[lxc-users] Broken on Gentoo linux-4.8.17-hardened-r2, LXD 2.11, and lxc 1.0.8
Michael Johnson
johnson at cognitech-ut.com
Sat Jun 10 01:19:29 UTC 2017
Thanks for the good advice. I actually had two separate configuration
errors.
1) I did not have subgid and subuid set up as documented in the gentoo
wiki.I believe that's what gave rise to my 'id mapping' error.
2) I did not have the CHECKSUM iptables support built into the kernel.
Thus the iptables error.
I've discovered that lxc/lxd requires significant support from the
kernel. That's not surprising. I'm having trouble chasing down all the
kernel requirements. For example, the hardened kernel has no systemd
support, none at all. If one plans to use centos containers, the
hardened kernel is to be avoided. I'm saving my notes and will post a
final list of kernel requirements at some point.
-Mike
More information about the lxc-users
mailing list