Re: [OmniOS-discuss] LX on OmniOS update
> On Aug 26, 2016, at 12:54 PM, Michael Rasmussenwrote: > > On Fri, 26 Aug 2016 11:51:41 -0400 > Dan McDonald wrote: > >> - The "zoneadm -z install" script now can take a "-t " >> argument in lieu of a "-s ZFS-send-stream" argument. Both gzipped and full >> will work. Thanks to Peter Tribble for providing some URLs with tarballs >> that work. And I quote: >> > /usr/lib/brand/lx/lx_install[72]: gtar: not found [No such file or directory] > > Seems you have forgotten a dependency? Thank you! Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX on OmniOS update
On Fri, 26 Aug 2016 11:51:41 -0400 Dan McDonaldwrote: > - The "zoneadm -z install" script now can take a "-t " argument > in lieu of a "-s ZFS-send-stream" argument. Both gzipped and full will work. > Thanks to Peter Tribble for providing some URLs with tarballs that work. > And I quote: > /usr/lib/brand/lx/lx_install[72]: gtar: not found [No such file or directory] Seems you have forgotten a dependency? -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: It may be that your whole purpose in life is simply to serve as a warning to others. pgpayQ3bfb8tp.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Sun, Aug 14, 2016 at 6:27 PM, Dan McDonaldwrote: > > > On Aug 14, 2016, at 1:20 PM, Michael Rasmussen wrote: > > > > - All network configuration can be done outside the zone giving the > > opportunity to hand out LX zones to users with a locked down network > > configuration. > > That's naive. An admin on even a SmartOS zone can invoke: > > /native/sbin/ifconfig > > and wreak havoc. :) > Modulo any ip-spoofing protections in place. > > - Admins can script everything and have total control of LX zones > > Also, by "admins" you mean "global zone admins", right? > It's unfortunate that the lx brand doesn't support shared-ip stacks. I can't see whether there's a fundamental technical reason, but having shared-ip does make it much easier to simply configure everything in the global zone and prevent the zone fiddling with it. The problem with exclusive-ip is that you can't manage it from the global zone at all. If the zone isn't running, you obviously can't do anything, but as soon as the zone is running (or even ready) it steals the interface away so the global zone can do nothing. (Docker networking behaves like traditional shared-ip, from what I can see.) -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Sun, 14 Aug 2016, Dan McDonald wrote: On Aug 14, 2016, at 2:24 PM, wo...@4amlunch.net wrote: Also, regarding not being able to use Linux networking tools to configure things Is there a way we can pre-pend a "magic" $PATH entry that can't be removed that has all the tools (iptables, ifconfig, etc) that just print out messages about those things don't work here and use $foo instead? That's an interesting question. I wonder how the people who already use LX on SmartOS cope with this? The problem is that there are many networking oriented programs which do use the interfaces which are not supported. Blocking access to command-line utilities does not prevent software from attempting to use the facilities at an API level. Bob -- Bob Friesenhahn bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer,http://www.GraphicsMagick.org/ ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
> On Aug 14, 2016, at 2:24 PM, wo...@4amlunch.net wrote: > > Also, regarding not being able to use Linux networking tools to configure > things Is there a way we can pre-pend a "magic" $PATH entry that can't be > removed that has all the tools (iptables, ifconfig, etc) that just print out > messages about those things don't work here and use $foo instead? That's an interesting question. I wonder how the people who already use LX on SmartOS cope with this? Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
> >> Approach 2) >> - This way favors in-house or friendly environment usecases where >> distributed responsibility is desired. >> - Greater flexibility for LX zone users > > > I see where you're going. "Doing both" requires double the work, but you do > make an interesting case for it. My only concern is collisions. If things are set in both places who wins? That needs to be very well defined or debugging things could be a real pain. :) Also, regarding not being able to use Linux networking tools to configure things Is there a way we can pre-pend a "magic" $PATH entry that can't be removed that has all the tools (iptables, ifconfig, etc) that just print out messages about those things don't work here and use $foo instead? -brian ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
> On Aug 14, 2016, at 1:20 PM, Michael Rasmussenwrote: > > On Sun, 14 Aug 2016 12:48:36 -0400 > Dan McDonald wrote: > >> >> I see pros & cons of both approaches. I'm visiting OmniTI HQ in a week to, >> among other things, bounce ideas around with OmniTI folks - since they are >> also my customers. Feel free to speak up here if you have opinions as well. >> > I vote for a combination of both approaches for the following main > reasons: > > Approach 1) > - All network configuration can be done outside the zone giving the > opportunity to hand out LX zones to users with a locked down network > configuration. That's naive. An admin on even a SmartOS zone can invoke: /native/sbin/ifconfig and wreak havoc. :) > - Admins can script everything and have total control of LX zones Also, by "admins" you mean "global zone admins", right? > Approach 2) > - This way favors in-house or friendly environment usecases where > distributed responsibility is desired. > - Greater flexibility for LX zone users I see where you're going. "Doing both" requires double the work, but you do make an interesting case for it. Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Sun, 14 Aug 2016 12:48:36 -0400 Dan McDonaldwrote: > > I see pros & cons of both approaches. I'm visiting OmniTI HQ in a week to, > among other things, bounce ideas around with OmniTI folks - since they are > also my customers. Feel free to speak up here if you have opinions as well. > I vote for a combination of both approaches for the following main reasons: Approach 1) - All network configuration can be done outside the zone giving the opportunity to hand out LX zones to users with a locked down network configuration. - Admins can script everything and have total control of LX zones Approach 2) - This way favors in-house or friendly environment usecases where distributed responsibility is desired. - Greater flexibility for LX zone users -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: I'm not going to say, "I told you so." This mail was virus scanned and spam checked before delivery. This mail is also DKIM signed. See header dkim-signature. ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
In general, and I will have to make this EVEN CLEARER -- LX zones' networking is controlled by tools in /native. No iptables... I'm surprised the linux-native ifconfig(8) works, but that's likely due to some legacy ioctl support that's already in the LX brand kernel code. One open design question in LX for OmniOS is how to address the networking configuration problem? I see two ways: 1.) Adopt the Joyent way of having some networking parameters in zonecfg(1M) attributes and having zoneadmd or the boot scripts act on these. The vmadm(1M) of SmartOS works like this once you get to where it meets existing illumos zone utilities. 2.) Further modify the native networking tools to store their between-boots state in a place, for example, "/etc/native", that allows persistent actions of /native/ utilities like they'd behave for an illumos-native zone (ipkg, lipkg in OmniOS). Right now, you can't ipadm(1M) an interface's address permanently on an LX zone because /etc/inet isn't around. I see pros & cons of both approaches. I'm visiting OmniTI HQ in a week to, among other things, bounce ideas around with OmniTI folks - since they are also my customers. Feel free to speak up here if you have opinions as well. Thanks, Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
12 августа 2016 г. 19:14:29 CEST, Dan McDonaldпишет: >Basically, you need to delegate the highres_clock permission to the >zone. Look for "proc_clock_highres" in your >/usr/lib/brand/lx/config.xml file. If it's not there, add the line per >the commit I indicated. > >Dan Thanks for thoroughly nudging me - indeed, the privilege was not yet packaged, it seems ;) So there are new random notes to report ;) Now a lot more services of our Debian 8-based OS image have started, with notable exceptions being networking and a few services like our webserver whose unit instantly failed with '226/NAMESPACE' (that diagnosis includes 'systemd-networkd.service' and 'systemd-resolved.service' too). I'd guess randomly there is some messup with slices or cgroups, but at least a few services report they belong to a 'system.slice' so at least one works ;) Part of networking problems may be failure to start iptables. Our units are tweaked to ignore errors at this step, by default this may be fatal. The ifplugd service says that '...start lo0 (or eth0, or lx0 - whatever - //Jim)...select() failed while waiting for return value: Invalid argument' The 'systemd-setup-dgram-qlen.service' apparently fails to use 'sysctl -w net.unix.max_dgram_qlen=512' and dies. Like yesterday (forgot to write though), pasting copied text to system console (login after 'zlogin -C') does not work - it only gets the first character from the buffer, and quick typing also loses some chars (didn't hit that one yesterday, annoys a lot today), but console from 'zlogin' is okay in this regard. Dmesg and journals for many services are still AWOL. Some networked services respond on a localhost (e.g. ssh - i can even log in), but our stack that tries using a local MQ bus (on IPC protocol for local speediness, bypassing TCP\IP stack) fails. Maybe i'd try to debug/truss/dtrace that next week, might uncover issues in the project :-D At least error-logging already seems lacking in some of our places ;) An rsyslog daemon has started this time, so I can see that e.g. PAM complains it can not find kernel RLIMIT for nice, rtprio and UNKNOWN, so it falls back to defaults. Thanks a lot for doing this, Jim -- Typos courtesy of K-9 Mail on my Samsung Android ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
12 августа 2016 г. 20:06:41 CEST, Michael Rasmussenпишет: >On Fri, 12 Aug 2016 17:32:02 +0200 >Jim Klimov wrote: > >> >> Michael, thanks for posting the script. There was a typo to fix >(un-tarring goes into ZONEPATH not ZONEPATH_DS, and a 'gtar' worked >better for my tarball). >> >Where in the code below do you see a ZONEPATH which should be replaced >with ZONEPATH_DS? > >elif [[ $type == "tgz" ]]; then >mkdir $ZONEPATH_DS/root >chmod 755 $ZONEPATH_DS/root >tar -xzf $TAR_SEED -C $ZONEPATH_DS/root >RESULT=$? >MSG="TAR command failed" > >> >> The systemd startup reported failures of mounting /tmp (not >permitted). Kernel device manager (udevd) also failed (maybe because it >can't create /dev/xconsole fifo - 'not implemented'). And Load/Save >random seed (/dev/urandom - permission denied). Also says something >about 'Failed to attach new connection bus to event loop: Operation not >permitted' many times. >> >> Network automatic setup failed, but subsequent manual ifconfig was ok >(I can curl to a server in this LAN segment). >> >> Logging does not work (no dmesg, no journalctl for failed services, >although there are some lines in common `journalctl -l`). >> >> A mysql (mariadb) server has started and initialized its database ;) >Its consumers, even scripted ones (a schema uploader/verifier), did >not. Many units report that they failed to run their 'start' tasks with >'Operation not permitted' (maybe passed up from bus-connection >attempts). >> >> Requesting `systemctl status` or `systemctl restart` of services >fails (Connection reset by peer). Not sure what it connects to - in our >project OS image there is no D-Bus, so in true Linux a simple user can >not use systemd tools, but for a root (or via sudo) there were no >issues using it. >> >> Login works both on system console (from zlogin -C) and from GZ >(simply zlogin). `poweroff` from inside guest zone sends a message that >it will go down, and does nothing. `zoneadm halt` from GZ works. >> >> Setting kernel version in zone attrs to '3.18.0' did not seem to >break nor fix anything, but the value is seen in `uname -a`. >> >I see no of the above errors using my tarballs which is of no surprise >since my tarballs does not use systemd;-) Michael, here it is about the opposite: you untar into a '/root/' under ZONEPATH (mountpoint directory), not into ZONEPATH_DS which is the dataset target for zfs receive. It might have worked for you by coincidence if the zones were on another pool mounted into the root directory by its name, say a 'zones' pool imported+mounted into /zones directory. Thanks for the script though :-) Jim -- Typos courtesy of K-9 Mail on my Samsung Android ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Fri, 12 Aug 2016 17:32:02 +0200 Jim Klimovwrote: > > Michael, thanks for posting the script. There was a typo to fix (un-tarring > goes into ZONEPATH not ZONEPATH_DS, and a 'gtar' worked better for my > tarball). > Where in the code below do you see a ZONEPATH which should be replaced with ZONEPATH_DS? elif [[ $type == "tgz" ]]; then mkdir $ZONEPATH_DS/root chmod 755 $ZONEPATH_DS/root tar -xzf $TAR_SEED -C $ZONEPATH_DS/root RESULT=$? MSG="TAR command failed" > > The systemd startup reported failures of mounting /tmp (not permitted). > Kernel device manager (udevd) also failed (maybe because it can't create > /dev/xconsole fifo - 'not implemented'). And Load/Save random seed > (/dev/urandom - permission denied). Also says something about 'Failed to > attach new connection bus to event loop: Operation not permitted' many times. > > Network automatic setup failed, but subsequent manual ifconfig was ok (I can > curl to a server in this LAN segment). > > Logging does not work (no dmesg, no journalctl for failed services, although > there are some lines in common `journalctl -l`). > > A mysql (mariadb) server has started and initialized its database ;) Its > consumers, even scripted ones (a schema uploader/verifier), did not. Many > units report that they failed to run their 'start' tasks with 'Operation not > permitted' (maybe passed up from bus-connection attempts). > > Requesting `systemctl status` or `systemctl restart` of services fails > (Connection reset by peer). Not sure what it connects to - in our project OS > image there is no D-Bus, so in true Linux a simple user can not use systemd > tools, but for a root (or via sudo) there were no issues using it. > > Login works both on system console (from zlogin -C) and from GZ (simply > zlogin). `poweroff` from inside guest zone sends a message that it will go > down, and does nothing. `zoneadm halt` from GZ works. > > Setting kernel version in zone attrs to '3.18.0' did not seem to break nor > fix anything, but the value is seen in `uname -a`. > I see no of the above errors using my tarballs which is of no surprise since my tarballs does not use systemd;-) -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: A new chef from India was fired a week after starting the job. He kept favoring curry. pgpFvgVSY7ziW.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Basically, you need to delegate the highres_clock permission to the zone. Look for "proc_clock_highres" in your /usr/lib/brand/lx/config.xml file. If it's not there, add the line per the commit I indicated. Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
12 августа 2016 г. 17:46:29 CEST, Dan McDonaldпишет: >Also, do you have this fix in place? > >commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575 >Author: Dan McDonald >Date: Mon Aug 8 17:17:31 2016 -0400 > >systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres >privileges > > >Dan I can only guess :-) I installed the LX publisher as 'omnios' into another BE, ran `pkg update` and `pkg install brand/lx` there, all today. So if you have this patch built and published - should be here :-) Also, FWIW, our images are not Dockers to the best of my knowledge (i confess i didn't well "get" docker and why it is needed when containers and zones are around already). At least, we had a target, recipe and custom scripts to build docker, and dropped them to simplify the project. These OS images we have are just alternate roots with preinstalled packages, tarred on a buildhost and untarred into a location of preconfigured LXC container on a workstation or other deployment, and we run 'virsh start containername' to instantiate it. Or even just 'chroot' into them while developing. Jim -- Typos courtesy of K-9 Mail on my Samsung Android ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Also, do you have this fix in place? commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575 Author: Dan McDonaldDate: Mon Aug 8 17:17:31 2016 -0400 systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres privileges Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
For relative-progress testing, make sure you compare your docker tarballs against a Joyent image of the same release. At least some of the boot errors are both in SmartOS boots of Joyent images (which they support and are at least okay enough with to support), and with the OmniOS version. This is all still a long way off from being ready for prime time. I'm doing a lot of code-cleanup (some of which I hope to give to Joyent) so I can place LX support into the mainline "master" branch of illumos-omnios in time for r151020. I appreciate hearing about these experiments, even if I can't act upon them all immediately. I like the idea of having some other flag for "zoneadm install" to eat docker tarballs. Thanks! Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
10 августа 2016 г. 1:20:19 CEST, Michael Rasmussenпишет: >On Wed, 10 Aug 2016 00:11:39 +0200 >Michael Rasmussen wrote: > >> I have taken the liberty to extend your script to handle gzipped >> tarballs of a root filesystem using the argument -t. With the stuff I >> have added I was able to use the script to install a lxc prepared >> tarball of Debian stable with your install script;-) >> >By the way. Linux LXC prepared tarballs can be downloaded here: >http://download.proxmox.com/images/system/ > >The one I used is this one: >http://download.proxmox.com/images/system/debian-8.0-standard_8.0-1_amd64.tar.gz Michael, thanks for posting the script. There was a typo to fix (un-tarring goes into ZONEPATH not ZONEPATH_DS, and a 'gtar' worked better for my tarball). One Linux-based project I work with builds OS images into Debian 8 tarballs that can run as the rootfs of an LXC container or via chroot, either way without a kernel of its own. It seemed natural to try it out as a zone :-) The systemd startup reported failures of mounting /tmp (not permitted). Kernel device manager (udevd) also failed (maybe because it can't create /dev/xconsole fifo - 'not implemented'). And Load/Save random seed (/dev/urandom - permission denied). Also says something about 'Failed to attach new connection bus to event loop: Operation not permitted' many times. Network automatic setup failed, but subsequent manual ifconfig was ok (I can curl to a server in this LAN segment). Logging does not work (no dmesg, no journalctl for failed services, although there are some lines in common `journalctl -l`). A mysql (mariadb) server has started and initialized its database ;) Its consumers, even scripted ones (a schema uploader/verifier), did not. Many units report that they failed to run their 'start' tasks with 'Operation not permitted' (maybe passed up from bus-connection attempts). Requesting `systemctl status` or `systemctl restart` of services fails (Connection reset by peer). Not sure what it connects to - in our project OS image there is no D-Bus, so in true Linux a simple user can not use systemd tools, but for a root (or via sudo) there were no issues using it. Login works both on system console (from zlogin -C) and from GZ (simply zlogin). `poweroff` from inside guest zone sends a message that it will go down, and does nothing. `zoneadm halt` from GZ works. Setting kernel version in zone attrs to '3.18.0' did not seem to break nor fix anything, but the value is seen in `uname -a`. Hope these ramblings help, Jim Klimov -- Typos courtesy of K-9 Mail on my Samsung Android ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
If I do anything like this, I will likely follow the SmartOS lead and use zonecfg(1M) properties to feed desired IP configurations into the zone's properties, which can then be handled by boot scripts, install scripts, or even lxinit or zoneadmd binaries. Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Hi Dan, On Tue, 9 Aug 2016 18:49:20 -0400 Dan McDonaldwrote: > Can't use Linux network configuration. Use /native/sbin/ipadm and > /native/sbin/route. (You will also need to add those to some sort of boot > script in-zone for now.) > > /native/sbin/ipadm create-addr -t -T static -a / lx0/v4 > Been thinking about this and I have a suggestion. 1) The lx_install script could be extended with an option to specify guest OS 2) A number of prepared templates for each supported guest OS is created 3) According to the specified guest OS, given it is supported, the matching template is used to tailor a boot script in the top zone folder with the needed configuration for network, route, and resolv.conf 4) When the command to boot the zone is called prior to booting the zone this boot script is read to populate network, route, and resolv.conf in the guest OS. This can later be extended to other guest OS specific configuration The top zone folder will look like this: lx_zone--- | --- dev (folder) | --- root (folder) | --- boot.ini -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: To fear love is to fear life, and those who fear life are already three parts dead. -- Bertrand Russell pgpkpCbocO1h4.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Tue, 9 Aug 2016, Dan McDonald wrote: Can't use Linux network configuration. Use /native/sbin/ipadm and /native/sbin/route. (You will also need to add those to some sort of boot script in-zone for now.) I think that any program using netlink and rtnetlink sockets (similar in operation to routing sockets) (http://man7.org/linux/man-pages/man7/netlink.7.html, http://man7.org/linux/man-pages/man7/rtnetlink.7.html) will not work whereas some deprecated ioctls may work. This is problematic since Linux programs configuring or querying network topology/configuration are supposed to use netlink now and ioctls are deprecated. The Linux 'ip' command uses netlink whereas legacy 'ifconfig' may be using ioctls. Illumos could provide an emulation of netlink sockets, but of course this would be a lot of work. Bob -- Bob Friesenhahn bfrie...@simple.dallas.tx.us, http://www.simplesystems.org/users/bfriesen/ GraphicsMagick Maintainer,http://www.GraphicsMagick.org/ ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
> On Aug 10, 2016, at 1:35 PM, Bob Friesenhahn> wrote: > > Illumos could provide an emulation of netlink sockets, but of course this > would be a lot of work. Oh gawd don't go there. Please. >From the lead author of PF_KEYv2, Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Yeah - there's no "native apps storage" in LX zones currently. SmartOS gets around this by their zonecfg properties (set by vmadm) and runtime code. I'm not 100% sure how to solve this problem myself. I don't want to unravel the entire SmartOS sweater. Dan Sent from my iPhone (typos, autocorrect, and all) > On Aug 9, 2016, at 7:08 PM, Michael Rasmussenwrote: > > On Tue, 9 Aug 2016 18:49:20 -0400 > Dan McDonald wrote: > >> Can't use Linux network configuration. Use /native/sbin/ipadm and >> /native/sbin/route. (You will also need to add those to some sort of boot >> script in-zone for now.) >> >>/native/sbin/ipadm create-addr -t -T static -a / lx0/v4 >> >> Dan > This works. However trying to persist default gateway fails? > # /native/sbin/route -p add default 10.0.3.254 > add net default: gateway 10.0.3.254 > route: failed to open route file: No such file or directory > > > -- > Hilsen/Regards > Michael Rasmussen > > Get my public GnuPG keys: > michael rasmussen cc > http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E > mir datanom net > http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C > mir miras org > http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 > -- > /usr/games/fortune -es says: > But you'll notice Perl has a goto. >-- Larry Wall in <199710211624.jaa17...@wall.org> > ___ > OmniOS-discuss mailing list > OmniOS-discuss@lists.omniti.com > http://lists.omniti.com/mailman/listinfo/omnios-discuss ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Wed, 10 Aug 2016 00:11:39 +0200 Michael Rasmussenwrote: > I have taken the liberty to extend your script to handle gzipped > tarballs of a root filesystem using the argument -t. With the stuff I > have added I was able to use the script to install a lxc prepared > tarball of Debian stable with your install script;-) > By the way. Linux LXC prepared tarballs can be downloaded here: http://download.proxmox.com/images/system/ The one I used is this one: http://download.proxmox.com/images/system/debian-8.0-standard_8.0-1_amd64.tar.gz -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: That's the funniest thing I've ever heard and I will _not_ condone it. -- DyerMaker, 17 March 2000 MegaPhone radio show pgpNVDOfW4d_o.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Tue, 9 Aug 2016 18:49:20 -0400 Dan McDonaldwrote: > Can't use Linux network configuration. Use /native/sbin/ipadm and > /native/sbin/route. (You will also need to add those to some sort of boot > script in-zone for now.) > > /native/sbin/ipadm create-addr -t -T static -a / lx0/v4 > > Dan > This works. However trying to persist default gateway fails? # /native/sbin/route -p add default 10.0.3.254 add net default: gateway 10.0.3.254 route: failed to open route file: No such file or directory -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: But you'll notice Perl has a goto. -- Larry Wall in <199710211624.jaa17...@wall.org> pgp7pj1dI5pRJ.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Tue, 9 Aug 2016 18:49:20 -0400 Dan McDonaldwrote: > Can't use Linux network configuration. Use /native/sbin/ipadm and > /native/sbin/route. (You will also need to add those to some sort of boot > script in-zone for now.) > > /native/sbin/ipadm create-addr -t -T static -a / lx0/v4 > > Dan > But using the deprecated way works? root@localhost:~# ifconfig lx0 10.0.3.130 netmask 255.255.255.0 up root@localhost:~# ifconfig loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MULTICAST MTU:8232 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) lx0 Link encap:Ethernet HWaddr 02:08:20:76:8f:0c inet addr:10.0.3.130 Bcast:10.255.255.255 Mask:255.255.255.0 inet6 addr: fe80::8:20ff:fe76:8f0c/10 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:250 errors:0 dropped:0 overruns:0 frame:0 TX packets:88 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:39243 (38.3 KiB) TX bytes:8836 (8.6 KiB) Ping Omnios # ping 10.0.3.20 PING 10.0.3.20 (10.0.3.20) 56(84) bytes of data. 64 bytes from 10.0.3.20: icmp_seq=1 ttl=255 time=0.178 ms 64 bytes from 10.0.3.20: icmp_seq=2 ttl=255 time=0.083 ms but I cannot configure default route? # ping -c 3 8.8.8.8 connect: Network is unreachable root@localhost:~# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 10.0.3.00.0.0.0 255.255.255.0 U 0 00 lx0 root@localhost:~# route add default gw 10.0.3.254 lx0 SIOCADDRT: Operation not supported root@localhost:~# ip route add 10.0.3.254/24 dev lx0 RTNETLINK answers: Unknown error -122 root@localhost:~# ip route add 10.0.3.0/24 via 10.0.3.254 RTNETLINK answers: Unknown error -122 -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: Referring to a book: I read part of it all the way through. -- Samuel Goldwyn pgpj976cfI440.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Can't use Linux network configuration. Use /native/sbin/ipadm and /native/sbin/route. (You will also need to add those to some sort of boot script in-zone for now.) /native/sbin/ipadm create-addr -t -T static -a / lx0/v4 Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Wed, 10 Aug 2016 00:11:39 +0200 Michael Rasmussenwrote: > Hi Dan, > > On Tue, 9 Aug 2016 16:08:11 -0400 > Dan McDonald wrote: > > > Look in the script /usr/lib/brand/lx/lx_install to see what I mean. > > > Nice. > > I have taken the liberty to extend your script to handle gzipped > tarballs of a root filesystem using the argument -t. With the stuff I > have added I was able to use the script to install a lxc prepared > tarball of Debian stable with your install script;-) > Seems to be problems with netconfig: root@localhost:~# ip a show lx0 2: lx0: mtu 1500 qlen 1 link/ether 02:08:20:76:8f:0c inet 0.0.0.0/0 scope global dynamic inet6 fe80::8:20ff:fe76:8f0c/10 scope link dynamic root@localhost:~# ip a add 10.0.3.200/255.255.255.0 dev lx0 RTNETLINK answers: Unknown error -122 # cat /etc/network/interfaces # AUTOMATIC ZONE CONFIG iface lo inet manual iface lx0 inet manual # dladm show-vnic LINK OVER SPEED MACADDRESSMACADDRTYPE VID lx0 vioif0 1000 2:8:20:76:8f:crandom 0 # zonecfg -z lx0 info zonename: lx0 zonepath: /rpool/zones/debian brand: lx autoboot: false bootargs: pool: limitpriv: scheduling-class: ip-type: exclusive hostid: fs-allowed: net: address not specified allowed-address not specified physical: lx0 defrouter not specified attr: name: kernel-version type: string value: 3.16.0 -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: Macho does not prove mucho. -- Zsa Zsa Gabor pgp0YuqeP9LpD.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Hi Dan, On Tue, 9 Aug 2016 16:08:11 -0400 Dan McDonaldwrote: > Look in the script /usr/lib/brand/lx/lx_install to see what I mean. > Nice. I have taken the liberty to extend your script to handle gzipped tarballs of a root filesystem using the argument -t. With the stuff I have added I was able to use the script to install a lxc prepared tarball of Debian stable with your install script;-) root@localhost:~# uname -a Linux localhost 3.16.0 BrandZ virtual linux x86_64 GNU/Linux root@localhost:~# ls -l / total 33 drwxr-xr-x 2 root root 108 Jun 30 2015 bin drwxr-xr-x 2 root root2 May 4 2015 boot drwxr-xr-x 62 root sys12 Aug 9 21:58 dev drwxr-xr-x 69 root root 151 Aug 9 21:58 etc drwxr-xr-x 2 root root2 May 4 2015 home drwxr-xr-x 12 root root 23 Jun 30 2015 lib drwxr-xr-x 2 root root3 Jun 30 2015 lib64 drwxr-xr-x 2 root root2 Jun 30 2015 media drwxr-xr-x 2 root root2 Jun 30 2015 mnt drwxr-xr-x 9 root root9 Aug 9 21:58 native drwxr-xr-x 2 root root2 Jun 30 2015 opt dr-xr-xr-x 95 root root 1520 Aug 9 21:58 proc drwx-- 2 root root4 Jun 30 2015 root drwxr-xr-x 9 root root 1355 Aug 9 21:58 run drwxr-xr-x 2 root root 109 Jun 30 2015 sbin drwxr-xr-x 2 root root2 Jun 30 2015 srv dr-xr-xr-x 1 root root0 Aug 9 21:58 sys drwxr-xr-x 4 root root4 Aug 9 21:58 system drwxrwxrwt 4 root root4 Aug 9 21:58 tmp drwxr-xr-x 10 root root 10 Jun 30 2015 usr drwxr-xr-x 12 root root 14 Aug 9 21:58 var I have simply added in the installed script so no diff (Sorry, bad move but I got exited ;-) # cat /usr/lib/brand/lx/lx_install #!/bin/ksh -p # # This file and its contents are supplied under the terms of the # Common Development and Distribution License ("CDDL"), version 1.0. # You may only use this file in accordance with the terms of version # 1.0 of the CDDL. # # A full copy of the text of the CDDL should have accompanied this # source. A copy of the CDDL is also available via the Internet at # http://www.illumos.org/license/CDDL. # # Copyright 2016 Joyent, Inc. All rights reserved. # Copyright 2016 OmniTI Computer Consulting, Inc. All rights reserved. # PATH=/bin:/usr/bin:/usr/sbin export PATH . /usr/lib/brand/shared/common.ksh ZFS_SEED="" TAR_SEED="" bad_usage() { echo "LX zone install bad option" echo "Available options are:" echo " -s Path to ZFS send stream or gzip thereof" echo " -t Path to gzipped tarball of root" exit $ZONE_SUBPROC_USAGE } while getopts "R:s:t:z:" opt do case "$opt" in R) ZONEPATH="$OPTARG";; z) ZONENAME="$OPTARG";; s) ZFS_SEED="$OPTARG";; t) TAR_SEED="$OPTARG";; *) bad_usage ;; esac done shift OPTIND-1 if [[ $ZFS_SEED == "" && $TAR_SEED == "" ]]; then echo "The -s or -t " echo "argument is required for LX installation." bad_usage fi # Set the ZONEPATH_DS variable so we know the zone's dataset. get_zonepath_ds $ZONEPATH # Do something based on whatever ZFS_SEED is. if [[ -n $ZFS_SEED ]]; then if [[! -f $ZFS_SEED ]]; then echo "Seed file $ZFS_SEED not found." # XXX KEBE SAYS maybe we can eat a snapshot name here, or even a # Joyent-style UUID for direct snagging from Joyent's image # servers. bad_usage fi type=`file -b $ZFS_SEED | awk '{print $1}'` elif [[ -n $TAR_SEED ]]; then if [[ ! -f $TAR_SEED ]]; then echo "Seed file $TAR_SEED not found." bad_usage fi type=tgz fi # For now, we are dependent on the output of file(1). # I'm being cheesy in checking the first word of file(1)'s output. if [[ $type == "ZFS" ]]; then zfs recv -F $ZONEPATH_DS < $ZFS_SEED RESULT=$? MSG="ZFS receive command failed" elif [[ $type == "gzip" ]]; then gunzip -c $ZFS_SEED | zfs recv -F $ZONEPATH_DS RESULT=$? MSG="ZFS receive command failed" elif [[ $type == "tgz" ]]; then mkdir $ZONEPATH_DS/root chmod 755 $ZONEPATH_DS/root tar -xzf $TAR_SEED -C $ZONEPATH_DS/root RESULT=$? MSG="TAR command failed" else echo "Seed file $ZFS_SEED not a ZFS receive (or compressed) one." bad_usage fi if [[ $RESULT != 0 ]]; then echo "$MSG ($RESULT)." exit $ZONE_SUBPROC_FATAL fi # One Joyent-ism we need to clean up. if [[ -d $ZONEPATH/cores ]]; then rmdir $ZONEPATH/cores fi exit 0 -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: What does it mean if there is no fortune for you? pgpUHdgyrpcz0.pgp Description: OpenPGP digital signature
Re: [OmniOS-discuss] LX for OmniOS update
On Tue, 9 Aug 2016 13:45:03 -0400 Dan McDonaldwrote: > Is this a regression? Or it never worked? If the former, when was the last > media to work? If the latter, we should fix caiman or the .xml files we use > to feed it. > Not a regression but since this has been a issue for years I thought some how that this would have been fixed by now. -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: I've run DOOM more in the last few days than I have the last few months. I just love debugging ;-) (Linus Torvalds) pgpipaFN5NkE4.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
> On Aug 9, 2016, at 4:01 PM, Michael Rasmussenwrote: > > On Tue, 9 Aug 2016 20:54:01 +0100 > Peter Tribble wrote: > >> >> All I did was replace the zfs bit in lx_install with >> > What 'zfs bit in lx_install' do you refer to? Look in the script /usr/lib/brand/lx/lx_install to see what I mean. Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
On Tue, 9 Aug 2016 20:54:01 +0100 Peter Tribblewrote: > > All I did was replace the zfs bit in lx_install with > What 'zfs bit in lx_install' do you refer to? I would like to test a prebuild Debian tar.gz for LXC on Linux. -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: He hated being thought of as one of those people that wore stupid ornamental armour. It was gilt by association. -- Terry Pratchett, "Night Watch" pgpUb6xTYIdwn.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
> On Aug 9, 2016, at 3:37 PM, Peter Tribblewrote: > > Dan, > > On Tue, Aug 9, 2016 at 3:20 PM, Dan McDonald wrote: > Not yet. Recommended course is to install bloody, then switch publishers to > the one I mentioned earlier. There are some fixes for systemd images not on > the publisher yet. > > Please read the README for io-lx for details on Installing an LX zone: > > https://github.com/danmcd/io-lx-public/blob/master/README > > Neat. I tried it once the official way (using joyent images), then reworked > it to use images from docker export (which generates simple tarballs). > > This is the base Alpine docker image: > > lx0:/# uname -a > Linux lx0 4.4.15 BrandZ virtual linux x86_64 Linux Oh cool! I used an Alpine from Joyent early on. Tell me, would you like "zoneadm -z lx0 install -s " to work as well? I don't think it does currently, but it should. Thanks, Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Dan, On Tue, Aug 9, 2016 at 3:20 PM, Dan McDonaldwrote: > Not yet. Recommended course is to install bloody, then switch publishers > to the one I mentioned earlier. There are some fixes for systemd images > not on the publisher yet. > > Please read the README for io-lx for details on Installing an LX zone: > > https://github.com/danmcd/io-lx-public/blob/master/README > Neat. I tried it once the official way (using joyent images), then reworked it to use images from docker export (which generates simple tarballs). This is the base Alpine docker image: lx0:/# uname -a Linux lx0 4.4.15 BrandZ virtual linux x86_64 Linux -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
> On Aug 9, 2016, at 12:03 PM, Michael Rasmussenwrote: > > Hi Dan, > > On Tue, 9 Aug 2016 10:16:24 -0400 > Dan McDonald wrote: > >> Oh yes. All of my LX zone testing thus far has been on VMware fusion VMs on >> my laptop. >> > Latest Omnios Bloody does not install on virtio-blk - installer cannot > detect disk. Is this a regression? Or it never worked? If the former, when was the last media to work? If the latter, we should fix caiman or the .xml files we use to feed it. Dan ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Hi Dan, On Tue, 9 Aug 2016 10:16:24 -0400 Dan McDonaldwrote: > Oh yes. All of my LX zone testing thus far has been on VMware fusion VMs on > my laptop. > Latest Omnios Bloody does not install on virtio-blk - installer cannot detect disk. -- Hilsen/Regards Michael Rasmussen Get my public GnuPG keys: michael rasmussen cc http://pgp.mit.edu:11371/pks/lookup?op=get=0xD3C9A00E mir datanom net http://pgp.mit.edu:11371/pks/lookup?op=get=0xE501F51C mir miras org http://pgp.mit.edu:11371/pks/lookup?op=get=0xE3E80917 -- /usr/games/fortune -es says: Licensed and bonded. pgpbWmFFnnf8M.pgp Description: OpenPGP digital signature ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Hi Dan, "Stephan Budach"írta 2016-08-09 15:00-kor: > I'd love to be able to actually spend any time on this, but my workload > doesn't allow it??? I hope to get into this at the end of september. > Don't give up on it, please??? ;) +1 The same case here. I tried it the first time, you mentioned this on the list. Al-something worked. Then I had no more time to deal with that. I changed country a month ago. Most of my stuff is still at my "from" country. I have now only my old laptop from '11, with an ubuntu 12.04, so I could try your improvements on that, in a virtualbox. My omnios nas is still at the "from" country, so I do not even have space for backup data from my laptop, (and wipe that old over-hacked ubuntu, so finally I could replace it with a more recent something.) So, please keep up the good work! As soon as the things calm down around me, I plan to test, even contribute my ideas around the installation of an lx zones. eg.: one of my ideas was, to improve the zone installer part, and instead of wrapping out prepared zfs dataset tin, we can use some more generic, like debootstrapping debian-ish (eg.: ubuntu) systems. There is also a debootstrap-like tool for rpm-based systems, but I do not remember the name of it from the top of my head. At least, my opinion is that, if we create an installation method onec than it needs minimal maintenance later for supporting newer debian/ubuntu versions. Cheers, Gyu ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Not yet. Recommended course is to install bloody, then switch publishers to the one I mentioned earlier. There are some fixes for systemd images not on the publisher yet. Please read the README for io-lx for details on Installing an LX zone: https://github.com/danmcd/io-lx-public/blob/master/README Dan Sent from my iPhone (typos, autocorrect, and all) > On Aug 9, 2016, at 4:05 AM, Peter Tribblewrote: > > Dan, > >> I've not heard from anyone, so I'm going to assume nobody has played with LX >> zones on OmniOS yet. > > Is there an ISO image to play with? > > -- > -Peter Tribble > http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Oh yes. All of my LX zone testing thus far has been on VMware fusion VMs on my laptop. Dan Sent from my iPhone (typos, autocorrect, and all) > On Aug 9, 2016, at 12:01 AM, Tobi Oetikerwrote: > > hi dan > > great news ... a question ... for testing this, a vm would be fine, right? > > cheers > tobi > > Tobias Oetiker > t...@oetiker.ch > 062 775 9902 > >> On 09.08.2016, at 00:21, Dan McDonald wrote: >> >> I just pushed two commits to io-lx-public: >> >> commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575 >> Author: Dan McDonald >> Date: Mon Aug 8 17:17:31 2016 -0400 >> >> systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres >> privileges >> >> commit 179ef6d69f69f2c5fb540fecf8cc3707168fb76f >> Author: Dan McDonald >> Date: Thu Aug 4 10:47:33 2016 -0400 >> >> libdladm needs to be a bit more LX-aware >> >> >> The most recent has allowed me to boot Ubuntu 16 *AND* CentOS 7.2 on an >> OmniOS-hosted LX zone. >> >> I'll be merging with Joyent's stuff again relatively soon and preparing to >> spin both a non-LX bloody update and an accompanying LX update on our LX >> publisher: >> >> http://pkg.omniti.com/omnios/LX/ >> >> I've not heard from anyone, so I'm going to assume nobody has played with LX >> zones on OmniOS yet. It's still "alpha/beta"-y IMHO, but I really could use >> the feedback, especially from people with more Linux experience than me. (I >> *rarely* have used UNIX variants outside of MacOS X and Solarish ones for >> the past 20 years, and most of those exceptions were for IPsec >> interoperability testing back when I was at Sun.) >> >> We're contemplating including "LX Beta" in OmniOS r151020, as preparation >> for r151022 (i.e. the Next LTS release) to include LX zones. Your feedback >> should be invaluable in helping us guide things in. >> >> Thanks, >> Dan >> >> ___ >> OmniOS-discuss mailing list >> OmniOS-discuss@lists.omniti.com >> http://lists.omniti.com/mailman/listinfo/omnios-discuss > ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Hi Dan, I'd love to be able to actually spend any time on this, but my workload doesn't allow it… I hope to get into this at the end of september. Don't give up on it, please… ;) Cheers, Stephan Am 09.08.16 um 10:05 schrieb Peter Tribble: Dan, I've not heard from anyone, so I'm going to assume nobody has played with LX zones on OmniOS yet. Is there an ISO image to play with? -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
Dan, I've not heard from anyone, so I'm going to assume nobody has played with > LX zones on OmniOS yet. > Is there an ISO image to play with? -- -Peter Tribble http://www.petertribble.co.uk/ - http://ptribble.blogspot.com/ ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX for OmniOS update
hi dan great news ... a question ... for testing this, a vm would be fine, right? cheers tobi Tobias Oetiker t...@oetiker.ch 062 775 9902 > On 09.08.2016, at 00:21, Dan McDonaldwrote: > > I just pushed two commits to io-lx-public: > > commit f35040a7b2d3acea4f879afbc7ae4d8bfa09b575 > Author: Dan McDonald > Date: Mon Aug 8 17:17:31 2016 -0400 > >systemd kool-aid drinkers (e.g. Ubuntu 16) need proc_clock_highres > privileges > > commit 179ef6d69f69f2c5fb540fecf8cc3707168fb76f > Author: Dan McDonald > Date: Thu Aug 4 10:47:33 2016 -0400 > >libdladm needs to be a bit more LX-aware > > > The most recent has allowed me to boot Ubuntu 16 *AND* CentOS 7.2 on an > OmniOS-hosted LX zone. > > I'll be merging with Joyent's stuff again relatively soon and preparing to > spin both a non-LX bloody update and an accompanying LX update on our LX > publisher: > >http://pkg.omniti.com/omnios/LX/ > > I've not heard from anyone, so I'm going to assume nobody has played with LX > zones on OmniOS yet. It's still "alpha/beta"-y IMHO, but I really could use > the feedback, especially from people with more Linux experience than me. (I > *rarely* have used UNIX variants outside of MacOS X and Solarish ones for the > past 20 years, and most of those exceptions were for IPsec interoperability > testing back when I was at Sun.) > > We're contemplating including "LX Beta" in OmniOS r151020, as preparation for > r151022 (i.e. the Next LTS release) to include LX zones. Your feedback > should be invaluable in helping us guide things in. > > Thanks, > Dan > > ___ > OmniOS-discuss mailing list > OmniOS-discuss@lists.omniti.com > http://lists.omniti.com/mailman/listinfo/omnios-discuss > ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss
Re: [OmniOS-discuss] LX on OmniOS update
You are amazing. Keep up the great work. We love you!! I'll test this out as I have time. I'm very excited for this! -brian > On Jul 1, 2016, at 15:04, Dan McDonaldwrote: > > Hello! > > I'm BCc:ing the illumos developer and illumos discussion lists. This thread > should continue on omnios-discuss. Please note I will be very slow to get > back to emails until July 12th. > > I'd like to report some progress on the LX zones for OmniOS work. > > First some URLs. The git repos are: > >https://github.com/danmcd/io-lx-public/ > >https://github.com/danmcd/ob-lx-public/ > > The latter has only one small change in its manifests. The former is where > the big work is. Feel free to clone/pull and toy around. At this time, I > will consider PRs, but likely not issues unless they accompany a PR. If you > have LX-for-OmniOS suggestions or issues, please bring them up on the > omnios-discuss mailing list. > > I have webrevs of io-lx against illumos-omnios AND against illumos-joyent: > >http://kebe.com/~danmcd/webrevs/io-lx-public/ > >http://kebe.com/~danmcd/webrevs/io-lx-public-vs-joyent/ > > And finally, I have an IPS server with bloody + LX on it. You should > retarget your "omnios" publisher on a bloody install to it if you want to try > them out: > >http://pkg.omniti.com/omnios/LX/ > > The bits so far are able to install an LX zone. Here's a sample zone > configuration (you'll have to create an "lx0" vNIC): > > # zonecfg -z lx0 export > create -b > set zonepath=/zones/lx0 > set brand=lx > set autoboot=false > set ip-type=exclusive > add net > set physical=lx0 > end > # > > To install an LX zone on OmniOS, first you must install the LX brand: > >pkg install brand/lx > > then you need either a compressed or uncompressed ZFS send stream. The > Joyent image repo has these compressed. To grab one for Alpine, e.g.: > >curl -O alpine.gz > https://images.joyent.com/images/d8830f1e-3680-11e6-be72-2ba188e02d31/file > > The UUID portion of that URL can be modifed to match a given "imgadm" UUID > you find on a SmartOS box. > > Once you have that, place it somewhere and use its absolute path: > >zoneadm -z lx0 install -s /path/to/alpine.gz > > You can then ATTEMPT to boot the zone: > >zoneadm -z lx0 boot > > ONLY ALPINE is known to reach a login prompt on the console. You will also > have to manually configure networking on it using the /native tools: > >/native/sbin/ifconfig lx0 addr/prefix up > > In the limited testing I've done thus far, Alpine appears to work. Note my > phrasing "appears to work". I've been able to configure networking using > /native tools and been able to ssh in once I've edited /etc/ssh/sshd_config > to be more permissive. > > NOTE: LX zones and their Datasets are currently independent of boot > environments. One of the upcoming design decisions is how to handle LX zones > on OmniOS, where BEs are very important. Input on this mailing list would be > appreciated. Currently, if you change BEs, you may not have an LX zone > configured, but its dataset will still be around. You can use "zoneadm > attach" after "zonecfg" if you wish. > > Two other distro images -- Ubuntu 14.04 and Centos 6.8 -- have been > attempted, but their /sbin/init exits with EBADF on a writev to stdout (fd == > 2). I suspect I'm doing something wrong with them (as pfiles(1) shows me no > open FDs on /sbin/init), but I will not have time to debug them until July > 12th at the earliest. I will also be mostly away from email during this time > as well. > > It's progress. Thanks go out to Joyent folks who've been VERY HELPFUL and > whose LX code has been mostly free of SmartOS-specific assumptions thus far. > Thus far I've had to make only one change to zoneadmd that's truly deviant > from illumos-joyent and not just a merge or mismerge. > > Happy (alpine-only) LX-ing, > Dan > > ___ > OmniOS-discuss mailing list > OmniOS-discuss@lists.omniti.com > http://lists.omniti.com/mailman/listinfo/omnios-discuss ___ OmniOS-discuss mailing list OmniOS-discuss@lists.omniti.com http://lists.omniti.com/mailman/listinfo/omnios-discuss