[lxc-users] ghost services on LXC containers

Fajar A. Nugraha list at fajar.net
Thu Sep 10 05:27:02 UTC 2020


On Thu, Aug 13, 2020 at 5:47 PM Harald Dunkel <harald.dunkel at aixigo.com> wrote:
>
> On 8/13/20 12:32 PM, Fajar A. Nugraha wrote:
> > Try (two times, once inside the container, once inside the host):
> > - cat /proc/self/cgroup
> > - ls -la /proc/self/ns
>
> On the host:
>
> root at il08:~# cat /proc/self/cgroup
> 13:name=systemd:/
> 12:rdma:/
> 11:pids:/
> 10:perf_event:/
> 9:net_prio:/
> 8:net_cls:/
> 7:memory:/
> 6:freezer:/
> 5:devices:/
> 4:cpuset:/
> 3:cpuacct:/
> 2:cpu:/
> 1:blkio:/
> 0::/
> root at il08:~# ls -la /proc/self/ns
> total 0
> dr-x--x--x 2 root root 0 Aug 13 12:40 .
> dr-xr-xr-x 9 root root 0 Aug 13 12:40 ..
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 cgroup -> 'cgroup:[4026531835]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 ipc -> 'ipc:[4026531839]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 mnt -> 'mnt:[4026531840]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 net -> 'net:[4026531992]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 pid -> 'pid:[4026531836]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 pid_for_children -> 'pid:[4026531836]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 time -> 'time:[4026531834]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 time_for_children -> 'time:[4026531834]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 user -> 'user:[4026531837]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:40 uts -> 'uts:[4026531838]'
>
>
> Entering the container:
>
> root at il08:~# lxc-attach -n il02
> root at il02:~# cat /proc/self/cgroup
> 13:name=systemd:/
> 12:rdma:/
> 11:pids:/
> 10:perf_event:/
> 9:net_prio:/
> 8:net_cls:/
> 7:memory:/
> 6:freezer:/
> 5:devices:/
> 4:cpuset:/
> 3:cpuacct:/
> 2:cpu:/
> 1:blkio:/
> 0::/
> root at il02:~# ls -la /proc/self/ns
> total 0
> dr-x--x--x 2 root root 0 Aug 13 12:42 .
> dr-xr-xr-x 9 root root 0 Aug 13 12:42 ..
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 cgroup -> 'cgroup:[4026532376]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 ipc -> 'ipc:[4026532313]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 mnt -> 'mnt:[4026532311]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 net -> 'net:[4026532316]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 pid -> 'pid:[4026532314]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 pid_for_children -> 'pid:[4026532314]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 time -> 'time:[4026531834]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 time_for_children -> 'time:[4026531834]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 user -> 'user:[4026531837]'
> lrwxrwxrwx 1 root root 0 Aug 13 12:42 uts -> 'uts:[4026532312]'
>
>
> I am not sure what this is trying to tell me, though. Is this the same
> hierarchy?

It shouldn't be. /proc/self/ns says the two has different cgroup
namespace, so even if /proc/self/cgroup look the same, they are not.

> And would you agree that this is really a bad thing to do?

If they're the same hierarchy on the same namespace, yes.
If they're on different namespace, no.

Not sure what's wrong on your setup though. Your debian bug page link
says 'No longer marked as found in versions systemd/241-7~deb10u4', so
perhaps there's that.

If this is still reproducible on systems with that (or newer) versions
of systemd, I'd suggest these to help find the root cause:
- try latest lxd from snap
- try on ubuntu host and container

I'm using ubuntu with systemd 237-3ubuntu10.20 and 245.4-4ubuntu3.1,
and dont experience your bug report.

-- 
Fajar


More information about the lxc-users mailing list