from:"Lawrance"

[Bug 1189909] Re: dhcp-agent does always provide IP address for instances with re-cycled IP addresses.

2013-08-06 Thread Lawrance

i  think  neutron did not delete the port asap，maybe we can set dnsmasq
lease time 3600 and wait for neutron deleting the port！

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1189909

Title:
  dhcp-agent does always provide IP address for instances with re-cycled
  IP addresses.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1189909/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1189909] Re: dhcp-agent does always provide IP address for instances with re-cycled IP addresses.

2013-08-05 Thread Lawrance

The same problems， who can reproduce the problem！

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1189909

Title:
  dhcp-agent does always provide IP address for instances with re-cycled
  IP addresses.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1189909/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1088295] Re: lxc container can control other container's cpu share, memory limit, or access of block and character devices

2012-12-10 Thread Lawrance

thanks Serge，i’ll try

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1088295

Title:
  lxc container can control  other container's cpu share,memory limit,or
  access of  block and character devices

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1088295/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1088295] Re: lxc container can control other container's cpu share, memory limit, or access of block and character devices

2012-12-09 Thread Lawrance

thanks for your rapid reply.
sorry, i'm newbie to appamor

1. what i should do is to create  a appamor policy for 
/usr/lib/libvirt/libvirt_lxc or anything else?
2. how can i do per-container apparmor policies 
3. could i refer below appamor policy for lxc
root@superstack:~# cat /etc/apparmor.d/lxc/lxc-default 
# Do not load this file.  Rather, load /etc/apparmor.d/lxc-containers, which
# will source all profiles under /etc/apparmor.d/lxc

profile lxc-container-default flags=(attach_disconnected,mediate_deleted) {
  network,
  capability,
  file,
  umount,

  # ignore DENIED message on / remount
  deny mount options=(ro, remount) -> /,

  # allow tmpfs mounts everywhere
  mount fstype=tmpfs,

  # allow mqueue mounts everywhere
  mount fstype=mqueue,

  # allow fuse mounts everywhere
  mount fstype=fuse.*,

  # the container may never be allowed to mount devpts.  If it does, it
  # will remount the host's devpts.  We could allow it to do it with
  # the newinstance option (but, right now, we don't).
  deny mount fstype=devpts,

  # allow bind mount of /lib/init/fstab for lxcguest
  mount options=(rw, bind) /lib/init/fstab.lxc/ -> /lib/init/fstab/,

  # deny writes in /proc/sys/fs but allow fusectl to be mounted
  mount fstype=binfmt_misc -> /proc/sys/fs/binfmt_misc/,
  deny @{PROC}/sys/fs/** wklx,

  # block some other dangerous paths
  deny @{PROC}/sysrq-trigger rwklx,
  deny @{PROC}/mem rwklx,
  deny @{PROC}/kmem rwklx,
  deny @{PROC}/sys/kernel/[^s][^h][^m]* wklx,
  deny @{PROC}/sys/kernel/*/** wklx,

  # deny writes in /sys except for /sys/fs/cgroup, also allow
  # fusectl, securityfs and debugfs to be mounted there (read-only)
  mount fstype=fusectl -> /sys/fs/fuse/connections/,
  mount fstype=securityfs -> /sys/kernel/security/,
  mount fstype=debugfs -> /sys/kernel/debug/,
  deny mount fstype=debugfs -> /var/lib/ureadahead/debugfs/,
  mount fstype=proc -> /proc/,
  mount fstype=sysfs -> /sys/,
  deny /sys/[^f]*/** wklx,
  deny /sys/f[^s]*/** wklx,
  deny /sys/fs/[^c]*/** wklx,
  deny /sys/fs/c[^g]*/** wklx,
  deny /sys/fs/cg[^r]*/** wklx,
}

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1088295

Title:
  lxc container can control  other container's cpu share,memory limit,or
  access of  block and character devices

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1088295/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 645625] Re: lxc container can power-off host machine

2012-12-09 Thread Lawrance

thanks for your  infomation,Serge

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/645625

Title:
  lxc container can power-off host machine

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 861504] Re: nova-compute-lxc limited by available nbd devices to 16 instances

2012-12-02 Thread Lawrance

i solve the problem by  “modprobe nbd nbds_max=30”
and
vi /usr/lib/python2.7/dist-packages/nova/virt/disk/nbd.py
...
cfg.IntOpt('max_nbd_devices',
   default=30, ##check it here
   help='maximum number of possible nbd devices')
..

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/861504

Title:
  nova-compute-lxc limited by available nbd devices to 16 instances

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/861504/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 645625] Re: lxc container can power-off host machine

2012-12-02 Thread Lawrance

can somebody show we how to solve this problem with appamor, i install 
openstack with lxc installed, and i can use "echo b > /proc/sysrq-trigger" to 
power-off host.
sorry,i'am newbie to appamor...
thanks

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/645625

Title:
  lxc container can power-off host machine

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/645625/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1189909] Re: dhcp-agent does always provide IP address for instances with re-cycled IP addresses.

[Bug 1189909] Re: dhcp-agent does always provide IP address for instances with re-cycled IP addresses.

[Bug 1088295] Re: lxc container can control other container's cpu share, memory limit, or access of block and character devices

[Bug 1088295] Re: lxc container can control other container's cpu share, memory limit, or access of block and character devices

[Bug 645625] Re: lxc container can power-off host machine

[Bug 861504] Re: nova-compute-lxc limited by available nbd devices to 16 instances

[Bug 645625] Re: lxc container can power-off host machine

7 matches

Site Navigation

Mail list logo

Footer information