[Lxc-users] LXC no connectivity after first boot of the guest
Hi, I'm a beginner with lxc and and have been making my way thru the documentation and several mailing lists. Now I have problem which I can't resolve by myself. First of all some general Information about my Infrastructure: I'm running a Debian Squeeze Server with a (3.2.0-0.bpo.2-amd64) Kernel, running lxc (0.8.0~rc1-8) from testing repositories. cgroups mounted, bridge-utils installed and configured, debootstrap and libvirt-bin too. I made 4 wheezy guests via: lxc-create -n xxx -t debian Went thru the process everything was fine than I updated/modified the /etc/network/interface file, the /etc/hosts file, reconfigured the openssh-server modified the /etc/inittab added the hostname and fixed the /etc/mtab installed and configured shorewall. Than I started the container with the folowing output: INIT: version 2.88 booting [info] Using makefile-style concurrent boot in runlevel S. hostname: you must be root to change the host name mount: permission denied mount: permission denied mount: permission denied mount: permission denied [ ok ] Activating swap...done. mount: permission denied mount: permission denied mount: permission denied mount: permission denied [warn] Mount point '/dev/console' does not exist. Skipping mount. ... (warning). [warn] Mount point '/dev/ptmx' does not exist. Skipping mount. ... (warning). [ ok ] Activating lvm and md swap...done. [] Checking file systems...fsck from util-linux 2.20.1 done. [ ok ] Mounting local filesystems...done. [ ok ] Activating swapfile swap...done. [ ok ] Cleaning up temporary files [ ok ] Configuring network interfaces...done. [ ok ] Cleaning up temporary files [ ok ] Setting kernel variables ...done. Starting Shorewall firewall: done. Starting Shorewall6 firewall: done. [FAIL] startpar: service(s) returned failure: hostname.sh hwclock.sh ... failed! INIT: Entering runlevel: 2 [info] Using makefile-style concurrent boot in runlevel 2. [ ok ] Starting enhanced syslogd: rsyslogd. [ ok ] Starting periodic command scheduler: cron. [ ok ] Starting MTA: exim4. [ ok ] Starting OpenBSD Secure Shell server: sshd. and following config: ## Container lxc.utsname = srv lxc.rootfs = /var/lib/lxc/srv/rootfs lxc.arch= x86_64 #lxc.console= /var/log/lxc/srv.console lxc.tty = 6 lxc.pts = 1024 ## Capabilities lxc.cap.drop= mac_admin lxc.cap.drop= mac_override lxc.cap.drop= sys_admin lxc.cap.drop= sys_module lxc.cgroup.devices.deny = a lxc.cgroup.devices.allow= c *:* m lxc.cgroup.devices.allow= b *:* m lxc.cgroup.devices.allow= c 5:1 rwm lxc.cgroup.devices.allow= c 10:229 rwm lxc.cgroup.devices.allow= c 1:3 rwm lxc.cgroup.devices.allow= c 5:2 rwm lxc.cgroup.devices.allow= c 136:* rwm lxc.cgroup.devices.allow= c 1:8 rwm lxc.cgroup.devices.allow= c 254:0 rwm lxc.cgroup.devices.allow= c 5:0 rwm lxc.cgroup.devices.allow= c 1:9 rwm lxc.cgroup.devices.allow= c 1:5 rwm ## Filesystem lxc.mount.entry = proc /var/lib/lxc/srv/rootfs/proc proc nodev,noexec,nosuid 0 0 lxc.mount.entry = sysfs /var/lib/lxc/srv/rootfs/sys sysfs defaults,ro 0 0 lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.hwaddr = 00:50:56:00:1A:BA lxc.network.ipv4 = 176.9.xxx.xxx/24 lxc.network.name = eth0 lxc-console -n xxx worked and I came to the login mask, so did SSH. Now comes the strange thing. I stopped the guest via: lxc-stop -n xxx Guest goes down... now I restarted it, it went up with the same output, but this time I'm not able to access the Internet. SSH outputs only: cannot connect to host. Login via lxc-console works I'm on the guest but cannot make a ping or anything else. Same behaviour with the other 3 guests. First boot everything works like a charm than after the first time no connectivity to the rest of the world. ip a output: 11: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:50:56:00:1a:ba brd ff:ff:ff:ff:ff:ff inet 176.9.xxx.xxx/24 brd 176.9.xxx.255 scope global eth0 inet6 fe80::250:56ff:fe00:1ab7/64 scope link valid_lft forever preferred_lft forever 13: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever In Kernel Log, Syslog and dmesg Log nothing strange... I don't have a clue what else to do. Did I forgot something? I hope someone can
Re: [Lxc-users] LXC no connectivity after first boot of the guest
On 08/10/2012 01:33 PM, Fajar A. Nugraha wrote: IIRC debian only support using lxc-debconf, not lxc-debian yep; ftr, see this thread: http://sourceforge.net/mailarchive/forum.php?thread_name=5017ECB2.9030507%40rktmb.orgforum_name=lxc-users so I wouldn't be surprised if you found a problem which won't be fixed. as it looks know, wheezy will not get live-debconfig due to bureaucratic unwillingness of some debian people, i tried, but nothing i can do further about that i'm afraid. so, wheezy will as it looks like not be a host system nor container system for/with lxc :( -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] LXC no connectivity after first boot of the guest
On 10.08.2012 13:33, Fajar A. Nugraha wrote: On Fri, Aug 10, 2012 at 3:23 PM, Klemens Rauch klemens.ra...@rolmail.net wrote: Hi, I'm a beginner with lxc and and have been making my way thru the documentation and several mailing lists. Now I have problem which I can't resolve by myself. First of all some general Information about my Infrastructure: I'm running a Debian Squeeze Server with a (3.2.0-0.bpo.2-amd64) Kernel, running lxc (0.8.0~rc1-8) from testing repositories. cgroups mounted, bridge-utils installed and configured, debootstrap and libvirt-bin too. I made 4 wheezy guests via: lxc-create -n xxx -t debian IIRC debian only support using lxc-debconf, not lxc-debian, so I wouldn't be surprised if you found a problem which won't be fixed. Same behaviour with the other 3 guests. First boot everything works like a charm than after the first time no connectivity to the rest of the world. What does brctl show on the host looks like: - before you start any guest - when the first guest is started - after the first guest is down - when the second guest is started (or is it the same guest restarted?) Just in case there were some problems with bridging on the host side. IIRC debian only support using lxc-debconf, not lxc-debian, so I wouldn't be surprised if you found a problem which won't be fixed. I tried to create one with lxc-create -n xxx -t debconf But it crashes with the following output: Downloading minimal system... cd: 381: can't cd to http://ftp.debian.org Failed to download the rootfs, aborting. Failed to download base system failed to install system failed to execute template 'debconf' aborted Is there somewhere a documentation to use lxc with debconf as template? What does brctl show on the host looks like: - before you start any guest bridge name bridge id STP enabled interfaces br0 8000.5404a6b49e33 no eth0 - when the first guest is started bridge name bridge id STP enabled interfaces br0 8000.5404a6b49e33 no eth0 vethCRhIeB - after the first guest is down bridge name bridge id STP enabled interfaces br0 8000.5404a6b49e33 no eth0 - when the second guest is started (or is it the same guest restarted?) all guests are started bridge name bridge id STP enabled interfaces br0 8000.5404a6b49e33 no eth0 vethE70uMb vethQp9dQg vethpNks24 veths5j2kt and with a freshly installed guest bridge name bridge id STP enabled interfaces br0 8000.5404a6b49e33 no eth0 vethmALo2v after the restart of the fresly installed guest bridge name bridge id STP enabled interfaces br0 8000.5404a6b49e33 no eth0 vethLXYG0R dmesg output: [20497.182908] ADDRCONF(NETDEV_UP): vethLXYG0R: link is not ready [20497.280198] ADDRCONF(NETDEV_CHANGE): vethLXYG0R: link becomes ready [20497.281207] br0: port 2(vethLXYG0R) entering forwarding state [20497.282181] br0: port 2(vethLXYG0R) entering forwarding state [20507.597801] vethLXYG0R: no IPv6 routers present [20507.725734] eth0: no IPv6 routers present [20511.004005] martian source 176.9.xxx.xxx from 195.254.xx.xx, on dev eth0 [20511.004976] ll header: 00:50:56:00:1a:b7:78:fe:3d:46:ed:88:08:00 [20514.008501] martian source 176.9.xxx.xxx from 195.254.xxx.xxx, on dev eth0 [20514.009490] ll header: 00:50:56:00:1a:b7:78:fe:3d:46:ed:88:08:00 Greets Klemens -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] LXC no connectivity after first boot of the guest
On 10.08.2012 16:06, Daniel Baumann wrote: Is there somewhere a documentation to use lxc with debconf as template? lxc-create -t debian -n example.org (as said, lxc-debian is lxc-debconf on debian.) ohh... sorry didn't get that immediately that it is the same -.- as it looks know, wheezy will not get live-debconfig due to bureaucratic unwillingness of some debian people, i tried, but nothing i can do further about that i'm afraid. so, wheezy will as it looks like not be a host system nor container system for/with lxc :( which brings me to the point that there is nothing I can do, right? xD -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] LXC no connectivity after first boot of the guest
On 08/10/2012 04:13 PM, Klemens Rauch wrote: which brings me to the point that there is nothing I can do, right? xD since the cleanest option (wait until wheezy has been updated) didn't work out, i'll prepare a blog post about it in some days. for other options, see the thread i've referenced. -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] LXC no connectivity after first boot of the guest
On Fri, Aug 10, 2012 at 9:13 PM, Klemens Rauch klemens.ra...@rolmail.net wrote: as it looks know, wheezy will not get live-debconfig due to bureaucratic unwillingness of some debian people, i tried, but nothing i can do further about that i'm afraid. so, wheezy will as it looks like not be a host system nor container system for/with lxc :( which brings me to the point that there is nothing I can do, right? xD At this point I'd recommend you try ubuntu 12.04 as your host. I've tested that at least it can install debian guest, boot, and reboot the guest while still maintaining connectivity (haven't tried other functionality, sorry). -- Fajar -- Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
