Well disabling kernel logging in system containers worked fine for me. Only the rsyslog instance on the host should log kernel messages. If several rsyslog instances read the kernel log the result will be … garbled See man proc & kmsg where it clearly states that only one process should read that data source. /Hans
From: lxc-users [mailto:[email protected]] On Behalf Of Yannick Barbeaux Sent: den 29 oktober 2014 13:35 To: LXC users mailing-list Subject: Re: [lxc-users] upgrade to LXC 1.0.6 : segfault Sorry to say so but I am very doubtful about the fact that lxc does not have anything to do with the garbled logs problem. I have been using Debian servers (with or without xen) for many years and it is the first time I face such issues. One relevant example is that my guest domain has iptables rules and logs dropped packets. The logging rule is: iptables -A OUTPUT -j LOG --log-prefix " dropped by firewall (OUTPUT) " so I find the following lines in kern.log: (when not garbled) Oct 29 12:22:31 myhost kernel: [68725.452738] dropped by firewall (OUTPUT)IN= OUT=eth0 SRC=ip_address DST=ip_address LEN=109 TOS=0x00 PREC=0x00 TTL=255 ID=5689 DF PROTO=41 I discovered that I have similar lines in the kern.log of my containers while they have absolutely no iptables rules: Oct 29 13:10:04 localhost kernel: [71575.889092] dropped by firewall (OUTPUT)IN= OUT=eth0 SRC=ip_address DST=ip_address LEN=116 TOS=0x00 PREC=0x00 TTL=255 ID=7628 DF PROTO=41 As suggested here<https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1003888>, I added the following lines in my containers conf file: lxc.cap.drop = sys_module mac_admin syslog but that did not help. Commenting out/removing the line including “$ModLoad imklog” in /etc/rsyslog.conf as suggested is not an option since I need the logging possibilities. Any help is greatly appreciated. Thank you. Yannick On 28 October 2014 06:45, Hans Feldt <[email protected]<mailto:[email protected]>> wrote: Regarding garbled logs, you should disable kernel logging in the guest by commenting out/removing the line including “$ModLoad imklog” in /etc/rsyslog.conf Thanks, Hans From: lxc-users [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Yannick Barbeaux Sent: den 27 oktober 2014 17:08 To: [email protected]<mailto:[email protected]> Subject: [lxc-users] upgrade to LXC 1.0.6 : segfault Hi everyone, my first post in the LXC world! I have been using LXC 1.0.3 on debian wheezy for a few months now and everything worked fine, except that the kern.log (and thus syslog too) on "Dom0" was garbled as soon as I started any container : example: Oct 27 16:19:51 myserver kernel: rl(NU)I=r.0 U=MC0:05:00:1f:ac:1e:60:0SC0000DT24001LN3 O=x0PE=x0TL1I= FPOO2 Oct 27 16:19:53 myserver kernel: 91845] rpe yfrwl IPT Nb012OT A=10:e0:00:e5:86:88:80 R=... S=2... E=2TS00 RC0C T= D0D RT= 2.233 rp ra NTIb.4U C10e001ece20480R0. =..E2S0R0 =DDR=4>[ 922.837874] dropped by firewall (INPUT) IN=br0105 OU=MC0:05:00:16:09:99:f0:0SC0000DT=2... E=2TS00 RC0C T= D0D RT= ==x0PE=x0TL1I= FPOO2 it seems that various processes write at the same time in the logs and thus it is totally messy. I thought that upgrading to LXC 1.0.6 could solve that issue. I downloaded the sources and compiled the new version with python enabled. The real problems started with that new version: after rebooting, the containers would simply not start (lxc-start -d -n p1 does not do anything, nothing in the logs either). After investigations, I found out that the link to the liblxc pointed to the liblxc.so.1.1.0.alpha1. After deleting the symbolic link and recreating it to point to liblxc.so.1.0.6, I was able to launch the containers successfully but unfortunately, one of the command I used the most, lxc-ls --fancy was broken (Segmentation fault). Same issue for the lxc-autostart command. Furthermore, after each reboot, the link to the alpha1 version of the lib is automatically recreated so before launching the containers, I have to execute those commands to recreate the correct link: rm /usr/local/lib/liblxc.so.1 ln -s /usr/local/lib/liblxc.so.1.0.6 /usr/local/lib/liblxc.so.1 And guess what, with the v1.0.6, my kern.log and syslog are still garbled so the upgrade was definitely not efficient in my case. To sum up, since the upgrade, I face the following issues: - garbled logs on "Dom0" (same issue as with v1.0.3) - link to the liblxc.so.1.1.0alpha is recreated at each system startup (and implies that I cannot launch my containers) - lxc-ls --fancy and lxc-autostart not working anymore Any help on this would be really appreciated. Thanks Yannick _______________________________________________ lxc-users mailing list [email protected]<mailto:[email protected]> http://lists.linuxcontainers.org/listinfo/lxc-users
_______________________________________________ lxc-users mailing list [email protected] http://lists.linuxcontainers.org/listinfo/lxc-users
