Re: [lxc-users] Create bridge between LXC Container and Ethernet device

Dear Patrick, congratulations! Now as you seems to have a running setup, you'll probably want to keep it. Said that, I want to give 5ct more on your statement of the fixed IP and MAC you have to use: Maybe you have pay attention of the MACs used by the veth's attaching to the software bridge:

Re: [lxc-users] Create bridge between LXC Container and Ethernet device

Hi Patrick, (eighter change the hoster or) you may install a simple forwarding DNS resolver like dnsmasq on you lxc host and configure the container(s) to use this. Guido On 2021-01-07 18:55, Patrick wrote: > There is only one problem left. The DNS doesn't work. I can ping 8.8.8.8, but > I

Re: [lxc-users] Create bridge between LXC Container and Ethernet device

Dear Patrick, a Bridge is a router device at layer 2, not a layer 3 one! At layer 2, all routing is determined by the MAC addresses, not by the IP adresses. In the other hand, an Interface is an L2-to-L3 connector, it will arbitrate between a L3 identifier (an IP) and an L2 identifier (a MAC).

Re: [lxc-users] Cgroup saga continues - lxc-autostart woes.

Dear Ben, (hi Serge,) maybe you should also take a look what happens if you play with namespaces using the userland tools like lsns, unshare and enterns . with greetings Guido On 2020-11-22 16:09, Serge E. Hallyn wrote: > Can you cat /proc/$pid/cgroup for one of the tasks in an autostarted >

Re: [lxc-users] Remaining virtual ethernet interfaces (veth) after container has been deleted

On 26/03/2020 16.14, Sebert, Holger.ext wrote: > Hi, > > we use LXD containers on our CI-build nodes. For each build a container is > created and deleted afterwards. So, container creation and deletion happens > quite often. > > Here is the problem: After some time, many virtual ethernet

[lxc-users] Container mount accounting

Hi all, is there any way to measure (read/written bytes and/or ops) the "traffic" and/or inspect (monitor) fs operations on a container root-mount and additional mounts without serious impact on performance? thanks Guido ___ lxc-users mailing list

Re: [lxc-users] LXD firewall container?

Dear Ron and others, same as Spike, I would like to point you to FireHol. Technical, it's a rule generator for IPTables. But you will not get in touch with this layer you're get some "wired" error messages during the compile phase. This typical will happen if you try to set up "advanced

Re: [lxc-users] Creating a custom LXC container

Dear Nicholas, there's no real difference in proposed procedure, just use lxc-execude to enter a containers enviroment (, i.e. set of namespaces). Or use lxc-attach to attach to a console login of the running container with greetings Guido On 06.04.2017 16:01, Nicholas Chambers wrote: > My

Re: [lxc-users] rename veth interfaces on the host

On 07.03.2017 17:11, Fajar A. Nugraha wrote: > On Tue, Mar 7, 2017 at 10:32 PM, Spike wrote: > >> Dear all, >> >> I'm using bridged mode for networking and would love to be able to tell >> which veth is which on the host by using more meaningful names. This would >> also very

[lxc-users] Success: LXC Desktop Container

Hi all, with a gap of about one year, I give it a try, again: A special kind of a Desktop Container, running on a "headless" (just text console) home server and (pyhsically) re-using the video card, keyboard and mouse to act like a stand-alone desktop PC. And this time, it seem to work *much*

Re: [lxc-users] would there be value in starting an LXD community online collection of how-to related information

> Here is my opinion on it: > > 1) We do need documentation, especially tutorials. Lots and lots of > tutorials and how-tos . LXD and Docker compete in different niches, but > LXD can easily do what Docker does (and sometimes better in certain > situations) and part of the reason that Docker is

Re: [lxc-users] Big snapshots abort...

Hi, Does the rsync use -z? Is it the bug filed at https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/1384503 ? greetings Guido On 01.12.2016 13:28, Michel Dubé wrote: > Hi Rémy, > > There is a lot of space on that server and I did an rsync of that container > manually. > > The strange

Re: [lxc-users] Establish a bind mount to a running container

On 07.10.2016 16:53, Jäkel, Guido wrote: >> -Original Message- >> From: lxc-users [mailto:lxc-users-boun...@lists.linuxcontainers.org] On >> Behalf Of Stéphane Graber >> Sent: Friday, October 07, 2016 4:26 PM >> To: LXC users mailing-list >> Subject: Re: [lxc-users] Establish a bind mount

Re: [lxc-users] Can I, or should I, "lxc.id_map = u 250 250 1"?

Dear Fog_Watch, I'm a Gentoo user, too. And I'm working (completely all) with NFS and shared portage trees, also. Nevertheless, i'm don't using unpriv'ged containers or shifting, yet. But don't think that Gentoo need to have the user/group of the portage tree to be "portage:portage" for the

Re: [lxc-users] System task automation and System update

Dear Benoit, if your really like this approach, then you may use such an filesystem overlay tool (overlayfs, aufs) to setup layered root filesystems for your containers of LXC. But the package manager of the used Linux -- especially it's database for installed software -- must be aware to

Re: [lxc-users] Limit file descriptors

Dear Alan, adjust the limits per Container in /etc/security/limits.conf , e.g. add something like * hardnofile 8192 * softnofile 8000 * hardnproc 1024 * soft

Re: [lxc-users] lxc insttability

Dear Bostjan The veth will not disappear after shutdown of the container until all pending TCP connections through this veth-pair are timed out (CLOSE/FIN-WAIT). Sometimes, i even can't delete it on the host. And because, i name the host-side of each veth to the name of the container, i have

Re: [lxc-users] Unable to Load Driver Inside Container

On 17.02.2016 21:54, hari wrote: > On Wed, Feb 17, 2016 at 10:46 AM, Guido Jäkel <g.jae...@dnb.de> wrote: > >> Dear Hari, >> >> It might be easier for us if you name the driver or the usecase. Maybe in >> fact you don't want to pass in the "driver"

Re: [lxc-users] Unable to Load Driver Inside Container

Dear Hari, It might be easier for us if you name the driver or the usecase. Maybe in fact you don't want to pass in the "driver" but the "resource" provided by the driver. greetings Guido On 17.02.2016 19:35, hari wrote: > Yes :) > > How can I make a driver loaded in the kernel available

Re: [lxc-users] Connecting container to tagged VLAN

Dear Joshua, you wrote, that there's a trunk on eth1 and eth2. But for eth2, i can't see any VLAN (501 ?) detrunking as with eth1 & eth1.500. In the other hand you wrote, that eth2 is working. Are you shure, that you realy receive this trunk of 3 VLANs on your both eth's? I'm using a

Re: [lxc-users] Problems with user sessions inside a Ubuntu Desktop Container

Dear all, i move forward a first step, now I get a user session if i log in via ssh. The issue was, that there was no systemd cgroup mounted. This is done by /etc/init/systemd-logind.conf , but this (trusty) version, it is inhibited in a container. Because i have lxcfs running on the host, I

Re: [lxc-users] Ubuntu container IP address

On 19.11.2015 21:42, Robert Koretsky wrote: > I have successfully installed and created/started an LXC container on > Ubuntu 15.10, but cannot get it to be visible on my home network. I do an > ifconfig on both the host and in the container, and see the IPv4 address of > lxcbr0 as 10.0.3.1, but

Re: [lxc-users] Recent LXC / LXD and shared file systen infrastructures

On 19.11.2015 03:25, Serge Hallyn wrote: > Quoting Jäkel, Guido (g.jae...@dnb.de): >> Dear experts, >> >> I wonder if the current versions of LXD (and LXC) are aware of a shared file >> infrastructure like NFS. I'm using LXC 0.8 since a couple of years on a >> setup based on a bunch of diskless

Re: [lxc-users] Ubuntu container IP address

On 19.11.2015 23:04, Robert Koretsky wrote: > Again, can anyone tell me why lxcbr0 is configured to start with an IP of > 10.0.3.1? My Ubuntu 15.10 Desktop machine, which has a container, gets its > IP via DHCP from a router. "Because" 10.0.0.0/8 is a reserved private network range like

Re: [lxc-users] Recent LXC / LXD and shared file systen infrastructures

On 19.11.2015 21:58, Serge Hallyn wrote: >> By the way i would prefer any kind of textual format (even a "xml-hell") for >> such things like a configuration information over any proprietary >> representation because it will violate KISS but yield marginal benefits for >> the user of an

Re: [lxc-users] Eth0 not present on boot

. greetings Guido On 23.09.2015 03:24, Peter Steele wrote: > On 09/22/2015 08:08 AM, Guido Jäkel wrote: >> * Do you use lxc.network.veth.pair to name the hosts side of the veth? > Yes. I rename the veth interfaces to match the names of the containers. >> * Was the Container up and r

Re: [lxc-users] Eth0 not present on boot

Dear Peter, * Do you use lxc.network.veth.pair to name the hosts side of the veth? * Was the Container up and running "just before" and you (re)start it within less than 5min? greetings Guido ___ lxc-users mailing list

Re: [lxc-users] Containers have network issues when their host uses a bonded interface

Dear Peter, Hi Fajar, * Is even LXC not needed to reproduce the issue but just a bridge on a bound and some other devices? * Did this issue appear if you use a higher MAC prefix than 64:... for the veths? May you dump the arp traffic (maybe together with icmp) on the host? I'm interested in

Re: [lxc-users] Containers have network issues when their host uses a bonded interface

Dear Peter, may you paint a small ASCII art of your desired network setup and the network configuration? I see no reason that "LXC", i.e. the veth connecting two differently namespaced IP stacks is responsible for any problems. BTW: I'm using a complex network setup with no problems, too. A

Re: [lxc-users] Determining a container's MAC address

Dear Dietmar, please, what's the effect of the added line - what MAC is chosen "fix" with this? + addr = p->dev->dev_addr; greetings Guido On 06.09.2015 21:13, Dietmar Maurer wrote: > We use a kernel patch to avoid that behavior: > >

Re: [lxc-users] Determining a container's MAC address

Dear Peter, don't use a MAC prefix that is lower than that of the upstream device of the bridge the containers are attached: The Linux software bridge will use the lowest MAC of it's attached devices as the MAC of the outgoing packets. Therefore, you will risk short traffic interruptions to

Re: [lxc-users] Limiting number of cores in a container

Dear Peter, I may contribute a script to "(re-)balance" all the "cpuset.cpus" across the available cores in a equable way, i.e. the sum of all assigned cores is spread to approach the average. This may simplify the configuration, because you may use a fix literal for each specific container

Re: [lxc-users] Question on bridging in nested containers

connectivity on the base container) Anjali On 3/11/15, 11:45 PM, Guido Jäkel g.jae...@dnb.de wrote: Dear Fajar, Theoretical, for the root host it should be possible to pull out the fist container level end of the vet's of for the nested containers to the host by changing it's namespace

Re: [lxc-users] reach the outside world

Dear Guillaume, from the output | my_container | RUNNING | 127.0.0.1 | ::1 | I would say that the container don't have an adequate IP. And maybe no default route to your gateway x.x.x.1, too. Should this be set by DHCP or by static configuration? Guido On 12.03.2015 23:54, Guillaume

Re: [lxc-users] Problem with memory.memsw.limit_in_bytes on Ubuntu 14.04.

On 26.02.2015 20:53, Serge Hallyn wrote: I've opened https://github.com/lxc/lxc/issues/453 . I may implement it at some point, but it should be a pretty easy one so I'm going to see if someone else is interested in doing so. Serge, i'm very sorry for my bad English, but i wasn't able work out

[lxc-users] Failure with authorisation of update-manager in Ubuntu Desktop-Container

Dear others, using LXC at work in a server environment for years, this days I start to use it at home. My goal here is to set up a Ubuntu Desktop Container running on the existing vanilla PC acting as my home server. Up to now it was used as a server (router, firewall, NAS, DLNA-server, ...);

Re: [lxc-users] running quagga on linux containers

Dear Durga, it's a implementation feature of the Linux software bridge device that it don't have it's own MAC but *always* use the same MAC as one attached device. This used one will be the one with the lowest value and will change, if this device will deleted from the bridge. This may

Re: [lxc-users] Bug bug bug

Hi, googleing for pthread_join leads to http://www.ibm.com/developerworks/library/l-memory-leaks/ , an article about memory consumption of POSIX threads (and potential leaks if rejoin fails). From this, you can see that every thread needs at least memory for the stack. It is said that the

Re: [lxc-users] LXD an hypervisor for containers (based on liblxc)

On 04.11.2014 18:33, Stéphane Graber wrote: The main features and I'm sure I'll be forgetting some are: - Image based workflow (no more locally built rootfs) Dear Stéphane, is there any plan to support an (aehm, my) infrastructure design, where (at least) all the container rootfs's (and the

Re: [lxc-users] Packet flow from application running in container to physical NIC transmission

Dear Mohit, you're welcome. The LXC project is a meta project which has bundled and is based on a couple of other work, e.g. from the teams of the kernel or the cgroup developers. From that, no all userland stuff is LXC-aware yet. The LXC team know about, point this out to other package

Re: [lxc-users] Attach a lxc container to an existing cgroup ?

On 2014-03-21 15:24, Serge Hallyn wrote: [...]. But you may write a little script that will re-read the lxc configuration and update the definded cgroup entries. @Serge: Such an lxc-reconfigure command may be something to add to the lxc package. What would the lxc-reconfigure command do

Re: [lxc-users] How to set the resource limits to a container

Dear Andy, This will put pressure on the memory. If something can be given free (like the file cache), it will. Then, if it's still over the limit, either the Linux OOM thread will kill processses. Or the container will freeze, if you configure it with memory.oom_control = 1 RFTM at

Re: [lxc-users] Best practice for sharing folder between lxc-guests?

Dear Andreas, Dear Friedemann, you should not need the whole path and in my opinion you should not use it because then you don't need to change it if the container root will change later. But the mount point inside the container rootfs must exist. This is obviously, but i stepped into this

Re: [lxc-users] Best practice for sharing folder between lxc-guests?

On 2014-02-27 19:01, Serge Hallyn wrote: Or add 'create=dir' to the mount options. This little ones are what i like - „For knowledge itself is power“ yours Guido ___ lxc-users mailing list lxc-users@lists.linuxcontainers.org