[lxc-users] Trying to create a lxc container for running Visual Studio Code
Peter Carlsson
peter.jm.carlsson at gmail.com
Thu Feb 11 21:22:52 UTC 2021
On Thu, Feb 11, 2021 at 11:54:05AM -0600, Serge E. Hallyn wrote:
> On Wed, Feb 10, 2021 at 10:49:55PM +0100, Peter Carlsson wrote:
> > On Wed, Feb 10, 2021 at 07:08:09AM -0600, Serge E. Hallyn wrote:
> >
> > Hello again!
> >
> > Thanks for your help.
> >
> > I decided to start fresh and create the container as unprivileged. I
> > therefor deleted the old thread.
> >
> > Here is basically what I did:
> >
> > As root:
> >
> > usermod -v 100000-200000 -w 100000-200000 peter
> > cat /etc/subuid
> > peter:100000:100001
> > cat /etc/subgid
> > peter:100000:100001
> >
> > nano /etc/sysctl.conf
> > # Added by Peter Carlsson 2021-02-10 for lxc
> > kernel.unprivileged_userns_clone=1
> >
> > nano /etc/default/lxc-net
> > #USE_LXC_BRIDGE="true"
> >
> > nano /etc/lxc/default.conf
> > lxc.net.0.type = veth
> > lxc.net.0.link = lxcbr0
> > lxc.net.0.flags = up
> >
> > lxc.apparmor.profile = generated
> > lxc.apparmor.allow_nesting = 1
> >
> > As user peter:
> >
> > mkdir /home/peter/.config/lxc
> > nano /home/peter/.config/lxc/default.conf
> > lxc.net.0.type = veth
> > lxc.net.0.link = lxcbr0
> > lxc.net.0.flags = up
> >
> > lxc.apparmor.profile = generated
> > lxc.apparmor.allow_nesting = 1
> >
> > lxc.idmap = u 0 100000 100001
> > lxc.idmap = g 0 100000 100001
>
> This all looks good.
>
> > Don't know if this was necessary but I ran this after reading a link found on Google
> >
> > lxc-usernsexec
>
> Sorry I'm not following here. lxc-usernsexec without any arguments
> will put you in a shell in a user namespace. I assume you exited that
> before going on with lxc-create, right?
Never mind. To try to solve my problems I googled and tried out
different advices but this was something I don't think I did anything
successful with.
> > lxc-create -t download -n VisualStudioCode -- -d debian -r buster -a amd64
> >
> > lxc-start -n VisualStudioCode -F
> >
> > lxc-start: VisualStudioCode: network.c: lxc_create_network_unpriv_exec: 2178 lxc-user-nic failed to configure requested network: No such file or directory - Failed to open "/etc/lxc/lxc-usernet"
> > cmd/lxc_user_nic.c: 1296: main: Quota reached
> > lxc-start: VisualStudioCode: start.c: lxc_spawn: 1777 Failed to create the configured network
> > lxc-start: VisualStudioCode: start.c: __lxc_start: 1951 Failed to spawn container "VisualStudioCode"
> > lxc-start: VisualStudioCode: tools/lxc_start.c: main: 330 The container failed to start
> > lxc-start: VisualStudioCode: tools/lxc_start.c: main: 336 Additional information can be obtained by setting the --logfile and --logpriority options
> >
> > What should I put in /etc/lxc/lxc-usernet?
>
> cat << EOF | sudo tee /etc/lxc/lxc-usernet
> # USERNAME TYPE BRIDGE COUNT
> peter veth lxcbr0 10
>
> > Do you see something else I have missed or should have done differently?
>
> Not offhand. But do make sure that lxc-net is running, i.e. make sure
> that 'brctl show' shows lxcbr0
>
> > Note that I had the network working for the container created by root.
Now I have also done these things and had some progress:
systemctl enable lxc-net
systemctl start lxc-net
nano /etc/lxc/lxc-usernet
# USERNAME TYPE BRIDGE COUNT
peter veth lxcbr0 10
chmod 755 /home/peter/.local/share/
chmod 755 /home/peter/.local/share/lxc/
lxc-start -n VisualStudioCode -F
Failed to mount cgroup at /sys/fs/cgroup/systemd: Permission denied
[!!!!!!] Failed to mount API filesystems.
Exiting PID 1...
For me it is not obvious what my next step should be. Any help would be
appreciated.
Best regards,
Peter Carlsson
More information about the lxc-users
mailing list