[lxc-users] using cgroups
Rob Edgerton
redgerhoo at yahoo.com.au
Tue Jun 28 06:01:34 UTC 2016
hi,I have the same problem (cgroups not working as expected) on a clean Xenial build (lxc PPA NOT installed, LXD not installed)In my case I have some Ubuntu Trusty containers I really need to use on Xenial, but they won't start because I use cgroups.If I change the existing containers to remove the "lxc.cgroup" clauses from config they start, but not otherwise.Similarly, I created a new Xenial container for testing. It works, until I add "lxc.cgroups" clauses at which point it also fails to start. at virt-host:~$ lxc-start -n trusty_unp_ibvpn -F -l debug -o lxc.log
lxc-start: cgfsng.c: cgfsng_setup_limits: 1662 No such file or directory - Error setting cpuset.cpus to 1-3 for trusty_unp_ibvpn
lxc-start: start.c: lxc_spawn: 1180 failed to setup the cgroup limits for 'trusty_unp_ibvpn'
lxc-start: start.c: __lxc_start: 1353 failed to spawn 'trusty_unp_ibvpn'
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
Logfile Contents=============
lxc-start 20160628155820.562 INFO lxc_start_ui - lxc_start.c:main:264 - using rcfile /mnt/lxc_images/containers/trusty_unp_ibvpn/config
lxc-start 20160628155820.562 WARN lxc_confile - confile.c:config_pivotdir:1879 - lxc.pivotdir is ignored. It will soon become an error.
lxc-start 20160628155820.562 INFO lxc_confile - confile.c:config_idmap:1500 - read uid map: type u nsid 0 hostid 100000 range 65536
lxc-start 20160628155820.562 INFO lxc_confile - confile.c:config_idmap:1500 - read uid map: type g nsid 0 hostid 100000 range 65536
lxc-start 20160628155820.564 INFO lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .reject_force_umount # comment this to allow umount -f; not recommended.
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for reject_force_umount action 0
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force umounts
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for reject_force_umount action 0
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:do_resolve_add_rule:216 - Setting seccomp rule to reject force umounts
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .[all].
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .kexec_load errno 1.
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for kexec_load action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for kexec_load action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .open_by_handle_at errno 1.
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for open_by_handle_at action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for open_by_handle_at action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .init_module errno 1.
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for init_module action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for init_module action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .finit_module errno 1.
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for finit_module action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for finit_module action 327681
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:342 - processing: .delete_module errno 1.
lxc-start 20160628155820.564 INFO lxc_seccomp - seccomp.c:parse_config_v2:446 - Adding native rule for delete_module action 327681
lxc-start 20160628155820.565 INFO lxc_seccomp - seccomp.c:parse_config_v2:449 - Adding compat rule for delete_module action 327681
lxc-start 20160628155820.565 INFO lxc_seccomp - seccomp.c:parse_config_v2:456 - Merging in the compat seccomp ctx into the main one
lxc-start 20160628155820.565 DEBUG lxc_start - start.c:setup_signal_fd:289 - sigchild handler set
lxc-start 20160628155820.565 DEBUG lxc_console - console.c:lxc_console_peer_default:431 - opening /dev/tty for console peer
lxc-start 20160628155820.565 INFO lxc_caps - caps.c:lxc_caps_up:101 - Last supported cap was 36
lxc-start 20160628155820.565 DEBUG lxc_console - console.c:lxc_console_peer_default:437 - using '/dev/tty' as console
lxc-start 20160628155820.565 DEBUG lxc_console - console.c:lxc_console_sigwinch_init:145 - 3234 got SIGWINCH fd 9
lxc-start 20160628155820.565 DEBUG lxc_console - console.c:lxc_console_winsz:72 - set winsz dstfd:6 cols:212 rows:73
lxc-start 20160628155820.611 INFO lxc_start - start.c:lxc_init:488 - 'trusty_unp_ibvpn' is initialized
lxc-start 20160628155820.611 DEBUG lxc_start - start.c:__lxc_start:1326 - Not dropping cap_sys_boot or watching utmp
lxc-start 20160628155820.611 INFO lxc_start - start.c:resolve_clone_flags:1013 - Cloning a new user namespace
lxc-start 20160628155820.611 INFO lxc_cgroup - cgroup.c:cgroup_init:68 - cgroup driver cgroupfs-ng initing for trusty_unp_ibvpn
lxc-start 20160628155820.614 DEBUG lxc_cgfsng - cgfsng.c:cgfsng_setup_limits:1667 - cgroup 'devices.allow' set to 'c 10:200 rwm'
lxc-start 20160628155820.614 ERROR lxc_cgfsng - cgfsng.c:cgfsng_setup_limits:1662 - No such file or directory - Error setting cpuset.cpus to 1-3 for trusty_unp_ibvpn
lxc-start 20160628155820.615 ERROR lxc_start - start.c:lxc_spawn:1180 - failed to setup the cgroup limits for 'trusty_unp_ibvpn'
lxc-start 20160628155820.615 ERROR lxc_start - start.c:__lxc_start:1353 - failed to spawn 'trusty_unp_ibvpn'
lxc-start 20160628155820.659 INFO lxc_conf - conf.c:run_script_argv:367 - Executing script '/usr/share/lxcfs/lxc.reboot.hook' for container 'trusty_unp_ibvpn', config section 'lxc'
lxc-start 20160628155821.172 ERROR lxc_start_ui - lxc_start.c:main:344 - The container failed to start.
lxc-start 20160628155821.172 ERROR lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.
Repeating the commands you were discussing with Mike
cgmanager is already the newest version (0.39-2ubuntu5).
@virt-host:~$cgm --version
0.29
@virt-host:~$ls /proc/self/cgroup
/proc/self/cgroup
@virt-host:~$ls /proc/self/mountinfo
/proc/self/mountinfo
@virt-host:~$ sudo nano /lib/systemd/system/cgmanager.service
@virt-host:~$ sudo systemctl daemon-reload
@virt-host:~$
@virt-host:~$ systemctl restart cgmanager
@virt-host:~$
@virt-host:~$ sudo cgm create all me
@virt-host:~$ sudo cgm chown all me $(id -u) $(id -g)
call to cgmanager_chown_sync failed: invalid request
-- Logs begin at Tue 2016-06-28 15:08:37 AEST, end at Tue 2016-06-28 15:44:23 AEST. --
Jun 28 15:08:40 virt-host systemd[1]: Started Cgroup management daemon.
Jun 28 15:40:14 virt-host systemd[1]: Stopping Cgroup management daemon...
Jun 28 15:40:14 virt-host systemd[1]: Stopped Cgroup management daemon.
Jun 28 15:40:14 virt-host systemd[1]: Started Cgroup management daemon.
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount systemd onto /run/cgmanager/fs/none,name=systemd
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount memory onto /run/cgmanager/fs/memory
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount net_cls onto /run/cgmanager/fs/net_cls
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount net_prio onto /run/cgmanager/fs/net_prio
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount cpu onto /run/cgmanager/fs/cpu
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount cpuacct onto /run/cgmanager/fs/cpuacct
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount cpuset onto /run/cgmanager/fs/cpuset
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount blkio onto /run/cgmanager/fs/blkio
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount devices onto /run/cgmanager/fs/devices
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount freezer onto /run/cgmanager/fs/freezer
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount perf_event onto /run/cgmanager/fs/perf_event
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount hugetlb onto /run/cgmanager/fs/hugetlb
Jun 28 15:40:14 virt-host cgmanager[2990]: Arranged to mount pids onto /run/cgmanager/fs/pids
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: all unique controllers: blkio,cpu,cpuset,devices,freezer,hugetlb,memory,net_cls,perf_event,pids,name=systemd
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 0: controller blkio
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src blkio path /run/cgmanager/fs/blkio options blkio
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: blkio
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 1: controller cpu
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src cpu path /run/cgmanager/fs/cpu options cpu,cpuacct
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: cpuacct
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 2: controller cpuacct
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src cpuacct path /run/cgmanager/fs/cpuacct options cpu,cpuacct
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: cpu
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 3: controller cpuset
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src cpuset path /run/cgmanager/fs/cpuset options cpuset
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: cpuset
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 4: controller devices
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src devices path /run/cgmanager/fs/devices options devices
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: devices
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 5: controller freezer
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src freezer path /run/cgmanager/fs/freezer options freezer
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: freezer
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 6: controller hugetlb
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src hugetlb path /run/cgmanager/fs/hugetlb options (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: no comounted: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 7: controller memory
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src memory path /run/cgmanager/fs/memory options memory
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: memory
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: unified: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: 8: controller net_cls
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: src net_cls path /run/cgmanager/fs/net_cls options net_cls,net_prio
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: agent: (none)
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: skipped: no
Jun 28 15:40:14 virt-host cgmanager[2990]: print_debug_controller_info: premounted: yes comounted: net_prio
Jun 28 15:41:00 virt-host cgmanager[2990]: print_debug_controller_info: src net_prio path /run/cgcgmanager: Invalid path /run/cgmanager/fs/freezer/user/root/1/me
Jun 28 15:41:00 virt-host cgmanager[2990]: cgmanager:do_chown_main: Invalid path /run/cgmanager/fs/freezer/user/root/1/me
@virt-host:~$ ls /proc/self/cgroup
/proc/self/cgroup
@virt-host:~$ ls /proc/self/mountinfo
/proc/self/mountinfo
Note that I did NOT upgrade to the "stable" PPA first, still using the standard Xenial package as originally installed (the build is only a few days old)
Does this help ? Anything else I can do ?
Rob
On Monday, 27 June 2016, 11:41, Serge E. Hallyn <serge at hallyn.com> wrote:
Quoting Mike Wright (nobody at nospam.hostisimo.com):
> On 06/26/2016 01:01 PM, Serge E. Hallyn wrote:
> >Quoting Mike Wright (nobody at nospam.hostisimo.com):
> >>Hi all,
> >>
> >>cgmanager and cgmanager-utils are installed.
> >>
> >>Environment is ubuntu-xenial, lxc-2.0.1, cgm-0.29
> >
> >why 0.29? xenial should have 0.39-2ubuntu5. I'm on xenial
> >using 0.41-2~ubuntu16.04.1~ppa1 from the ubuntu-lxc
> >ppa.
>
> Thanks for the response, Serge.
>
> This is interesting.
>
> sudo apt install -s cgmanager
> cgmanager is already the newest version (0.39-2ubuntu5)
>
> cgm --version
> 0.29
>
> Added ppa:ubuntu-lxc/stable, updated and upgraded.
>
> sudo apt install -s cgmanager
> cgmanager is already the newest version (0.41-2~ubuntu16.04.1~ppa1)
>
> cgm --version
> 0.29
Oh, huh. Yeah, that seems to be a cgmanager bug :)
> >
> >0 ✓ serge at sl ~ $ sudo cgm create all me
> >[sudo] password for serge:
> >0 ✓ serge at sl ~ $ sudo cgm chown all me $(id -u) $(id -g)
> >0 ✓ serge at sl ~ $
> >
> >Now, I'm not running systemd so it's possible systemd is
> >doing something unorthodox again. But really it sounds
> >like a bug that shouldve been fixed in 0.27-0ubuntu6 -
> >where cgmanager didn't deal well with comounted controllers.
>
> Still failing at cgm chown...
>
> Ideas on how would I go about determining the problem?
Edit /lib/systemd/system/cgmanager.service and add '--debug' to the
end of the ExecStart line. Do 'systemctl daemon-reload' followed
by 'systemctl restart cgmanager'. Then do the above again, and
do 'journalctl -u cgmanager' and list the results here. Also
show the contents of /proc/self/cgroup and /proc/self/mountinfo.
That should give us what we need.
thanks,
-serge
_______________________________________________
lxc-users mailing list
lxc-users at lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160628/860d6cc3/attachment-0001.html>
More information about the lxc-users
mailing list