[lxc-devel] Question using macvlan
Hi, I think this is a frequently asked question, but I can't find the answer ... The host machine has 2 NIC, eth0 and eth1. eth0 is used a an internal and eth1 is used as an external interface. The lxc-container is setup using a macvlan interface in bridge mode on eth0 with a static ip address. I can't figure out how the container can communicate with the host! I found an advice to create a macvlan for the host either: I tried that but without luck. It would be nice if someone could me direct to the right direction here. Thanks! -- Wilhelm -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 0/2] some cleanup around lxc-create
Hi, I had a go against lxc-create trying to debug the console issue. There is still a serious issue: the template scripts use some 'arch' binary, which isn't present on my system. What is that? Why not use 'uname -m' instead? Thanks, Feri. Ferenc Wagner (2): remove misleading copypaste comment correct template directory documentation doc/lxc-create.sgml.in | 11 ++- src/lxc/lxc-create.in |5 - 2 files changed, 6 insertions(+), 10 deletions(-) -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
[lxc-devel] [PATCH 2/2] correct template directory documentation
Signed-off-by: Ferenc Wagner wf...@niif.hu --- doc/lxc-create.sgml.in | 11 ++- 1 files changed, 6 insertions(+), 5 deletions(-) diff --git a/doc/lxc-create.sgml.in b/doc/lxc-create.sgml.in index 5505eea..f3e8524 100644 --- a/doc/lxc-create.sgml.in +++ b/doc/lxc-create.sgml.in @@ -65,7 +65,8 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA lxc commands. /para para - The object is a directory created in @LXCPATH@ and identified by its name. + The object is a directory created in filename@LXCPATH@/filename + and identified by its name. /para para @@ -105,10 +106,10 @@ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA listitem para 'template' is the short name of an existing 'lxc-template' - script that is called by lxc-create. - eg: lxc-busybox, lxc-debian, lxc-fedora, lxc-sshd. - Refer to those exemples in @BINDIR@ - for details of expecting script structure. + script that is called by lxc-create, + eg. busybox, debian, fedora, ubuntu or sshd. + Refer to the examples in filename@LXCTEMPLATEDIR@/filename + for details of the expected script structure. /para /listitem /varlistentry -- 1.6.5 -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [RFC][PATCH][lxc]: unfreeze while stopping
On 06/09/2010 07:29 PM, Sukadev Bhattiprolu wrote: Michel Normand [norm...@fr.ibm.com] wrote: | Le mardi 08 juin 2010 à 19:07 -0700, Sukadev Bhattiprolu a écrit : | I am not too sure, but if user wants to stop a container is there a | reason not to implicitly unfreeze the container and stop ? | | --- | From: Sukadev Bhattiprolusuka...@linux.vnet.ibm.com | Date: Tue, 8 Jun 2010 18:42:00 -0700 | Subject: [PATCH 1/1]: unfreeze while stopping container | | When a container is being stopped, it must also be unfrozen after posting | the SIGKILL. Otherwise if the container is frozen when the SIGKILL is posted, | the SIGKILL will remain pending and the lxc-stop command will block until | lxc-unfreeze is explicitly called). | | For me the lxc-start/lxc-stop and | lxc-freeze/lxc-unfreeze are two sets of commands | that should not be mixed. | | If the container was previously frozen by a lxc-freeze | then the user has to issue a lxc-unfreeze before to issue the lxc-stop. Ok, if that is the design, then we should change the lxc_stop_callback() to send an answer even on success ? Currently on successful stop it expects the socket to close, which will unblock the waiting lxc_stop() caller. But if the container is frozen the lxc_stop() caller waits indefinitely. Its not an issue for the lxc-stop command, but is an issue when lxc-checkpoint calls lxc_stop() (in response to the --kill option). Suka, Can you resend your patch as it is without the RFC prefix and add a note to the man page ? Thanks -- Daniel -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 0/5] Signal stuff v2 and some documentation
Daniel Lezcano daniel.lezc...@free.fr writes: On 06/15/2010 02:13 PM, Ferenc Wagner wrote: Daniel Lezcanodaniel.lezc...@free.fr writes: On 06/10/2010 11:47 PM, Ferenc Wagner wrote: If you provide me with an example (and some description of lxc.console), I can give it some testing and concretize this pure guesswork. lxc-create -n ubuntu -f ~/mynetwork.conf -t ubuntu lxc-start -n ubuntu -s lxc.console=$(tty) -o $(tty) -l DEBUG I'm not there yet, but found something interesting. If lxc-checkconfig reports full green, clone(NEWNS|NEWUTS|NEWIPC|NEWPID|NEWNET) in lxc-start shouldn't fail. Who's wrong here? $ lxc-checkconfig Kernel config /proc/config.gz not found, looking in other places... Found kernel config file /boot/config-2.6.26-2-686 2.6.26 ? Mmmh, You need at least a 2.6.29 for a system container (better to have a 2.6.32). Yeah, it runs with 2.6.32. Btw. what happened in 2.6.29, which made it particularly suitable for running system containers? Bah ! Looks like the lxc-checkconfig is buggy (fix in attachment). With your fix it indeed misses a couple of things: Network namespace: missing Multiple /dev/pts instances: missing Cgroup memory controller: missing Macvlan: missing Thanks for the fix! Now let's see why lxc-start gets suspended when I try to type at the console... Interestingly, it stays in S state until I kill the container. I'm afraid the console functionality (is there any documentation for it?) may make lxc-start unsuitable for pushing into the background. After all, it is an interactive foreground process in that case, a real proxy towards some getty (if I understand this console thingie right). Maybe this should be handled differently to application containers. But then I'm not sure how Ctrl-C and similar should be forwarded to a getty... -- Cheers, Feri. -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 0/2] some cleanup around lxc-create
On 06/15/2010 01:59 PM, Ferenc Wagner wrote: Hi, I had a go against lxc-create trying to debug the console issue. There is still a serious issue: the template scripts use some 'arch' binary, which isn't present on my system. What is that? Why not use 'uname -m' instead? There is no particular reason for the 'arch' command, 'uname -m' should be ok too and maybe preferable. Ferenc Wagner (2): remove misleading copypaste comment correct template directory documentation doc/lxc-create.sgml.in | 11 ++- src/lxc/lxc-create.in |5 - 2 files changed, 6 insertions(+), 10 deletions(-) Thanks for fixing these nasty things. -- Daniel -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 0/5] Signal stuff v2 and some documentation
On 06/15/2010 04:47 PM, Ferenc Wagner wrote: Daniel Lezcanodaniel.lezc...@free.fr writes: On 06/15/2010 02:13 PM, Ferenc Wagner wrote: Daniel Lezcanodaniel.lezc...@free.fr writes: On 06/10/2010 11:47 PM, Ferenc Wagner wrote: If you provide me with an example (and some description of lxc.console), I can give it some testing and concretize this pure guesswork. lxc-create -n ubuntu -f ~/mynetwork.conf -t ubuntu lxc-start -n ubuntu -s lxc.console=$(tty) -o $(tty) -l DEBUG I'm not there yet, but found something interesting. If lxc-checkconfig reports full green, clone(NEWNS|NEWUTS|NEWIPC|NEWPID|NEWNET) in lxc-start shouldn't fail. Who's wrong here? $ lxc-checkconfig Kernel config /proc/config.gz not found, looking in other places... Found kernel config file /boot/config-2.6.26-2-686 2.6.26 ? Mmmh, You need at least a 2.6.29 for a system container (better to have a 2.6.32). Yeah, it runs with 2.6.32. Btw. what happened in 2.6.29, which made it particularly suitable for running system containers? The network virtualization was merged upstream. Bah ! Looks like the lxc-checkconfig is buggy (fix in attachment). With your fix it indeed misses a couple of things: Network namespace: missing Better to have it for a system container, otherwise the guest system will reconfigure your host network :/ Multiple /dev/pts instances: missing Better to have it but not mandatory until you remove the lxc.pts option. Cgroup memory controller: missing Not mandatory. Macvlan: missing Better to have, it is more flexible to configure the network. but not mandatory. Thanks for the fix! Now let's see why lxc-start gets suspended when I try to type at the console... I think it happens exactly what you described in the previous email, that is if a background process tries to read/write to the tty, then a SIGTTIN / SIGTTOU / is sent to it, where the default action is to stop the process. Interestingly, it stays in S state until I kill the container. I'm afraid the console functionality (is there any documentation for it?) may make lxc-start unsuitable for pushing into the background. After all, it is an interactive foreground process in that case, a real proxy towards some getty (if I understand this console thingie right). Maybe this should be handled differently to application containers. But then I'm not sure how Ctrl-C and similar should be forwarded to a getty... argh. yes, chicken-egg problem. -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 0/5] Signal stuff v2 and some documentation
On 06/15/2010 02:13 PM, Ferenc Wagner wrote:
Daniel Lezcanodaniel.lezc...@free.fr writes:
On 06/10/2010 11:47 PM, Ferenc Wagner wrote:
If you provide me with an example (and some description of
lxc.console), I can give it some testing and concretize this pure
guesswork.
lxc-create -n ubuntu -f ~/mynetwork.conf -t ubuntu
lxc-start -n ubuntu -s lxc.console=$(tty) -o $(tty) -l DEBUG
I'm not there yet, but found something interesting. If lxc-checkconfig
reports full green, clone(NEWNS|NEWUTS|NEWIPC|NEWPID|NEWNET) in
lxc-start shouldn't fail. Who's wrong here?
Cheers,
Feri.
$ lxc-checkconfig
Kernel config /proc/config.gz not found, looking in other places...
Found kernel config file /boot/config-2.6.26-2-686
2.6.26 ? Mmmh, You need at least a 2.6.29 for a system container (better
to have a 2.6.32).
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Multiple /dev/pts instances: enabled
--- Control groups ---
Cgroup: enabled
Cgroup namespace: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
File capabilities: enabled
Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig
$ sudo lxc-start -n debian -s lxc.console=$(tty)
lxc-start: failed to clone(0x6c02): Invalid argument
lxc-start: Invalid argument - failed to fork into a new namespace
lxc-start: failed to spawn 'debian'
lxc-start: No such file or directory - failed to remove cgroup '/mnt/debian'
Bah ! Looks like the lxc-checkconfig is buggy (fix in attachment).
---
src/lxc/lxc-checkconfig.in |4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
Index: lxc/src/lxc/lxc-checkconfig.in
===
--- lxc.orig/src/lxc/lxc-checkconfig.in
+++ lxc/src/lxc/lxc-checkconfig.in
@@ -11,8 +11,6 @@ SETCOLOR_NORMAL=echo -en \\033[0;39m
is_set() {
$GREP -q $1=[y|m] $CONFIG
-RES=$?
-
return $?
}
@@ -22,7 +20,7 @@ is_enabled() {
is_set $1
RES=$?
-if [ $RES = 0 ]; then
+if [ $RES -eq 0 ]; then
$SETCOLOR_SUCCESS echo -e enabled $SETCOLOR_NORMAL
else
if [ ! -z $mandatory -a $mandatory = yes ]; then
--
ThinkGeek and WIRED's GeekDad team up for the Ultimate
GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the
lucky parental unit. See the prize list and enter to win:
http://p.sf.net/sfu/thinkgeek-promo___
Lxc-devel mailing list
Lxc-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-devel
Re: [lxc-devel] [PATCH 0/5] Signal stuff v2 and some documentation
Hi, Apologies if this is the wrong list. Interestingly, it stays in S state until I kill the container. I'm afraid the console functionality (is there any documentation for it?) may make lxc-start unsuitable for pushing into the background. After all, it is an interactive foreground process in that case, a real proxy towards some getty (if I understand this console thingie right). Maybe this should be handled differently to application containers. But then I'm not sure how Ctrl-C and similar should be forwarded to a getty... argh. yes, chicken-egg problem. The lxc.console=$(tty) thing was something I was thinking about. There are a couple of things I've noticed and was pondering how to fix; 1) The expectation I have from xen, kvm etc is that you can detach from the console like lxc-console allows. i.e. lxc-start -C -n test behaves like lxc-start -n test ; lxc-console - at the moment you have an interactive foreground process. 2) If you have a getty on the console, when you start without -s lxc.console=$(tty) it puts the system messages and the getty on the host system console. That gets confusing when logging in on a lights out console. Was this what lxcd was for? Should it be that lxc-start always goes into the background, and holds onto the console, which you can connect to via lxcd by specifying a flag to lxc-console? lxc-start -s lxc.console gets replaced by lxc-start -C which is equivalent to lxc-start ; lxc-console Happy to devote some time to fixing this... Andy Andrew Phillips Head of Systems www.lmax.com Office: +44 203 1922509 Mobile: +44 (0)7595 242 900 LMAX | Level 2, Yellow Building | 1 Nicholas Road | London | W11 4AN The information in this e-mail and any attachment is confidential and is intended only for the named recipient(s). The e-mail may not be disclosed or used by any person other than the addressee, nor may it be copied in any way. If you are not a named recipient please notify the sender immediately and delete any copies of this message. Any unauthorized copying, disclosure or distribution of the material in this e-mail is strictly forbidden. Any view or opinions presented are solely those of the author and do not necessarily represent those of the company. -- ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo ___ Lxc-devel mailing list Lxc-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-devel
