -f f20
> NAME STATE IPV4 IPV6 AUTOSTART
> ------------------------------------------
> f20 RUNNING 10.0.3.205 - NO
> ####
Nice catch! I wonder if there is some way I can automate that in the
template. I would hate to say "if on Ubuntu" but maybe "with apparmor".
Maybe that should be the default in that config and just ignored where
apparmor isn't used.
> lxc-stop doesn't work without "-k". I remember reading about this on
> the list some time ago, might be useful to integrate the workaround in
> the template.
> ####
> [root at f20 ~]# Received SIGPWR.
> ####
I already integrated some thing in there. Should no longer be a problem
though that update may not have made it into a release yet.
> Using 20 veth interfaces in the container works, by adding blocks like
> this in the config file (and adding appropriate configuration inside
> the container). Each veth needs is its own unique hwaddr
> ###
> lxc.network.type = veth
> lxc.network.flags = up
> lxc.network.link = lxcbr0
>
> lxc.network.hwaddr = fe:8b:ee:bc:52:c0
> ###
>
>
>
>
>
> ###
> # lxc-ls -f f20
> NAME STATE IPV4
>
>
> IPV6 AUTOSTART
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> f20 RUNNING 10.0.3.205, 10.0.3.207, 10.0.3.208, 10.0.3.209,
> 10.0.3.210, 10.0.3.217, 10.0.3.218, 10.0.3.219, 10.0.3.220,
> 10.0.3.221, 10.0.3.222, 10.0.3.223, 10.0.3.224, 10.0.3.225,
> 10.0.3.226, 10.0.3.233, 10.0.3.234, 10.0.3.235, 10.0.3.236,
> 10.0.3.237 - NO
> ###
>
>
>
> --
>
> Fajar
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 978-7061 | mhw at WittsEnd.com
/\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of all
PGP Key: 0x674627FF | possible worlds. A pessimist is sure of it!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140515/37b3b4a5/attachment.sig>
More information about the lxc-users
mailing list