[lxc-users] upgrade to LXC 1.0.6 : segfault
Hans Feldt
hans.feldt at ericsson.com
Thu Oct 30 08:07:26 UTC 2014
Well disabling kernel logging in system containers worked fine for me. Only the rsyslog instance on the host should log kernel messages. If several rsyslog instances read the kernel log the result will be … garbled
See man proc & kmsg where it clearly states that only one process should read that data source.
/Hans
From: lxc-users [mailto:lxc-users-bounces at lists.linuxcontainers.org] On Behalf Of Yannick Barbeaux
Sent: den 29 oktober 2014 13:35
To: LXC users mailing-list
Subject: Re: [lxc-users] upgrade to LXC 1.0.6 : segfault
Sorry to say so but I am very doubtful about the fact that lxc does not have anything to do with the garbled logs problem.
I have been using Debian servers (with or without xen) for many years and it is the first time I face such issues.
One relevant example is that my guest domain has iptables rules and logs dropped packets.
The logging rule is:
iptables -A OUTPUT -j LOG --log-prefix " dropped by firewall (OUTPUT) "
so I find the following lines in kern.log: (when not garbled)
Oct 29 12:22:31 myhost kernel: [68725.452738] dropped by firewall (OUTPUT)IN= OUT=eth0 SRC=ip_address DST=ip_address LEN=109 TOS=0x00 PREC=0x00 TTL=255 ID=5689 DF PROTO=41
I discovered that I have similar lines in the kern.log of my containers while they have absolutely no iptables rules:
Oct 29 13:10:04 localhost kernel: [71575.889092] dropped by firewall (OUTPUT)IN= OUT=eth0 SRC=ip_address DST=ip_address LEN=116 TOS=0x00 PREC=0x00 TTL=255 ID=7628 DF PROTO=41
As suggested here<https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1003888>, I added the following lines in my containers conf file:
lxc.cap.drop = sys_module mac_admin syslog
but that did not help.
Commenting out/removing the line including “$ModLoad imklog” in /etc/rsyslog.conf as suggested is not an option since I need the logging possibilities.
Any help is greatly appreciated.
Thank you.
Yannick
On 28 October 2014 06:45, Hans Feldt <hans.feldt at ericsson.com<mailto:hans.feldt at ericsson.com>> wrote:
Regarding garbled logs, you should disable kernel logging in the guest by commenting out/removing the line including “$ModLoad imklog” in /etc/rsyslog.conf
Thanks,
Hans
From: lxc-users [mailto:lxc-users-bounces at lists.linuxcontainers.org<mailto:lxc-users-bounces at lists.linuxcontainers.org>] On Behalf Of Yannick Barbeaux
Sent: den 27 oktober 2014 17:08
To: lxc-users at lists.linuxcontainers.org<mailto:lxc-users at lists.linuxcontainers.org>
Subject: [lxc-users] upgrade to LXC 1.0.6 : segfault
Hi everyone,
my first post in the LXC world!
I have been using LXC 1.0.3 on debian wheezy for a few months now and everything worked fine, except that the kern.log (and thus syslog too) on "Dom0" was garbled as soon as I started any container :
example:
Oct 27 16:19:51 myserver kernel: rl(NU)I=r.0 U=MC0:05:00:1f:ac:1e:60:0SC0000DT24001LN3 O=x0PE=x0TL1I= FPOO2
Oct 27 16:19:53 myserver kernel: 91845] rpe yfrwl IPT Nb012OT A=10:e0:00:e5:86:88:80 R=... S=2... E=2TS00 RC0C T= D0D RT= 2.233 rp ra NTIb.4U C10e001ece20480R0. =..E2S0R0 =DDR=4>[ 922.837874] dropped by firewall (INPUT) IN=br0105 OU=MC0:05:00:16:09:99:f0:0SC0000DT=2... E=2TS00 RC0C T= D0D RT= ==x0PE=x0TL1I= FPOO2
it seems that various processes write at the same time in the logs and thus it is totally messy.
I thought that upgrading to LXC 1.0.6 could solve that issue. I downloaded the sources and compiled the new version with python enabled.
The real problems started with that new version: after rebooting, the containers would simply not start (lxc-start -d -n p1 does not do anything, nothing in the logs either). After investigations, I found out that the link to the liblxc pointed to the liblxc.so.1.1.0.alpha1.
After deleting the symbolic link and recreating it to point to liblxc.so.1.0.6, I was able to launch the containers successfully but unfortunately, one of the command I used the most, lxc-ls --fancy was broken (Segmentation fault). Same issue for the lxc-autostart command.
Furthermore, after each reboot, the link to the alpha1 version of the lib is automatically recreated so before launching the containers, I have to execute those commands to recreate the correct link:
rm /usr/local/lib/liblxc.so.1
ln -s /usr/local/lib/liblxc.so.1.0.6 /usr/local/lib/liblxc.so.1
And guess what, with the v1.0.6, my kern.log and syslog are still garbled so the upgrade was definitely not efficient in my case.
To sum up, since the upgrade, I face the following issues:
- garbled logs on "Dom0" (same issue as with v1.0.3)
- link to the liblxc.so.1.1.0alpha is recreated at each system startup (and implies that I cannot launch my containers)
- lxc-ls --fancy and lxc-autostart not working anymore
Any help on this would be really appreciated.
Thanks
Yannick
_______________________________________________
lxc-users mailing list
lxc-users at lists.linuxcontainers.org<mailto:lxc-users at lists.linuxcontainers.org>
http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20141030/f63a1b60/attachment-0001.html>
More information about the lxc-users
mailing list