[lxc-users] Network does not start automatically on Debian Jessie and Stretch containers, works fine in Wheezy

Wed Apr 13 20:46:02 UTC 2016

Quoting Anders Andersson (pipatron at gmail.com):
> On Mon, Apr 11, 2016 at 4:59 PM, Serge Hallyn <serge.hallyn at ubuntu.com> wrote:
> > Quoting Anders Andersson (pipatron at gmail.com):
> >> I have a seemingly trivial problem with Debian containers on a Debian
> >> host, but I can't seem to figure out why it happens so I'm turning to
> >> the professionals for help.
> >>
> >> I run a Debian Stretch (testing) server for my personal use at home.
> >> It has been running a Debian Wheezy container for a long time, no
> >> problems whatsoever, implying that my bridge is correctly set up, and
> >> the corresponding LXC config for the container:
> >>
> >>  lxc.network.type = veth
> >>  lxc.network.link = br0
> >>  lxc.network.flags = up
> >>
> >> Now I want more containers, so I tried creating a Jessie container
> >> using the following command:
> >>
> >>  lxc-create -t download -n deb8 -- -d debian -a amd64 -r jessie
> >>  lxc-start -n deb8
> >>
> >> This fails to initialize the network inside the new container.
> >>
> >> To debug this, I tried creating three containers using these identical commands:
> >>
> >>  lxc-create -t download -n deb7 -- -d debian -a amd64 -r wheezy
> >>  lxc-create -t download -n deb8 -- -d debian -a amd64 -r jessie
> >>  lxc-create -t download -n deb9 -- -d debian -a amd64 -r stretch
> >
> > Can you show the process listing in the broken containers?
> 
> Sure, there is not much to show:
> 
> root at deb8:~# ps auxf
> USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
> root        10  0.0  0.0  21868  3812 ?        S    16:22   0:00 /bin/bash
> root        11  0.0  0.0  19068  2464 ?        R+   16:22   0:00  \_ ps auxf
> root         1  0.0  0.0  27080  2052 ?        S    16:14   0:00 /sbin/init
> 
> deb9 looks the same.
> 
> 
> 
> > I'd assume the problem is that systemd is getting stuck due to cgroups
> > not being sufficiently available.  In which case the answer should be
> > to install lxcfs, or to run a kernel with cgroup namespaces available.
> 
> I'm not completely sure what cgoup namespaces means here, but the
> output from my "lxc-checkconfig" shows (among other things):
> Namespaces: enabled
> Cgroup: enabled

if /proc/self/ns/cgroup does not exist, then you do not have cgroup
namespaces.

> > Which lxc and lxcfs versions do youhave installed?
> 
> lxc: 1.1.5
> lxcfs: not installed
> 
> After installing lxcfs, my deb9 container works! It starts up a DHCP
> client and gets an IP address from my server, and I can attach to it
> and use for example journalctl.
> 
> The debian 8 (jessie) container still does not work, but my immediate
> goal was to get a debian 9 container so my problem is currently
> solved.

Great, glad to hear it.

> Thanks for the hint! Perhaps the lxc package in debian should
> recommend or at least suggest lxcfs, since it seems necessary to run a
> debian stretch container on a debian stretch host.

lxcfs only just got packaged in debian, so I suspect that might be
coming soon.