[lxc-users] Trying to create a lxc container for running Visual Studio Code

Peter Carlsson peter.jm.carlsson at gmail.com
Wed Feb 10 21:49:55 UTC 2021 

On Wed, Feb 10, 2021 at 07:08:09AM -0600, Serge E. Hallyn wrote:

Hello again!

Thanks for your help.

I decided to start fresh and create the container as unprivileged. I
therefor deleted the old thread.

Here is basically what I did:

As root:

  usermod -v 100000-200000 -w 100000-200000 peter
  cat /etc/subuid
    peter:100000:100001
  cat /etc/subgid
    peter:100000:100001

  nano /etc/sysctl.conf
    # Added by Peter Carlsson 2021-02-10 for lxc
    kernel.unprivileged_userns_clone=1

  nano /etc/default/lxc-net
    #USE_LXC_BRIDGE="true"

  nano /etc/lxc/default.conf
    lxc.net.0.type = veth
    lxc.net.0.link = lxcbr0
    lxc.net.0.flags = up

    lxc.apparmor.profile = generated
    lxc.apparmor.allow_nesting = 1

As user peter:

  mkdir /home/peter/.config/lxc
  nano /home/peter/.config/lxc/default.conf
    lxc.net.0.type = veth
    lxc.net.0.link = lxcbr0
    lxc.net.0.flags = up

    lxc.apparmor.profile = generated
    lxc.apparmor.allow_nesting = 1

    lxc.idmap = u 0 100000 100001
    lxc.idmap = g 0 100000 100001

Don't know if this was necessary but I ran this after reading a link found on Google

  lxc-usernsexec

  lxc-create -t download -n VisualStudioCode -- -d debian -r buster -a amd64

  lxc-start -n VisualStudioCode -F
 
    lxc-start: VisualStudioCode: network.c: lxc_create_network_unpriv_exec: 2178 lxc-user-nic failed to configure requested network: No such file or directory - Failed to open "/etc/lxc/lxc-usernet"
    cmd/lxc_user_nic.c: 1296: main: Quota reached
    lxc-start: VisualStudioCode: start.c: lxc_spawn: 1777 Failed to create the configured network
    lxc-start: VisualStudioCode: start.c: __lxc_start: 1951 Failed to spawn container "VisualStudioCode"
    lxc-start: VisualStudioCode: tools/lxc_start.c: main: 330 The container failed to start
    lxc-start: VisualStudioCode: tools/lxc_start.c: main: 336 Additional information can be obtained by setting the --logfile and --logpriority options

What should I put in /etc/lxc/lxc-usernet?

Do you see something else I have missed or should have done differently?

Note that I had the network working for the container created by root.

Best regards,
Peter Carlsson

More information about the lxc-users mailing list