[lxc-users] Fedora container thinks it is not running

Michael H. Warfield mhw at WittsEnd.com
Thu May 15 15:19:44 UTC 2014


On Thu, 2014-05-15 at 22:04 +0700, Fajar A. Nugraha wrote:
> On Thu, May 15, 2014 at 9:06 PM, Michael H. Warfield
> <mhw at wittsend.com> wrote:
>         On Thu, 2014-05-15 at 04:40 -0400, CDR wrote:
>         
>         > The container is started, because I am inside it via ssh
>         > but I cannot use its console
>         > lxc-console -n msterfe
>         > msterfe is not running
>         >
>         > I am uploading the configuration as an attachment
>         > The container was created from the template, LXC 1.0.3
>         
>         
>         Ah, but that config obviously was not.  (And totally aside,
>         why do you
>         need 20 macvlan eth interfaces in a container???)  What
>         happened to the
>         config that the template created?  Was it thrown away and a
>         new one
>         created from whole cloth?
>         
>         Did you first try the container with the initial configuration
>         file
>         generated by the template?  That would be a good place to
>         start and you
>         might want to check /usr/share/lxc/config/fedora.common.conf.
>          The
>         initial configuration file generated by the template will
>         "include" that
>         common set of parameters but you can override those defaults.
>         
> 
> 
> The default default config file created by the template on Ubuntu
> should work, as long as you remember to uncomment this line:
> 
> ####
> # When using LXC with apparmor, uncomment the next line to run
> unconfined:
> 
> #lxc.aa_profile = unconfined
> ####
> 
> 
> 
> With that commented out, you'd get
> ####
> 
> <30>systemd[1]: Starting Root Slice.
> 
> <27>systemd[1]: Caught <SEGV>, dumped core as pid 12.
> <30>systemd[1]: Freezing execution.
> ####
> 
> 
> With the unconfied apparmor profile, it works as expected
> 
> 
> ####
> # lxc-ls -f f20
> NAME  STATE    IPV4        IPV6  AUTOSTART  
> ------------------------------------------
> f20   RUNNING  10.0.3.205  -     NO 
> ####

Nice catch!  I wonder if there is some way I can automate that in the
template.  I would hate to say "if on Ubuntu" but maybe "with apparmor".
Maybe that should be the default in that config and just ignored where
apparmor isn't used.

> lxc-stop doesn't work without "-k". I remember reading about this on
> the list some time ago, might be useful to integrate the workaround in
> the template.
> ####
> [root at f20 ~]# Received SIGPWR.
> ####

I already integrated some thing in there.  Should no longer be a problem
though that update may not have made it into a release yet.

> Using 20 veth interfaces in the container works, by adding blocks like
> this in the config file (and adding appropriate configuration inside
> the container). Each veth needs is its own unique hwaddr
> ###
> lxc.network.type = veth
> lxc.network.flags = up
> lxc.network.link = lxcbr0
> 
> lxc.network.hwaddr = fe:8b:ee:bc:52:c0
> ###
> 
> 
> 
> 
> 
> ###
> # lxc-ls -f f20
> NAME  STATE    IPV4
> 
> 
>                                              IPV6  AUTOSTART  
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> f20   RUNNING  10.0.3.205, 10.0.3.207, 10.0.3.208, 10.0.3.209,
> 10.0.3.210, 10.0.3.217, 10.0.3.218, 10.0.3.219, 10.0.3.220,
> 10.0.3.221, 10.0.3.222, 10.0.3.223, 10.0.3.224, 10.0.3.225,
> 10.0.3.226, 10.0.3.233, 10.0.3.234, 10.0.3.235, 10.0.3.236,
> 10.0.3.237  -     NO         
> ###
> 
> 
> 
> -- 
> 
> Fajar

Regards,
Mike
-- 
Michael H. Warfield (AI4NB) | (770) 978-7061 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0x674627FF        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 482 bytes
Desc: This is a digitally signed message part
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20140515/37b3b4a5/attachment.sig>


More information about the lxc-users mailing list