[lxc-users] Converting from libvirt lxc

Fajar A. Nugraha list at fajar.net
Thu Dec 3 04:47:50 UTC 2015 

On Thu, Dec 3, 2015 at 1:14 AM, Peter Steele <pwsteele at gmail.com> wrote:

>
> On 12/02/2015 07:23 AM, Fajar A. Nugraha wrote:
>
> On Wed, Dec 2, 2015 at 9:49 PM, Peter Steele <pwsteele at gmail.com> wrote:
>
>> On 12/01/2015 08:25 PM, Fajar A. Nugraha wrote:
>>
>> Is there a reason why you can't install a centos7 container using the
>> download template? It would've been MUCH easier, and some of the things you
>> asked wouldn't even be an issue.
>>
>>
>>
lxc-create -t centos -n test1
>
> to create a container using the centos default settings. The resulting
> config file doesn't look a whole lot different than my manually crafted
> version.
>


You DID notice that repeatedly say "DOWNLOAD template"? as in someting like

# lxc-create -t download -n c7 -- -d centos -r 7 -a amd64



> Something doesn't seem quite right though; when I run lxc-start -n test1
> the container takes forever to boot. I could log in eventually but it's
> not working too well:
>
> [root at test1 ~]# systemctl
>          Starting Trigger Flushing of Journal to Persistent Storage...
> [FAILED] Failed to start LSB: Bring up/down networking.
> See 'systemctl status network.service' for details.
> <28>systemd-sysctl[261]: Failed to write '1' to
> '/proc/sys/kernel/core_uses_pid': Read-only file system
> Failed to get D-Bus connection: Failed to authenticate in time.
>
> Shouldn't a container built with the stock config work "out of the box"?
>
>

Short version: if you use http://copr.fedoraproject.org/coprs/thm/lxc1.1/ ,
you need to do some things first:
- edit /etc/sysconfig/lxc, USE_LXC_BRIDGE="true"
- systemctl enable lxc-net
- systemctl enable lxc
- systemctl start lxc-net
- brctl show
- ip ad li lxcbr0

If you HAVE lxcbr0 with the default ip 10.0.3.1 (you can change this
later), you're all set. If not, doublecheck your setup.
If you're asking "where's the docs that mention this", as the package
manager :)

The alternative is to configure your own bridge and configure your
containers to use that. After you get the bridge working, you can start and
monitor its boot progress with something like this:

# lxc-start -n c7;lxc-console -n c7 -t 0

The benefit of using this approach instead of "lxc-start -F" is that you
can detach the console session later using "ctrl-a q". Note that you can
NOT login on this console yet, as by default the root password is not set.
>From another shell session, you need to do

# lxc-attach -n c7 -- passwd

Then you can login from the console session. You'll then see on the
container (I tested this just now on up-to-date centos7)

[root at c7 ~]# ls /dev
console  core  fd  full  hugepages  initctl  log  lxc  mqueue  null  ptmx
 pts  random  shm  stderr  stdin  stdout  tty  tty1  tty2  tty3  tty4
 urandom  zero

Apparently this works even without lxfs.


If you DO manage to get lxcfs installed and working later (disclaimer: I've
only use it on ubuntu and debian), you'll be able to get some additional
benefits like the container only seeing its allocated resources (set using
"lxc.cgroup" settings on lxc config file). For example, if
"lxc.cgroup.cpuset.cpus = 0", then the container will only use cpu0, and
"htop" or "cat /proc/cpuinfo" will only show 1 cpu even when your host has
multiple cpus.

-- 
Fajar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20151203/186de001/attachment-0001.html>

More information about the lxc-users mailing list