On 03/13/2012 08:02 PM, Serge Hallyn wrote: I'm sorry for the late answer.
> Hm, perhaps /etc/network/if-up.d/ntpdate should be updated to not run > in a container. > > It also might be worth removing CAP_SYS_TIME from the container's > rights. Yes, that's true. > You mean to run after the container has been created? That'd be a nice > features, yes. Stéphane has also suggested pre- and post-start scripts > for container start/stop. Yes, exactly. Right now there is a lot of hardcoded option (eg. ubuntu user, network setup.. etc.) > 4. I always wanted to ask, why lxc-create command has a switch '-n' if > it defined in the configuration anyway? > Hmm? I never put the hostname in my configuration manually. lxc configuration contains lxc.utsname = NAME. Than it's needed to setup the container with lxc-create -n NAME -f config > Well, these templates are used by people doing juju, openstack, and > launchpad/buildd stuff. Yes we've never really discussed how we should > go about deciding good defaults. We probably should. If there is an pre/post script solution, it's getting not so important. >> 6. How can I deploy it to a custom directory? With the switch '-B' I was >> not successful. Anyway, many times I just want to create a container >> with no individual partition (volume). Now I copied it from /var/lib/lxc. > Not sure what you mean. -B only really supports lvm right now. It should > be made to support loopback qemu-nbd images. > > In the lxc server guide (a rough draft is at > https://code.launchpad.net/~serge-hallyn/serverguide/serverguide-lxc > with a rougher but pdf draft at > http://people.canonical.com/~serge/lxc.serverguide.pdf) > I strongly recommend against picking custom locations. Rather, if you > need more space, symlink or bind-mount in another filesystem to > /var/lib/lxc and /var/cache/lxc. Why > >> 7. Why does lxc-destroy remove the container files without asking about >> it? I think is a bad idea. > <shrug> it's what it's always done. I personally like it - I prefer > limiting interaction. We could add a --del-rootfs option, without which > it only deletes the config, but I don't really see the point. I think it's not (only) about rootfs but the full configuration (fstab, config etc.) >> 8. The script creates some custom upstart config file: >> lxc.conf: Why don't use lxcguest package? > lxc.conf is installed with lxc, to be installed on the host. It's what > starts your /etc/lxc/auto/ containers. I mean in the container, If I'm not wrong. I wrote this email a long time ago. >> ssh.conf: why is this necessary? >> console.conf: It should be in the package upstart as tty[0-6].conf or in >> lxcguest package, isn't it? > Here you need to be specific about what containers you created, with what > options. If you're creating a precise container on precise host, ssh.conf > won't exist and console.conf is shipped by upstart, just as you say. Great. >> 9. The script just removes config files instead of using dpkg-divert: >> rm -f $rootfs/etc/init/tty{5,6}.conf >> >> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls u*.conf); do mv >> $f $f.orig; done' >> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls tty[2-9].conf); >> do mv $f $f.orig; done' >> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls >> plymouth*.conf); do mv $f $f.orig; done' >> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls hwclock*.conf); >> do mv $f $f.orig; done' >> chroot $rootfs /bin/bash -c 'cd /etc/init; for f in $(ls module*.conf); >> do mv $f $f.orig; done' >> >> >> Why? > In general I think trim'ed containers are considered non-upgradeable > anyway, but if dpkg-divert can be easily used to improve things, that > might be a good idea. Would you be interested in writing some patches > to that effect? OK, checked the script and now yes, it obviously belongs only to the trimmed containers so it's OK. However dpkg-divert still looks better;) >> 10. >> if [ $release != "lucid" ]; then >> sed -i 's/^.*emission handled.*$/echo Emitting lo/' >> $rootfs/etc/network/if-up.d/upstart >> fi >> * Would not be better if there is an lxclo.conf from lxcguest? >> Than you don't need to worry about package updates. > Yes, but this is a trimmed container. Trim means manually slice and > dice the system so you don't need lxcguest. > > If you don't do --trim, then this won't be done, and lxcguest will be > installed instead. OK, clear now. > Thanks, sorry for taking so long to respond. -serge The same from here:) Thank you, tamas ------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
