[lxc-users] Booting a Freebsd VM inside a container

Anjali Kulkarni anjali at juniper.net
Fri Feb 20 18:34:45 UTC 2015 

Cool thanks!

On 2/20/15, 8:48 AM, "Serge Hallyn" <serge.hallyn at ubuntu.com> wrote:

>I've run kvm inside containers many times (mainly to test new qemu
>packages from different releases).  You just need to make sure to
>create /dev/kvm in the container, give it the right ownership+perms,
>perhaps create /dev/net/tun, and give the needed cgroup.devices access.
>
>-serge
>
>Quoting Anjali Kulkarni (anjali at juniper.net):
>> There is a reason for it, but I can’t discuss that. There is enough
>> reason, and I know you would need some funky stuff (access stuff on
>>host)
>> to get it working, but that’s what I was looking at to see if it is
>> feasible or if anyone has done it.
>> 
>> Anjali
>> 
>> On 2/20/15, 5:37 AM, "Fajar A. Nugraha" <list at fajar.net> wrote:
>> 
>> >On Fri, Feb 20, 2015 at 8:16 PM, Anjali Kulkarni <anjali at juniper.net>
>> >wrote:
>> >> Thanks, so for networking to work, all you need to do is add the
>> >> networking links to the config file in /var/lib/lxc/<lxc_name> and
>>then
>> >> networking should work in the VM as it would in a normal LXC.
>> >
>> >Not if by "VM" you mean a qemu instance.
>> >
>> >> Regarding the freebsd VM, I understand that the host OS has to be the
>> >>same
>> >> as a container OS, but what I am looking for is a way to run the
>>freebsd
>> >> VM in emulated mode via qemu. Theoretically, if I can run a freebsd
>>VM
>> >>on
>> >> the host OS via qemu/kvm, I should be able to run it inside the
>> >>container
>> >> via qemu as well right?
>> >
>> >No.
>> >
>> >Containers on lxc are not designed to run qemu (or virtualbox, or
>> >name-your-fancy-software-that-access-devices directly) in it. In fact,
>> >the default config on ubuntu would prevent that (via cap.drop and
>> >selinux) to keep the containers from harming the host.
>> >
>> >You could PROBABLY work around it by creating an unsafe container
>> >(e.g. using "lxc.cap.drop=" and "lxc.aa_profile=unconfined"), but then
>> >what's the point of using containers then?
>> >
>> >> I don¹t want to map the VM¹s OS to the underlying
>> >> OS, but just use qemu for the emulation part. Does that make sense?
>> >
>> >Not really. Is there any particular use case why you want to run
>> >qemu/kvm instead the container, instead of on the host? Just because
>> >it's cool? Because you rent a container from a VPS and want to run
>> >something else on it?
>> >
>> >-- 
>> >Fajar
>> >_______________________________________________
>> >lxc-users mailing list
>> >lxc-users at lists.linuxcontainers.org
>> >http://lists.linuxcontainers.org/listinfo/lxc-users
>> 
>> _______________________________________________
>> lxc-users mailing list
>> lxc-users at lists.linuxcontainers.org
>> http://lists.linuxcontainers.org/listinfo/lxc-users
>_______________________________________________
>lxc-users mailing list
>lxc-users at lists.linuxcontainers.org
>http://lists.linuxcontainers.org/listinfo/lxc-users

More information about the lxc-users mailing list