Serge Hallyn serge.hal...@canonical.com
writes:
Next, upstart's mountall consults /lib/init/fstab. That's the one
which will usually prevent container startup from proceeding. The
lxcguest package for ubuntu will force upstart to mount an empty
version of that file before mountall runs. So
Ulli Horlacher
frams...@rus.uni-stuttgart.de writes:
I have just subscribed to lxc-users.
To prevent sending already answered questions, I would like to have
the complete list archive, so I can use it with my local MUA (mutt).
With
Amit Uttamchandani amit.ut...@gmail.com
writes:
I'm just wondering what the best way is to move an lxc container? Can
I just tar the root filesystem and untar it on another system? Or
should I rsync it over?
If you use tar, make sure to pass --numeric-owner, ESPECIALLY if the
container is
When you run something like shutdown -r 18:30 on a host, users will
receive a bunch of notifications via (I think) wall(1), like
Message from root:
The system will reboot in 180 minutes!
Unsurprisingly, if you schedule a reboot of the host system, people
logged into containers don't
Francois-Xavier Bourlet
francois-xavier.bour...@dotcloud.com
writes:
I am trying to collects statistics from LXC container externally. By
externally, I mean without executing anything inside the container,
but just grabbing all the informations from the outside.
I can't help with your
Daniel Lezcano daniel.lezc...@free.fr writes:
On 03/08/2011 06:12 PM, Thierry GAYET wrote:
* Launch sshd in your container and ssh -X myXapplication from the host
You *could* just do traditional remote X:
dom0$ xhost + domU
domU$ DISPLAY=dom0:0 xlogo
Jon Nordby jono...@gmail.com writes:
On 7 March 2011 22:35, Stuart Johnson stu...@stu.org.uk wrote:
There is OpenQRM http://www.openqrm.com/?q=node/180
But there are no ncurses and a simple web control panels for lxc
neither an IHM yet, unfortunately ...
That could be really nice ...
Daniel Lezcano daniel.lezc...@free.fr writes:
I was using dnsmasq as a dns and a dhcp server and sending the
hostname as an identifier for the dhcp protocol, so I was able to
reach the container without taking care of the ip address / mac
address. But I noticed dnsmasq was collapsing and
Kelly Gibson kgib...@gmail.com writes:
Unless I misunderstand this, it seems to me that there should be a way to
designate that some of the file systems listed in [guest].fstab should not
be remounted in read-only mode during a shutdown.
I address this by denying mount privileges to the
Daniel Lezcano daniel.lezc...@free.fr writes:
On 02/17/2011 05:52 AM, Trent W. Buck wrote:
Has anyone already written an LXC collectd plugin?
Actually, it would be better to aim a larger scope by creating a
cgroup collectd plugin. Lxc will be automatically taken into account
collectd is a daemon that collects statistics in a round-robin database,
for subsequent performance analysis. I'm deploying it as a replacement
for munin.
When I deploy collectd nodes in containers, many of the basic plugins
are not useful, because (as at 2.6.32) queries like how much memory is
Nirmal Guhan vavat...@gmail.com writes:
Is it an expected behavior for containers to share the host root
filesystem when I *specify* the rootfs in the config file?
No.
--
The ultimate all-in-one performance toolkit:
Milan Zamazal p...@zamazal.org writes:
I migrate from VServer to Linux Containers on Debian 6.0. I can't find
any vapt-get equivalent in order to be able to upgrade all running
containers at once. I wouldn't like to handle each container manually
with lxc-console nor to stop the containers
Milan Zamazal p...@zamazal.org writes:
I tried to use FUSE/EncFS in a container on a Debian 6.0 machine and
I've found I have to enable CAP_SYS_ADMIN in order to make it work.
Without it, permission error is reported on encfs invocation (and yes,
I've got /dev/fuse enabled in
Daniel Lezcano daniel.lezc...@free.fr writes:
As a quick fix, I suggest you look what application created the new
namespace. Launch your container and then look at
/cgroup/blackbird/1234/tasks and look for the command line associated
with the pid in this file. I suspect vsftpd could be the
I have a container that autobuilds packages (debs with pbuilder, live
CDs with live-build). These scripts use chroots, and want to populate
(but not use) a bunch of device files within the chroot's /dev.
I found that to make this work, I need to
1) remove lxc.cap.drop = mknod
2) add
Walter Stanish
walter.stan...@saffrondigital.com
writes:
IMHO guest generation (lxc-* scripts) is a mess and
could benefit from adopting a standard that allows for the
specification of options such as guest network connectivity
in a non distribution-specific way. OVF could be one
mechanism
Andre Nathan an...@digirati.com.br writes:
On Mon, 2011-02-07 at 11:40 +1100, Trent W. Buck wrote:
lxc.cap.drop=sys_admin should prevent all mount(2) calls within the
container. It seems to work for me. In fact... I thought LXC *always*
removed that capability, even if you never mentioned
Matto Fransen ma...@matto.nl writes:
Hi,
On Mon, Feb 07, 2011 at 11:40:47AM +1100, Trent W. Buck wrote:
In the container, I can use the mount command with the -oremount,rw
options and then edit the file from the container.
So the bind read-only mounts are no protection against
Daniel Lezcano daniel.lezc...@free.fr writes:
On 02/04/2011 03:43 PM, Andre Nathan wrote:
Hello
I have the following container network configuration:
lxc.network.type = veth
lxc.network.link = br0
lxc.network.flags = up
lxc.network.ipv4 = 192.168.0.2/24
lxc.network.name = eth0
When
Nirmal Guhan vavat...@gmail.com writes:
On Wed, Feb 2, 2011 at 6:25 PM, Trent W. Buck t...@cybersource.com.au wrote:
Brian K. White br...@aljex.com writes:
I just use 02:00:ip address which ends up being automatically unique
enough to not collide with anything else on your subnet assuming
For each lxc.network.type = veth, if you DON'T specify an
lxc.network.hwaddr, you get one assigned at random (example below).
Are these assignments made from a reserved range (a la 169.254/16 in
IPv4), or are they randomized across the entire address space? AFAICT,
it MUST be the latter.
t...@cybersource.com.au (Trent W. Buck)
writes:
Further, when manually allocating a static hwaddr (so I can map it to an
IP within the DHCP server), is there any particular range I should avoid
or stick to?
On further reading, I see there are apparently reserved address regions
for private
Daniel Lezcano daniel.lezc...@free.fr writes:
On 02/02/2011 10:26 AM, Trent W. Buck wrote:
For each lxc.network.type = veth, if you DON'T specify an
lxc.network.hwaddr, you get one assigned at random (example below).
Are these assignments made from a reserved range (a la 169.254/16 in
IPv4
Gary Ballantyne
gary.ballant...@haulashore.com writes:
# /usr/bin/lxc-execute -n foo -f
/usr/share/doc/lxc/examples/lxc-veth.conf /bin/bash
The container fired up, and I could ping to/from the host. However, when
I left the container (with exit) things got weird. In a second
terminal
Brian K. White br...@aljex.com writes:
I just use 02:00:ip address which ends up being automatically unique
enough to not collide with anything else on your subnet assuming you
already know the ip's you want to use
IP=192.168.0.50 # container nic IP
HA=`printf 02:00:%x:%x:%x:%x ${IP//./
Daniel Lezcano daniel.lezc...@free.fr writes:
On 01/12/2011 07:39 AM, Trent W. Buck wrote:
Mikedeb...@good-with-numbers.com writes:
Trent W. Buck wrote:
I can provision a new LXC container, which includes running a few
aptitude install foo lines (inside the containers), and it Just Works
t...@cybersource.com.au (Trent W. Buck)
writes:
I'm being a bit more patient than last time, and I think they ARE
proceeding, just REALLY slowly. Meanwhile aptitude consumes a 100% of a
core busy-waiting for a response from dpkg :-/
They look like this:
$ ssh omega cat /proc/7713
Daniel Lezcano daniel.lezc...@free.fr writes:
On 02/01/2011 12:04 PM, Dean Mao wrote:
Hi,
I've been messing around with trying to get the output of lxc-start into a
file some. I know that lxc-start produces a log file, as well as the
ability to fetch the dmesg file directly from the
Dean Mao dean...@gmail.com writes:
The log file produced by lxc-start doesn't really resemble the output
generated from the container boot.
The output of container's /dev/console is emitted to stdout by default.
You can direct it to a file in your .conf:
lxc.console =
Serge E. Hallyn serge.hal...@canonical.com
writes:
Quoting Trent W. Buck (trentb...@gmail.com):
A race condition in my containers means that occasionally
/var/run/screen/ isn't present when startup finishes and I SSH in.
This results in an error when normal users try to run screen.
I
trentb...@gmail.com (Trent W. Buck)
writes:
If I'm reading this correctly, the hard, block, usrquota I set on /home
isn't being enforced within containers.
root@omega:~# repquota -psn /home
*** Report for user quotas on device /dev/mapper/omega-home
Block grace time: 7days; Inode grace time
A race condition in my containers means that occasionally
/var/run/screen/ isn't present when startup finishes and I SSH in.
This results in an error when normal users try to run screen.
I believe the race is against my lxc integration job:
root@imago:~# cat /etc/init/lxc.conf
Michael Tokarev m...@tls.msk.ru writes:
On 20.01.2011 19:09, Jean-Philippe Menil wrote:
start-stop-daemon --quiet --stop --oknodo --exec /usr/sbin/snmpd
So it's not based on the pid of the process, but on the executable file.
See above. And file a bugreport against debian snmpd startup
If I'm reading this correctly, the hard, block, usrquota I set on /home
isn't being enforced within containers.
root@omega:~# repquota -psn /home
*** Report for user quotas on device /dev/mapper/omega-home
Block grace time: 7days; Inode grace time: 7days
Block limits
Serge E. Hallyn serge.hal...@canonical.com
writes:
I'm seeing this too now in a natty container. If you do
cat EOF /etc/init/lxclo.conf
description fake lo coming up
start on startup
task
exec /sbin/initctl emit net-device-up IFACE=lo
EOF
that should kick rc-sysinit to start, or at
Mike deb...@good-with-numbers.com writes:
This has sort of been mentioned earlier on this list.
I noticed netfilter messages getting trashed in the various
/var/log/messages on a system with two containers, netfilter rules on
the host, and each container and the host running rsyslog. On
I can provision a new LXC container, which includes running a few
aptitude install foo lines (inside the containers), and it Just Works.
If I try to provision two containers at the same time, both containers
appear to hang with a dpkg process in the D state[0].
Has anybody run into this before?
matthew byers faintstlsa...@gmail.com
writes:
Yea i know btrfs has snapshot abilities but my entire server is ext4.
There is a tool to convert an ext filesystem to btrfs IN-PLACE.
I do not recommend it, because I do not recommend btrfs at all -- it is
not production-ready. (I do use it at
Mike deb...@good-with-numbers.com writes:
On a diskless system I have eth0 eth1, and create the bridge on eth1.
I can't put eth0 in a bridge, because it's the port for the NFS root.
Put brctl in the initrd; set up bridge BEFORE mounting NFS?
Daniel Lezcano daniel.lezc...@free.fr writes:
Hmm, the lxc.cgroup is applied before the mount entry in the 0.7.2
version but that was changed and is now applied after the mount
entries in the 0.7.3 version.
I upgraded to 0.7.3 and I'm happy now :-)
t...@cybersource.com.au (Trent W. Buck)
writes:
Serge Hallyn serge.hal...@canonical.com
writes:
You have:
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 4
t...@cybersource.com.au (Trent W. Buck)
writes:
Some combinations of RAM and swap caps aren't allowed, and I'm having a
hard time understanding the pattern (i.e. *why*). From the examples
below, I *think* I cannot assign a smaller swap cap than RAM cap.
The explanation for this is obvious
Andy Billington a...@andybillington.com
writes:
Btrfs-tools says 0.19 as that's what came in from the apt-get. Maybe
newer btrfs versions may work better, but until they qualify for an
apt-get in Ubuntu LTS, they aren't options.
btrfs-tools version is largely irrelevant, it's a tiny C wrapper
Serge E. Hallyn serge.hal...@canonical.com
writes:
Quoting Sascha (sascha.djo...@arcor.de):
as far as i understand, there is no way to stay with network-manager
and using lxc, with bridging interface as the only solution.
Anyone got network-manager going with bridging? On a laptop its no
Daniel Lezcano daniel.lezc...@free.fr writes:
On 12/10/2010 07:21 AM, Nirmal Guhan wrote:
Hi,
Has anyone tried running a GUI app (firefox for instance) inside a
container or as an application container? Just want to know if this
requires any special steps before I tread that path. Am using
Trent W. Buck writes:
This post describes my attempts to get clean shutdown of Ubuntu 10.04
containers. The goal here is that a shutdown -h now of the dom0
should not result in a potentially inconsistent domU postgres database,
cf. a naive lxc-stop.
As this is largely working for me, I have
Serge E. Hallyn serge.hal...@canonical.com
writes:
Quoting Trent W. Buck (t...@cybersource.com.au):
Unfortunately, lxc 0.7's utmp detect requires /var/run to NOT be a
tmpfs. The shipped lxc-ubuntu script works around this by deleting the
ifstate file and not mounting a tmpfs on /var/run
Brian K. White br...@aljex.com writes:
On 12/6/2010 2:42 AM, Trent W. Buck wrote:
I use the latter in my customized /etc/init.d/lxc stop rule.
Note that the lxc-wait's SHOULD be parallelized, but this is not
possible as at lxc 0.7.2 :-(
Sure it is.
Sorry, I meant lxc-wait(8) cannot
Michael H. Warfield m...@wittsend.com
writes:
Yeah, that's something where I wish we had an onboot and/or disabled
config file like OpenVZ does. So you can have some configured but that
don't autoboot when you boot the system. As that stands, you would have
to rename or remove the config
Michael H. Warfield m...@wittsend.com
writes:
Ubuntu 10.04 simply REQUIRES /var/run to be a tmpfs; this is hard-coded
into mountall's (upstart's) /lib/init/fstab.
Are you absolutely SURE about this? I was under the impression this was
under control of the /etc/default/rcS file and the
Brian K. White br...@aljex.com writes:
On 12/6/2010 3:01 AM, Trent W. Buck wrote:
Trent W. Buck writes:
This post describes my attempts to get clean shutdown of Ubuntu 10.04
containers. The goal here is that a shutdown -h now of the dom0
should not result in a potentially inconsistent domU
I rewrote my init script, too, and now I'm pretty happy. Example
interactions below. In the second case, I've dialled the timeout down
to 2s to simulate hung containers.
r...@omega:~# /etc/init.d/lxc restart
Stopping LXC containers: krb-client failed!
Killing LXC containers: kdc
This post describes my attempts to get clean shutdown of Ubuntu 10.04
containers. The goal here is that a shutdown -h now of the dom0
should not result in a potentially inconsistent domU postgres database,
cf. a naive lxc-stop.
As at Ubuntu 10.04 with lxc 0.7.2, lxc-start detects that a
I had a bash process in a container go haywire and consume 100% of a
core yesterday. It made me think:
Is there a way to cap the AMOUNT of CPU a container can use?
I realize I can assign a container to a specific subset of cores
(cpuset), and change how free CPU is divvied up between
Serge E. Hallyn serge.hal...@canonical.com
writes:
Quoting Trent W. Buck (t...@cybersource.com.au):
I encountered, isolated, and worked around this issue.
Symptom: gettys don't start in the container. runlevel(8) reports
unknown instead of N 2.
Problem: ifupdown 0.6.8ubuntu29.1
I encountered, isolated, and worked around this issue.
Symptom: gettys don't start in the container. runlevel(8) reports
unknown instead of N 2.
Problem: ifupdown 0.6.8ubuntu29.1 introduces this change:
ifupdown (0.6.8ubuntu29.1) lucid-proposed; urgency=low
*
C Anthony Risinger anth...@extof.me writes:
On Nov 29, 2010, at 12:17 AM, Trent W. Buck t...@cybersource.com.au
wrote:
Upstream cgroup documentation uses /dev/cgroup. I would appreciate a
udev rules.d file that creates and mounts a cgroup there; I haven't
gotten around to writing one
58 matches
Mail list logo
