On Tue, 10 Jan 2012, Daniel Lezcano wrote:
> On 01/10/2012 01:39 AM, Fred Finkelstein wrote:
>> I finally found it with the help of the #lxcontainers irc channel. I have
>> to replace this in lxc.fstab:
>> /dev/shm /dev/shm bind 0 0
>> with this:
>> /dev/shm /srv/shm none bind 0 0
>> and I can acc
On Fri, 6 Jan 2012, Whit Blauvelt wrote:
> On Wed, Jan 04, 2012 at 02:18:37PM -0500, Whit Blauvelt wrote:
>
>> # lxc-info -n xfer
>> state: RUNNING
>> pid: 1414
>>
>> # lxc-console -n xfer
>> lxc-console: 'xfer' is stopped
>
> For other people, is lxc-console working on Debian 0.7.5? Anyone
On Tue, 20 Dec 2011, Patrick Kevin McCaffrey wrote:
> I'm running into this issue when trying to set up a PostgreSQL server
> inside one of my containers. The Postgre mailing list seems suspect of
> my LXC setup, so I thought I'd see if anyone has any input. The outline
> of my problem is bel
On Thu, 8 Dec 2011, Arie Skliarouk wrote:
> When I tried to restart the vserver, it did not came up. Long story short,
> I found that lxc-destroy did not destroy the cgroup of the same name as the
> server. The cgroup remains visible in the /sys/fs/cgroup/cpu/master
> directory. The tasks file is
On Mon, 12 Dec 2011, István Király - LaKing wrote:
Hi folks.
I'm trying to compose a system, where lxc containers behave like virtual
hosts for a web server.
As next step I would like to minimize container size. My question is,
what the best, most elegant and fail proof technique for that?
On Sun, 11 Dec 2011, Arie Skliarouk wrote:
>>
>> When I tried to restart the vserver, it did not came up. Long story short,
>> I found that lxc-destroy did not destroy the cgroup of the same name as the
>> server. The cgroup remains visible in the /sys/fs/cgroup/cpu/master
>> directory. The tasks
On Thu, 8 Dec 2011, Arie Skliarouk wrote:
> On Thu, Dec 8, 2011 at 14:05, Gordon Henderson wrote:
>
>> On Thu, 8 Dec 2011, Arie Skliarouk wrote:
>>
>>> When I tried to restart the vserver, it did not came up. Long story
>> short, I found that lxc-destroy did n
On Thu, 8 Dec 2011, Arie Skliarouk wrote:
> When I tried to restart the vserver, it did not came up. Long story short,
> I found that lxc-destroy did not destroy the cgroup of the same name as the
> server. The cgroup remains visible in the /sys/fs/cgroup/cpu/master
> directory. The tasks file is
know if there are fixes in
kernels later than what I'm using.
Anyone?
Gordon
On Thu, 24 Nov 2011, Gordon Henderson wrote:
>
> I've noticed a few oddities recently which has resulted in me needing to
> reboot (and in once case power cycle) a server which isn't go
On Fri, 2 Dec 2011, nishant mungse wrote:
> Hi,
>
> I want the ip address to be assigned in order as the containers are started
> and not assigned by DHCP. For example :: container1::
> 193.163.195.01,container2:: 193.163.195.02 like wise if there is
> container30 :: 193.163.195.30, this should be
On Thu, 1 Dec 2011, Patrick Kevin McCaffrey wrote:
> Thanks a bunch, Gordon. I ran route -n inside the container, as saw
> there was no gateway. Assigning 192.168.80.1 (the address of br0) as
> the default gateway inside the container works beautifully.
I think sometimes we overlook the obvio
On Tue, 29 Nov 2011, Patrick Kevin McCaffrey wrote:
> Alright, I've been struggling with LXC for several days now. I can't
> seem to get a container configured properly. I originally was trying to
> set up a few Ubuntu Oneiric containers, but am now just trying to get a
> Debian template cont
I've noticed a few oddities recently which has resulted in me needing to
reboot (and in once case power cycle) a server which isn't good...
I've recently start to set the memoy linits - e.g.
lxc.cgroup.memory.limit_in_bytes = 1024M
lxc.cgroup.memory.memsw.limit_in_bytes = 1024M
That, as
On Tue, 22 Nov 2011, Jeremy MAURO wrote:
> Hi everyone
>
> Is it relevant to setup ntpd on the lxc container?
Probably not..
> And has anyone setup
> a ntp-server on a lxc container?
Yes, but only by accident.
Remember that we only have one kernel here, so I suspect it's a good idea
to only h
On Sat, 12 Nov 2011, Matt Franz wrote:
> Yes. The random Ethernet device names make monitoring with munin zenoss
> or whatever very painful.
>
> One of the nice features of openvz is that it uses the container ID in
> the device name which will be consistent across container reboots and
> also
I'm looking for ways to get stats out of each container on a host - the
sort of stuff I'm after is the bandwidth of the network interface and cpu
cycles.
On the CPU monitoring front there is /cgroup/xxx/cpuacct.stat, memory from
memory.usage_in_bytes and memory.memsw.usage_in_bytes ...
But on
On Sun, 6 Nov 2011, Geordy Korte wrote:
> Hello all,
>
> Just a quick question. I have LXC running on a server and have purchased a
> new server. Now I would like to copy the LXC's to the new server. Do I need
> to do anything special with the cgroups or just copy the containers from
> /var/lib/lx
On Sat, 5 Nov 2011, Daniel Lezcano wrote:
> On 11/05/2011 12:06 AM, Dong-In David Kang wrote:
>> Hi,
>>
>> Is it possible to do "mknod" after creation of an LXC instance?
>> I need to do "mknod" not only at bootup time, but also at run-time.
>> This is needed when I want to dynamically add dev
On Fri, 4 Nov 2011, Daniel Lezcano wrote:
> On 11/04/2011 03:34 PM, Gordon Henderson wrote:
>>
>> I have a container that's used to build a Linux image for an embedded
>> device - and as part of the build script, it creates /dev/ via a sequence
>> of mk
I have a container that's used to build a Linux image for an embedded
device - and as part of the build script, it creates /dev/ via a sequence
of mknod commands Which all fail )-:
There are no cap.drop lines in the contianers config files and I'm
currently working round this by doing it
On Tue, 11 Oct 2011, Brian K. White wrote:
> Looks like the cheap and easy to get OUI is 36 bits long, leaving only
> 12 bits for the user.
>
> Is 4096 possible unique MAC's enough?
Is it actually an issue, or just for vanity?
I guess one issue is of-course making sure you don't pick something t
On Sun, 21 Aug 2011, John wrote:
> On 21/08/11 18:01, Gordon Henderson wrote:
>> I've been using the file-rc boot script mechanisms rather than the
>> sysv-rc system for LXC containers. That might seem like a step
>> backwards, but actually, it's fine and gives
On Sat, 20 Aug 2011, John wrote:
> Hi, very interested in this. I've been using LXC for a while but only to
> segregate functions on my own servers. I am well aware of how delicate
> the LXC setup is when considering security. For example, unless I
> customise the init scripts a container can brin
A few months ago there were some posts about running containers in a
diskless host - just looking for some more info about this in my ponderous
ponderings!
I'm not after having a diskless host (although it's an option), but to
have a host NFS mount a filesystem of a container, then start it...
On Thu, 21 Jul 2011, Daniel Lezcano wrote:
> On 07/13/2011 06:40 PM, Gordon Henderson wrote:
>> ISTR that about a year ago tun/tap use inside an LXC container wasn't
>> possible... Just wondering if things have changed?
>
> No nothing was done around that.
>
> As t
ISTR that about a year ago tun/tap use inside an LXC container wasn't
possible... Just wondering if things have changed?
Thanks,
Gordon
--
AppSumo Presents a FREE Video for the SourceForge Community by Eric
Ries, the
On Tue, 21 Jun 2011, Tzafrir Cohen wrote:
> Hi
>
> Anybody actually uses the "Debian" template?
>
> I tried to figure out how I can pass a "suite" parameter to it, only to
> see that
>
> * The parameter is hardwired (to an obsolete value:
> http://bugs.debian.org/600456 )
> * the script does not
On Sat, 4 Jun 2011, Ulli Horlacher wrote:
On Sat 2011-06-04 (11:38), Gordon Henderson wrote:
However I guess it's just for university types - those with the benefits
of Gb upload speeds... The poor people without that benefit - and the
majority will have sub 1Mb/sec upload speeds
Many
On Sat, 4 Jun 2011, Ulli Horlacher wrote:
> I have now coupled both:
>
> The F*EX service http://fex.uni-stuttgart.de/index.html runs on Ubuntu in
> LXC on ESX. The throuput is as expected the same as with Ubuntu on ESX
> alone.
LXV vs. ESX not withstanding, it's an intersting concept...
However
On Sun, 22 May 2011, Gordon Henderson wrote:
>
> I think this has been on the list before, but my arching search is
> failling me... I've got containers working with memory limitations using
>
> lxc.cgroup.memory.limit_in_bytes
> and
> lxc.cgroup.memory.memsw.limit_in
I think this has been on the list before, but my arching search is
failling me... I've got containers working with memory limitations using
lxc.cgroup.memory.limit_in_bytes
and
lxc.cgroup.memory.memsw.limit_in_bytes
and I can prove that it's working by writing a program to malloc memory
and wa
On Wed, 18 May 2011, Serge Hallyn wrote:
> dd if=/dev/zero of=/srv/container1.rootfs.img bs=1M skip=1 count=1
That ought to be seek=1, not skip. (you skip the input, seek the
outout)
I'm not a fan of this though - if you create the image file(s) using dd
there is a good chance it's g
On Thu, 28 Apr 2011, Ulli Horlacher wrote:
> Is there a way to get the corresponding host PID for a container PID?
>
> For example: inside the the container the process "init" has always PID 1.
> But what PID has this process in the host process table?
>
> ps aux | grep ... is not what I am lookin
I have a program that calls sched_setscheduler - however it fails when run
inside a container - it doesn't overly impact anything, but I'm wondering
if it's because I've missed something or that it's just not supported?
Any clues?
Gordon
---
On Sun, 27 Mar 2011, Amit Uttamchandani wrote:
> I'm just wondering what the best way is to move an lxc container? Can I
> just tar the root filesystem and untar it on another system? Or should I
> rsync it over?
>
> I understand that before doing any of the above, the container should be
> shutdo
On Fri, 3 Dec 2010, Serge E. Hallyn wrote:
> Quoting Matt Rechenburg (m...@openqrm.com):
>> Hi Lxc team,
>>
>> actually I would vote against a loop mount.
>
> Note that this wouldn't take the place of LVMs :) But since
> LVMs require you to have installed your distro in a particular
> way to begi
On Fri, 3 Dec 2010, Matt Rechenburg wrote:
> Hi Lxc team,
>
> actually I would vote against a loop mount.
I would "vote" to allow the local systems administrator the choice of what
suits them best.
And since there's no reason to explicitly block loopback mounts, then
don't do it.
> Much easie
On Thu, 2 Dec 2010, Serge E. Hallyn wrote:
> Quoting Gordon Henderson (gor...@drogon.net):
>> On Mon, 29 Nov 2010, Trent W. Buck wrote:
>>
>>> Siju George writes:
>>>
>>>> 1) how do I limit the RAM usage of a container?
>>>
>>> In
On Mon, 29 Nov 2010, Trent W. Buck wrote:
> Siju George writes:
>
>> 1) how do I limit the RAM usage of a container?
>
> In lxc.conf(5):
>
>lxc.cgroup.memory.limit_in_bytes = 256M
>lxc.cgroup.memory.memsw.limit_in_bytes = 1G
>
>> 2) how do I limit the disk usage of a container ?
>
> Ensur
On Thu, 18 Nov 2010, Michael H. Warfield wrote:
> On Thu, 2010-11-18 at 19:38 +0000, Gordon Henderson wrote:
>> Anyone tried LXC with IPv6? Any reason it shouldn't "just work"?
>
> Works fine for me and I've been using it (IPv6) for years.
Great. I'm i
Anyone tried LXC with IPv6? Any reason it shouldn't "just work"?
Cheers,
Gordon
--
Beautiful is writing same markup. Internet Explorer 9 supports
standards for HTML5, CSS3, SVG 1.1, ECMAScript5, and DOM L2 & L3.
Spend
On Thu, 30 Sep 2010, Daniel Lezcano wrote:
> On 09/30/2010 11:04 AM, Gordon Henderson wrote:
>>
>> Looking to put "hard" limits on a containers filesystem size by creating a
>> fixed-length file, putting a filesystem in it, loopback mounting it, then
>&
Looking to put "hard" limits on a containers filesystem size by creating a
fixed-length file, putting a filesystem in it, loopback mounting it, then
using that as the containers root ...
I've not tried it yet, but wondering if anyone has done anything like
this? Any pitfalls? (Other than maybe
On Fri, 27 Aug 2010, Sebastien Douche wrote:
> I created a container with an interface. I stop it, I change the MAC
> address, restart it:
>
> lxc-start: ioctl failure : Cannot assign requested address
> lxc-start: failed to setup hw address for 'eth0'
> lxc-start: failed to setup netdev
> lxc-sta
On Fri, 13 Aug 2010, Clemens Perz wrote:
> Hi!
>
> I used to run lxc-stop on my system containers when I actually want to
> run a halt. Only today I noticed, that stop actually kills all
> processes, not really doing a halt. I went through the lxc commands and
> did not find something graceful to
On Thu, 8 Jul 2010, Whit Blauvelt wrote:
> On Thu, Jul 08, 2010 at 06:46:20PM +0100, Gordon Henderson wrote:
>>
>> Sort of thinking out loud, but looking for suggestions/ideas ...
>>
>> So I have a host with 20 containers and each of these 'servers' runs cron
Sort of thinking out loud, but looking for suggestions/ideas ...
So I have a host with 20 containers and each of these 'servers' runs cron
jobs - and one of them is to do an MRTG run every 5 minutes, so every 5
minutes, ka-chung, 20 jobs start at the same time which sort of has a bit
of a crow
On Tue, 6 Jul 2010, Whit Blauvelt wrote:
> On Tue, Jul 06, 2010 at 08:46:45AM +0100, Gordon Henderson wrote:
>>> When it's said that for the host to speak to a guest on macvlan, that this
>>> depends on setting up macvlan for the host, too, where can I find
>>
On Mon, 5 Jul 2010, Whit Blauvelt wrote:
> Hi,
>
> When it's said that for the host to speak to a guest on macvlan, that this
> depends on setting up macvlan for the host, too, where can I find
> instructions on how to do that?
You need to compile the options into the kernel and make sure that yo
containers.
Right now I'm running it on each individual container. I was just
wondering if it might be more efficient to run it in the forwarding chain
on the host.
I suppose I could just try it, then run the scripts the criminals are
using though, and measure effectiveness!
Thanks,
Gor
e to protect
itself.
> Just some initial considerations.
Thanks,
Gordon
>
>
>
> - Original Message -
> From: "Gordon Henderson"
> To: lxc-users@lists.sourceforge.net
> Sent: Friday, July 2, 2010 8:09:52 AM
> Subject: Re: [Lxc-users] Firewallin
On Fri, 2 Jul 2010, Daniel Lezcano wrote:
> On 07/02/2010 03:06 PM, Gordon Henderson wrote:
>> Further to my logging stuff, which I seem to be able to get round now, I'm
>> now wondering about the issues surrounding firewalling - wondering if it
>> might be more efficie
Further to my logging stuff, which I seem to be able to get round now, I'm
now wondering about the issues surrounding firewalling - wondering if it
might be more efficient to have one firewall on the host which hooks into
the forwarding table, (eth0 rather than br0?) or individual firewalls on
On Thu, 1 Jul 2010, Michael H. Warfield wrote:
> On Thu, 2010-07-01 at 10:20 +0200, Daniel Lezcano wrote:
>> On 07/01/2010 09:54 AM, Gordon Henderson wrote:
>>> On Thu, 1 Jul 2010, Gordon Henderson wrote:
>>>
>>>> Hi,
>>>>
>>>> I&
On Thu, 1 Jul 2010, Gordon Henderson wrote:
> Hi,
>
> I'm experimenting with some iptables inside a container - no real issues
> there, it just works, but I'm a little confused by the logging messages..
>
> I'm running rsyslogd and the firewall log messages are
Hi,
I'm experimenting with some iptables inside a container - no real issues
there, it just works, but I'm a little confused by the logging messages..
I'm running rsyslogd and the firewall log messages are going where they'd
normally go (ie. I've not changed any settings there), so normally I
On Fri, 11 Jun 2010, Richard Thornton wrote:
>>> Gordon wrote:
>
>>> Are you sure it's wise to even consider LXC here?
>
>>> And can one PC really keep up with 20Gb/sec of Ethernet traffic? i.e. How
>>> do you know the bottleneck here won't be the PC rather than the firewall
>>> appliance... I'd s
On Fri, 11 Jun 2010, Papp Tamás wrote:
Papp Tamás wrote, On 2010. 06. 11. 15:15:
hi!
If the start of the container was not fine (actually fstab contained
some items), I cannot stop it properly:
$ fuser -vm /dev/mapper/sister-newsletter
USERPID ACCESS COMMAND
/dev/
On Thu, 10 Jun 2010, John Drescher wrote:
> BTW, a second option is lessfs.
>
> http://www.lessfs.com/wordpress/?page_id=50
What about the KSM kernel option? It's aimed at KVM I think and in the
kernel from 2.6.32. See:
http://lwn.net/Articles/306704/
and
http://lwn.net/Articles/330589/
No
On Thu, 10 Jun 2010, Richard Thornton wrote:
> Hi,
>
> I wish to use netperf to benchmark a firewall appliance but I only want to
> use a single physical 10GbE adapter.
>
> So I have my PC and the firewall.
>
> I wasy thinking two LXC containers, netperf-client and netperf-server,
> basically I wa
On Wed, 9 Jun 2010, Bodhi Zazen wrote:
> Daniel - Thank you for answering, not a big deal.
>
> Gordon - Aye, that is what I do for containers. For applications I write an
> "init" script
>
> #!/bin/bash
>
> route add default gw 192.168.0.1 eth0
>
> Additional commands / config
>
> service start f
On Wed, 9 Jun 2010, Bodhi Zazen wrote:
> Is there a way to set the default gateway in a linux container ?
>
> If I set an ipaddress in the config file
>
> lxc.utsname = foo
> lxc.network.type = veth
> lxc.network.flags = up
> lxc.network.link = br0
> lxc.network.name = eth0
> lxc.network.mtu = 150
On Sun, 6 Jun 2010, Nirmal Guhan wrote:
> I want to run my application on fedora as a container and use the libraries
> (/lib, /usr/lib) from the host (so my application container size is small).
> I did lxc-create but lxc-execute failed (I had sent a mail earlier on this).
> Suggestion was to use
On Thu, 13 May 2010, Christian Haintz wrote:
> Hi,
>
> At first LXC seams to be a great work from what we have read already.
>
> There are still a few open questions for us (we are currently running
> dozens of OpenVZ Hardwarenodes).
I can't answer for the developers, but here's my answers/observ
On Fri, 7 May 2010, Brian K. White wrote:
>> (I think using blowfish makes it a bit quicker - it's a lighter weight
>> encryption and needs less CPU - personally, I'd rather use rsh on a
>> private LAN, but that's a debate for elsewhere ;-)
>>
>
> Why even use rsh? I just use rsync itself, no ssh
On Fri, 7 May 2010, John Lewis wrote:
> Hi Guys,
>
> I am trying to move an LXC container from one machine to another. Can
> you recommend the best way to do that.
>
> I have tried rsyncing but some strange things seem to be happening like
> mysql being available on localhost but the wordpress sit
On Wed, 7 Apr 2010, Osvaldo Filho wrote:
> Why I can see the root of the host system in the container? Is this normal?
You didn't delete /etc/mtab in the container before starting it?
Gordon
--
Download Intel® Parallel
On Sat, 3 Apr 2010, Nigel Magnay wrote:
>>> I'm seeing things like
>>>
>>> root nirima-host:/home/magnayn# lxc-start -n ubuntu
>>> swapon: /dev/disk/by-uuid/35b40dbb-337c-4f46-a82f-642d6fbf3faa: swapon
>>> failed: Device or resource busy
>>>
>> OK - I'm relatively new to LXC (couple of months), I
On Fri, 2 Apr 2010, Nigel Magnay wrote:
> Hi there - I've managed to get my configuration a bit broken;
>
> I've been experimenting with lxc, latterly with ubuntu 10.04-beta as
> it has a kernel that doesn't need patching (2.6.32-16)
>
> Initially all was well; following the setup on
> http://blog
69 matches
Mail list logo
