[lxc-users] Cannot start network: Failed to attach
Fajar A. Nugraha
list at fajar.net
Wed Feb 24 10:59:34 UTC 2016
On Wed, Feb 24, 2016 at 3:59 PM, Jochen Wiedmann
<jochen.wiedmann at gmail.com> wrote:
> On Wed, Feb 24, 2016 at 9:49 AM, Fajar A. Nugraha <list at fajar.net> wrote:
>
>> You're missing a lot by sticking with c6. Especially if you stick with
>> the default kernel.
>
> What alternative are you suggesting? This is a VM, so I'm flexible.
Well, https://linuxcontainers.org/ says "Project sponsored by
Canonical Ltd". And there's also
http://blog.dustinkirkland.com/2016/02/zfs-is-fs-for-containers-in-ubuntu-1604.html
Anything with recent-enough kernel should work. I like ubuntu since
it's easiest to get lxc working there (obviously), but any distro with
recent-enough kernel should be able to support most newer features
(e.g. unprivileged containers, additional security using
apparmor/seccomp).
A c6 host should be able to run sysvinit and upstart-based priviliged
containers (i.e. root in container has the same id as root in host),
but it won't provide the usual security and restriction that you're
used to in VMs (for example, the host might set CPU/memory limit for a
container, but a privileged host would be able to reset that limit).
And you won't be able to run systemd-based containers either (those
need lxcfs)
As for the bridge, newer lxc installations (e.g. 1.1.5 or 2 beta) will
create lxcbr0 which behaves similar to virbr0. In your case, the easy
way out is to install libvirt (which you did). If you had used ubuntu,
you'd already have lxcbr0 automagically configured ready to use.
--
Fajar
More information about the lxc-users
mailing list