Re: [Lxc-users] what's the difference in lxc-attach
Quoting Joerg Gollnick (code4lxc+l...@wurzelbenutzer.de): Hello Serge, I think that the main point is the initial setup of the cgroup (directory) structure. systemd tmpfs on /sys/fs/cgroup type tmpfs (rw,nosuid,nodev,noexec,relatime,mode=755) cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,release_agent=/lib/systemd/systemd-cgroups- agent,clone_children,name=systemd) cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset,clone_children) cgroup on /sys/fs/cgroup/ns type cgroup (rw,nosuid,nodev,noexec,relatime,ns) cgroup on /sys/fs/cgroup/cpu type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,clone_children) cgroup on /sys/fs/cgroup/cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpuacct,clone_children) cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory,clone_children) cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices,clone_children) cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer,clone_children) cgroup on /sys/fs/cgroup/net_cls type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,clone_children) cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio,clone_children) That looks an awful lot like the default setup with cgroup-bin installed on a ubuntu oneiric upstart system. Actually, I see ns cgroup is mounted (separately). If you can find a way to not have that mounted, that may solve the issue. I wonder if systemd actually uses ns cgroup (perhaps to lock consoles into a cgroup)? -serge -- Storage Efficiency Calculator This modeling tool is based on patent-pending intellectual property that has been used successfully in hundreds of IBM storage optimization engage- ments, worldwide. Store less, Store more with what you own, Move data to the right place. Try It Now! http://www.accelacomm.com/jaw/sfnl/114/51427378/ ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] what's the difference in lxc-attach
On Sun, Jul 17, 2011 at 2:25 AM, Michael H. Warfield m...@wittsend.comwrote:
On Sat, 2011-07-16 at 23:59 +0300, Ramez Hanna wrote:
On Sat, Jul 16, 2011 at 8:27 PM, Michael H. Warfield m...@wittsend.com
wrote:
On Fri, 2011-07-15 at 20:17 +0300, Ramez Hanna wrote:
Big Snip
thanks a lot for the detailed answer
by the way have you been succesfull in starting a f15 container
on
your
f15?
I now have an F15 container working.
I have been debuggin for 2 hours now
when i start f15 container it screws my host by interfering with
my
hosts's
systemd which somehow doesn't make sense
and when i use systemd-nspawn i get a bunch of errors and the
system
doesn't
finish starting
here is a paste of systemd log from systemd-nspawn session
http://pastie.org/2218625
I haven't tried it yet. Will see what I can do.
Couple of quick questions.
1) You say it screws your host if you don't uses nospawn. What
happens?
host console is not useable, random issues around missing characters
when
i
type
unable to login on other terminals because i cannot type
and i see so many systemd logs on the console
I have a very strong suspicion that systemd is not going to be
compatible with running in a container because it wants to set up and
managed cgroups in the container which it can not do.
When I try to start it with systemd, the first process doesn't even
seem
to come up (number of tasks is 0) and then the host can not remove the
container even after I've done an lxc-stop on it. But that's when I'm
logged in and running lxc-start from an ssh terminal Window. If I
start
it from a real ttyX console then I get all sorts of startup messages
from the container and the consoles are hosed up like the console in
the
container has gotten crosswise with the console in the host. Things
try
to initialize but all sorts of things time out and eventually I have to
reset the host with an Magic SysRq sequence.
Gave up on systemd.
2) Have you disabled the sys_admin cap by dropping it in that
container?
I find that causes me all sorts of grief.
i will try that
Don't. It wouldn't do any good and causes lots of other problems (for
me at least).
3) Was this a fresh template build or did you upgrade an F14
machine to
F15 (I was going to use yum --releasever=15 distro-sync in one of
my
running F14 containers).
yes fresh install
Here's what I've done and now gotten an F15 container to work.
I started out with an F14 container and upgraded it to F15 using the
yum --releasever=15 distro-sync method. I was able to reproduce your
problems above and thought there may be some conflicts over cgroups so
I
decided to disable systemd.
If it's not present (it wasn't for me) install upstart into the
container from the host using yum --installroot={your VM root}
upstart.
Next cd to {your VM root}/sbin and rm init (which is symlinked
to ../bin/systemd) and symlink it to upstart (which is in sbin).
This got me almost there. The machine was starting but I was having
your funky console problem and I realized (largely because I'm working
on other related problems) that it was the ptmx device causing this.
It
was mapping incorrectly.
So, cd to {your VM root}/dev and rm ptmx if it's a hard device and not
a
symlink. Then symlink pts/ptmx to ptmx. If you started with some sort
of template, this may already be done and you may not run into this
problem at all.
Now you should be able to fire your F15 container up.
Also find the lines in /etc/init.d/halt that remount file systems ro or
you'll screw your /dev/pts fs in the host when you shut that container
down or reboot it (and, no, newinstance is not helping with that
problem).
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mhw=|\/\/ | (678) 463-0932 |
http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best
of
all
PGP Key: 0x674627FF| possible worlds. A pessimist is sure of
it!
it is very clear to me that systemd is interfering with the host's
systemd
your solution of running f15 is not much different than running a f14
container (as systemd is the major diff)
systemd-nspawn can start systemd inside a light weight container
i think the problem is related to the fact that when lxc starts teh
cgroup
is on the root of the tree
while it should have been under the user's tree
I'm not so sure I understand what you mean by that last line. What
user's tree are you referring to?
in f15 systemd whenever a user starts a process it looks like this
├ user
│ ├ root
│ │ └
Re: [Lxc-users] what's the difference in lxc-attach
On Sat, Jul 16, 2011 at 8:27 PM, Michael H. Warfield m...@wittsend.comwrote:
On Fri, 2011-07-15 at 20:17 +0300, Ramez Hanna wrote:
Big Snip
thanks a lot for the detailed answer
by the way have you been succesfull in starting a f15 container on
your
f15?
I now have an F15 container working.
I have been debuggin for 2 hours now
when i start f15 container it screws my host by interfering with my
hosts's
systemd which somehow doesn't make sense
and when i use systemd-nspawn i get a bunch of errors and the system
doesn't
finish starting
here is a paste of systemd log from systemd-nspawn session
http://pastie.org/2218625
I haven't tried it yet. Will see what I can do.
Couple of quick questions.
1) You say it screws your host if you don't uses nospawn. What
happens?
host console is not useable, random issues around missing characters when
i
type
unable to login on other terminals because i cannot type
and i see so many systemd logs on the console
I have a very strong suspicion that systemd is not going to be
compatible with running in a container because it wants to set up and
managed cgroups in the container which it can not do.
When I try to start it with systemd, the first process doesn't even seem
to come up (number of tasks is 0) and then the host can not remove the
container even after I've done an lxc-stop on it. But that's when I'm
logged in and running lxc-start from an ssh terminal Window. If I start
it from a real ttyX console then I get all sorts of startup messages
from the container and the consoles are hosed up like the console in the
container has gotten crosswise with the console in the host. Things try
to initialize but all sorts of things time out and eventually I have to
reset the host with an Magic SysRq sequence.
Gave up on systemd.
2) Have you disabled the sys_admin cap by dropping it in that
container?
I find that causes me all sorts of grief.
i will try that
Don't. It wouldn't do any good and causes lots of other problems (for
me at least).
3) Was this a fresh template build or did you upgrade an F14 machine to
F15 (I was going to use yum --releasever=15 distro-sync in one of my
running F14 containers).
yes fresh install
Here's what I've done and now gotten an F15 container to work.
I started out with an F14 container and upgraded it to F15 using the
yum --releasever=15 distro-sync method. I was able to reproduce your
problems above and thought there may be some conflicts over cgroups so I
decided to disable systemd.
If it's not present (it wasn't for me) install upstart into the
container from the host using yum --installroot={your VM root}
upstart.
Next cd to {your VM root}/sbin and rm init (which is symlinked
to ../bin/systemd) and symlink it to upstart (which is in sbin).
This got me almost there. The machine was starting but I was having
your funky console problem and I realized (largely because I'm working
on other related problems) that it was the ptmx device causing this. It
was mapping incorrectly.
So, cd to {your VM root}/dev and rm ptmx if it's a hard device and not a
symlink. Then symlink pts/ptmx to ptmx. If you started with some sort
of template, this may already be done and you may not run into this
problem at all.
Now you should be able to fire your F15 container up.
Also find the lines in /etc/init.d/halt that remount file systems ro or
you'll screw your /dev/pts fs in the host when you shut that container
down or reboot it (and, no, newinstance is not helping with that
problem).
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mhw=|\/\/ | (678) 463-0932 |
http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of
all
PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it!
it is very clear to me that systemd is interfering with the host's systemd
your solution of running f15 is not much different than running a f14
container (as systemd is the major diff)
systemd-nspawn can start systemd inside a light weight container
i think the problem is related to the fact that when lxc starts teh cgroup
is on the root of the tree
while it should have been under the user's tree
maybe serge can say somethiing about this
--
AppSumo Presents a FREE Video for the SourceForge Community by Eric
Ries, the creator of the Lean Startup Methodology on Lean Startup
Secrets Revealed. This video shows you how to validate your ideas,
optimize your ideas and identify your business strategy.
http://p.sf.net/sfu/appsumosfdev2dev___
Lxc-users mailing list
Lxc-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] what's the difference in lxc-attach
On Sat, 2011-07-16 at 23:59 +0300, Ramez Hanna wrote:
On Sat, Jul 16, 2011 at 8:27 PM, Michael H. Warfield m...@wittsend.comwrote:
On Fri, 2011-07-15 at 20:17 +0300, Ramez Hanna wrote:
Big Snip
thanks a lot for the detailed answer
by the way have you been succesfull in starting a f15 container on
your
f15?
I now have an F15 container working.
I have been debuggin for 2 hours now
when i start f15 container it screws my host by interfering with my
hosts's
systemd which somehow doesn't make sense
and when i use systemd-nspawn i get a bunch of errors and the system
doesn't
finish starting
here is a paste of systemd log from systemd-nspawn session
http://pastie.org/2218625
I haven't tried it yet. Will see what I can do.
Couple of quick questions.
1) You say it screws your host if you don't uses nospawn. What
happens?
host console is not useable, random issues around missing characters when
i
type
unable to login on other terminals because i cannot type
and i see so many systemd logs on the console
I have a very strong suspicion that systemd is not going to be
compatible with running in a container because it wants to set up and
managed cgroups in the container which it can not do.
When I try to start it with systemd, the first process doesn't even seem
to come up (number of tasks is 0) and then the host can not remove the
container even after I've done an lxc-stop on it. But that's when I'm
logged in and running lxc-start from an ssh terminal Window. If I start
it from a real ttyX console then I get all sorts of startup messages
from the container and the consoles are hosed up like the console in the
container has gotten crosswise with the console in the host. Things try
to initialize but all sorts of things time out and eventually I have to
reset the host with an Magic SysRq sequence.
Gave up on systemd.
2) Have you disabled the sys_admin cap by dropping it in that
container?
I find that causes me all sorts of grief.
i will try that
Don't. It wouldn't do any good and causes lots of other problems (for
me at least).
3) Was this a fresh template build or did you upgrade an F14 machine to
F15 (I was going to use yum --releasever=15 distro-sync in one of my
running F14 containers).
yes fresh install
Here's what I've done and now gotten an F15 container to work.
I started out with an F14 container and upgraded it to F15 using the
yum --releasever=15 distro-sync method. I was able to reproduce your
problems above and thought there may be some conflicts over cgroups so I
decided to disable systemd.
If it's not present (it wasn't for me) install upstart into the
container from the host using yum --installroot={your VM root}
upstart.
Next cd to {your VM root}/sbin and rm init (which is symlinked
to ../bin/systemd) and symlink it to upstart (which is in sbin).
This got me almost there. The machine was starting but I was having
your funky console problem and I realized (largely because I'm working
on other related problems) that it was the ptmx device causing this. It
was mapping incorrectly.
So, cd to {your VM root}/dev and rm ptmx if it's a hard device and not a
symlink. Then symlink pts/ptmx to ptmx. If you started with some sort
of template, this may already be done and you may not run into this
problem at all.
Now you should be able to fire your F15 container up.
Also find the lines in /etc/init.d/halt that remount file systems ro or
you'll screw your /dev/pts fs in the host when you shut that container
down or reboot it (and, no, newinstance is not helping with that
problem).
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mhw=|\/\/ | (678) 463-0932 |
http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best of
all
PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it!
it is very clear to me that systemd is interfering with the host's systemd
your solution of running f15 is not much different than running a f14
container (as systemd is the major diff)
systemd-nspawn can start systemd inside a light weight container
i think the problem is related to the fact that when lxc starts teh cgroup
is on the root of the tree
while it should have been under the user's tree
I'm not so sure I understand what you mean by that last line. What
user's tree are you referring to?
maybe serge can say somethiing about this
Maybe, maybe not.
The cgroup mounts are where systemd is putting them, not where lxc is
putting them. As it is, lxc is not starting the cgroup anywhere, it's
just using them where they are found. And systemd-nspawn has nothing to
do with lxc.
Seems to me
Re: [Lxc-users] what's the difference in lxc-attach
On Jul 16, 2011 6:26 PM, Michael H. Warfield m...@wittsend.com wrote:
On Sat, 2011-07-16 at 23:59 +0300, Ramez Hanna wrote:
On Sat, Jul 16, 2011 at 8:27 PM, Michael H. Warfield m...@wittsend.com
wrote:
On Fri, 2011-07-15 at 20:17 +0300, Ramez Hanna wrote:
Big Snip
thanks a lot for the detailed answer
by the way have you been succesfull in starting a f15 container
on
your
f15?
I now have an F15 container working.
I have been debuggin for 2 hours now
when i start f15 container it screws my host by interfering with
my
hosts's
systemd which somehow doesn't make sense
and when i use systemd-nspawn i get a bunch of errors and the
system
doesn't
finish starting
here is a paste of systemd log from systemd-nspawn session
http://pastie.org/2218625
I haven't tried it yet. Will see what I can do.
Couple of quick questions.
1) You say it screws your host if you don't uses nospawn. What
happens?
host console is not useable, random issues around missing characters
when
i
type
unable to login on other terminals because i cannot type
and i see so many systemd logs on the console
I have a very strong suspicion that systemd is not going to be
compatible with running in a container because it wants to set up and
managed cgroups in the container which it can not do.
When I try to start it with systemd, the first process doesn't even
seem
to come up (number of tasks is 0) and then the host can not remove the
container even after I've done an lxc-stop on it. But that's when I'm
logged in and running lxc-start from an ssh terminal Window. If I
start
it from a real ttyX console then I get all sorts of startup messages
from the container and the consoles are hosed up like the console in
the
container has gotten crosswise with the console in the host. Things
try
to initialize but all sorts of things time out and eventually I have
to
reset the host with an Magic SysRq sequence.
Gave up on systemd.
2) Have you disabled the sys_admin cap by dropping it in that
container?
I find that causes me all sorts of grief.
i will try that
Don't. It wouldn't do any good and causes lots of other problems (for
me at least).
3) Was this a fresh template build or did you upgrade an F14
machine to
F15 (I was going to use yum --releasever=15 distro-sync in one
of my
running F14 containers).
yes fresh install
Here's what I've done and now gotten an F15 container to work.
I started out with an F14 container and upgraded it to F15 using the
yum --releasever=15 distro-sync method. I was able to reproduce
your
problems above and thought there may be some conflicts over cgroups so
I
decided to disable systemd.
If it's not present (it wasn't for me) install upstart into the
container from the host using yum --installroot={your VM root}
upstart.
Next cd to {your VM root}/sbin and rm init (which is symlinked
to ../bin/systemd) and symlink it to upstart (which is in sbin).
This got me almost there. The machine was starting but I was having
your funky console problem and I realized (largely because I'm working
on other related problems) that it was the ptmx device causing this.
It
was mapping incorrectly.
So, cd to {your VM root}/dev and rm ptmx if it's a hard device and not
a
symlink. Then symlink pts/ptmx to ptmx. If you started with some
sort
of template, this may already be done and you may not run into this
problem at all.
Now you should be able to fire your F15 container up.
Also find the lines in /etc/init.d/halt that remount file systems ro
or
you'll screw your /dev/pts fs in the host when you shut that container
down or reboot it (and, no, newinstance is not helping with that
problem).
Regards,
Mike
--
Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com
/\/\|=mhw=|\/\/ | (678) 463-0932 |
http://www.wittsend.com/mhw/
NIC whois: MHW9 | An optimist believes we live in the best
of
all
PGP Key: 0x674627FF| possible worlds. A pessimist is sure of
it!
it is very clear to me that systemd is interfering with the host's
systemd
your solution of running f15 is not much different than running a f14
container (as systemd is the major diff)
systemd-nspawn can start systemd inside a light weight container
i think the problem is related to the fact that when lxc starts teh
cgroup
is on the root of the tree
while it should have been under the user's tree
I'm not so sure I understand what you mean by that last line. What
user's tree are you referring to?
maybe serge can say somethiing about this
Maybe, maybe not.
The cgroup mounts are where systemd is putting
Re: [Lxc-users] what's the difference in lxc-attach
On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote: how can i check if lxc-attach is not working because of the kernel or because of other bug? On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater legoa...@free.fr wrote: On 04/07/2011 07:46 AM, Ramez Hanna wrote: from a post that i found earlier in the archive subject entering a container by Daniel Lezcano i cannot see the differece between lxc-attach and lxc-execute could someone explain? lxc-execute creates a container and exec's a command/application inside it (see manual). lxc-attach enters a *running* container and exec's a command inside it (manual soon to come). This ability of creating an exogenous process inside a container requires a kernel patchset. Has that patch set even made it into a release? If so, what version is it in and what version are you running. It does not work on my F15 system with a 2.6.38 kernel. If it has not made it into a released kernel, have you built a custom kernel with it? C. Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! signature.asc Description: This is a digitally signed message part -- AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on Lean Startup Secrets Revealed. This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] what's the difference in lxc-attach
On Fri, Jul 15, 2011 at 6:04 PM, Michael H. Warfield m...@wittsend.comwrote: On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote: how can i check if lxc-attach is not working because of the kernel or because of other bug? On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater legoa...@free.fr wrote: On 04/07/2011 07:46 AM, Ramez Hanna wrote: from a post that i found earlier in the archive subject entering a container by Daniel Lezcano i cannot see the differece between lxc-attach and lxc-execute could someone explain? lxc-execute creates a container and exec's a command/application inside it (see manual). lxc-attach enters a *running* container and exec's a command inside it (manual soon to come). This ability of creating an exogenous process inside a container requires a kernel patchset. Has that patch set even made it into a release? If so, what version is it in and what version are you running. It does not work on my F15 system with a 2.6.38 kernel. If it has not made it into a released kernel, have you built a custom kernel with it? I don't know about that patch, so hence my question if there is anyway to know from the host if that capability is available C. Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! -- AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on Lean Startup Secrets Revealed. This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] what's the difference in lxc-attach
On Fri, 2011-07-15 at 18:36 +0300, Ramez Hanna wrote: On Fri, Jul 15, 2011 at 6:04 PM, Michael H. Warfield m...@wittsend.comwrote: On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote: how can i check if lxc-attach is not working because of the kernel or because of other bug? On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater legoa...@free.fr wrote: On 04/07/2011 07:46 AM, Ramez Hanna wrote: from a post that i found earlier in the archive subject entering a container by Daniel Lezcano i cannot see the differece between lxc-attach and lxc-execute could someone explain? lxc-execute creates a container and exec's a command/application inside it (see manual). lxc-attach enters a *running* container and exec's a command inside it (manual soon to come). This ability of creating an exogenous process inside a container requires a kernel patchset. Has that patch set even made it into a release? If so, what version is it in and what version are you running. It does not work on my F15 system with a 2.6.38 kernel. If it has not made it into a released kernel, have you built a custom kernel with it? I don't know about that patch, so hence my question if there is anyway to know from the host if that capability is available From what I can tell, based on some threads from back in March, the patchset has not been merged into the upstream kernel at this time and is almost certainly NOT in 2.6.38.*. I'm currently running Fedora 15 2.6.38.8-32.fc15.x86_64 which does not have the patch and lxc-attach gives this error: [root@forest Alcove]# lxc-attach --name Alcove lxc-attach: Does this kernel version support 'attach' ? lxc-attach: failed to enter the namespace That's probably about the best answer you're going to get. From what I can tell, the last patchset is here: http://lxc.sourceforge.net/patches/linux/2.6.38/ If you want it, you're probably going to have to build yourself a custom kernel with it patched in. Some of the patches have been merged into the upstream kernel but it's not clear to me if we'll have to wait for 3.0 to be released to see them but I suspect that to be the case. We're currently sitting at 3.0-rc7 on that one. 2.6.39.3 is released and stable nut I have no clue what's in there. 2.6.38 is currently at 2.6.38.8, which is what we see in F15 so it is what it is. C. Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! signature.asc Description: This is a digitally signed message part -- AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on Lean Startup Secrets Revealed. This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] what's the difference in lxc-attach
On Fri, Jul 15, 2011 at 7:28 PM, Michael H. Warfield m...@wittsend.comwrote: On Fri, 2011-07-15 at 18:36 +0300, Ramez Hanna wrote: On Fri, Jul 15, 2011 at 6:04 PM, Michael H. Warfield m...@wittsend.com wrote: On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote: how can i check if lxc-attach is not working because of the kernel or because of other bug? On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater legoa...@free.fr wrote: On 04/07/2011 07:46 AM, Ramez Hanna wrote: from a post that i found earlier in the archive subject entering a container by Daniel Lezcano i cannot see the differece between lxc-attach and lxc-execute could someone explain? lxc-execute creates a container and exec's a command/application inside it (see manual). lxc-attach enters a *running* container and exec's a command inside it (manual soon to come). This ability of creating an exogenous process inside a container requires a kernel patchset. Has that patch set even made it into a release? If so, what version is it in and what version are you running. It does not work on my F15 system with a 2.6.38 kernel. If it has not made it into a released kernel, have you built a custom kernel with it? I don't know about that patch, so hence my question if there is anyway to know from the host if that capability is available From what I can tell, based on some threads from back in March, the patchset has not been merged into the upstream kernel at this time and is almost certainly NOT in 2.6.38.*. I'm currently running Fedora 15 2.6.38.8-32.fc15.x86_64 which does not have the patch and lxc-attach gives this error: [root@forest Alcove]# lxc-attach --name Alcove lxc-attach: Does this kernel version support 'attach' ? lxc-attach: failed to enter the namespace That's probably about the best answer you're going to get. From what I can tell, the last patchset is here: http://lxc.sourceforge.net/patches/linux/2.6.38/ If you want it, you're probably going to have to build yourself a custom kernel with it patched in. Some of the patches have been merged into the upstream kernel but it's not clear to me if we'll have to wait for 3.0 to be released to see them but I suspect that to be the case. We're currently sitting at 3.0-rc7 on that one. 2.6.39.3 is released and stable nut I have no clue what's in there. 2.6.38 is currently at 2.6.38.8, which is what we see in F15 so it is what it is. C. Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! thanks a lot for the detailed answer by the way have you been succesfull in starting a f15 container on your f15? I have been debuggin for 2 hours now when i start f15 container it screws my host by interfering with my hosts's systemd which somehow doesn't make sense and when i use systemd-nspawn i get a bunch of errors and the system doesn't finish starting here is a paste of systemd log from systemd-nspawn session http://pastie.org/2218625 -- AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on Lean Startup Secrets Revealed. This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] what's the difference in lxc-attach
On Fri, 2011-07-15 at 19:41 +0300, Ramez Hanna wrote: On Fri, Jul 15, 2011 at 7:28 PM, Michael H. Warfield m...@wittsend.comwrote: On Fri, 2011-07-15 at 18:36 +0300, Ramez Hanna wrote: On Fri, Jul 15, 2011 at 6:04 PM, Michael H. Warfield m...@wittsend.com wrote: On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote: how can i check if lxc-attach is not working because of the kernel or because of other bug? On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater legoa...@free.fr wrote: On 04/07/2011 07:46 AM, Ramez Hanna wrote: from a post that i found earlier in the archive subject entering a container by Daniel Lezcano i cannot see the differece between lxc-attach and lxc-execute could someone explain? lxc-execute creates a container and exec's a command/application inside it (see manual). lxc-attach enters a *running* container and exec's a command inside it (manual soon to come). This ability of creating an exogenous process inside a container requires a kernel patchset. Has that patch set even made it into a release? If so, what version is it in and what version are you running. It does not work on my F15 system with a 2.6.38 kernel. If it has not made it into a released kernel, have you built a custom kernel with it? I don't know about that patch, so hence my question if there is anyway to know from the host if that capability is available From what I can tell, based on some threads from back in March, the patchset has not been merged into the upstream kernel at this time and is almost certainly NOT in 2.6.38.*. I'm currently running Fedora 15 2.6.38.8-32.fc15.x86_64 which does not have the patch and lxc-attach gives this error: [root@forest Alcove]# lxc-attach --name Alcove lxc-attach: Does this kernel version support 'attach' ? lxc-attach: failed to enter the namespace That's probably about the best answer you're going to get. From what I can tell, the last patchset is here: http://lxc.sourceforge.net/patches/linux/2.6.38/ If you want it, you're probably going to have to build yourself a custom kernel with it patched in. Some of the patches have been merged into the upstream kernel but it's not clear to me if we'll have to wait for 3.0 to be released to see them but I suspect that to be the case. We're currently sitting at 3.0-rc7 on that one. 2.6.39.3 is released and stable nut I have no clue what's in there. 2.6.38 is currently at 2.6.38.8, which is what we see in F15 so it is what it is. C. Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! thanks a lot for the detailed answer by the way have you been succesfull in starting a f15 container on your f15? I have been debuggin for 2 hours now when i start f15 container it screws my host by interfering with my hosts's systemd which somehow doesn't make sense and when i use systemd-nspawn i get a bunch of errors and the system doesn't finish starting here is a paste of systemd log from systemd-nspawn session http://pastie.org/2218625 I haven't tried it yet. Will see what I can do. Couple of quick questions. 1) You say it screws your host if you don't uses nospawn. What happens? 2) Have you disabled the sys_admin cap by dropping it in that container? I find that causes me all sorts of grief. 3) Was this a fresh template build or did you upgrade an F14 machine to F15 (I was going to use yum --releasever=15 distro-sync in one of my running F14 containers). Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! signature.asc Description: This is a digitally signed message part -- AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on Lean Startup Secrets Revealed. This video shows you how to validate your ideas, optimize your ideas and identify your business strategy. http://p.sf.net/sfu/appsumosfdev2dev___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
Re: [Lxc-users] what's the difference in lxc-attach
On Fri, Jul 15, 2011 at 8:07 PM, Michael H. Warfield m...@wittsend.comwrote: On Fri, 2011-07-15 at 19:41 +0300, Ramez Hanna wrote: On Fri, Jul 15, 2011 at 7:28 PM, Michael H. Warfield m...@wittsend.com wrote: On Fri, 2011-07-15 at 18:36 +0300, Ramez Hanna wrote: On Fri, Jul 15, 2011 at 6:04 PM, Michael H. Warfield m...@wittsend.com wrote: On Fri, 2011-07-15 at 17:50 +0300, Ramez Hanna wrote: how can i check if lxc-attach is not working because of the kernel or because of other bug? On Thu, Apr 7, 2011 at 10:09 AM, Cedric Le Goater legoa...@free.fr wrote: On 04/07/2011 07:46 AM, Ramez Hanna wrote: from a post that i found earlier in the archive subject entering a container by Daniel Lezcano i cannot see the differece between lxc-attach and lxc-execute could someone explain? lxc-execute creates a container and exec's a command/application inside it (see manual). lxc-attach enters a *running* container and exec's a command inside it (manual soon to come). This ability of creating an exogenous process inside a container requires a kernel patchset. Has that patch set even made it into a release? If so, what version is it in and what version are you running. It does not work on my F15 system with a 2.6.38 kernel. If it has not made it into a released kernel, have you built a custom kernel with it? I don't know about that patch, so hence my question if there is anyway to know from the host if that capability is available From what I can tell, based on some threads from back in March, the patchset has not been merged into the upstream kernel at this time and is almost certainly NOT in 2.6.38.*. I'm currently running Fedora 15 2.6.38.8-32.fc15.x86_64 which does not have the patch and lxc-attach gives this error: [root@forest Alcove]# lxc-attach --name Alcove lxc-attach: Does this kernel version support 'attach' ? lxc-attach: failed to enter the namespace That's probably about the best answer you're going to get. From what I can tell, the last patchset is here: http://lxc.sourceforge.net/patches/linux/2.6.38/ If you want it, you're probably going to have to build yourself a custom kernel with it patched in. Some of the patches have been merged into the upstream kernel but it's not clear to me if we'll have to wait for 3.0 to be released to see them but I suspect that to be the case. We're currently sitting at 3.0-rc7 on that one. 2.6.39.3 is released and stable nut I have no clue what's in there. 2.6.38 is currently at 2.6.38.8, which is what we see in F15 so it is what it is. C. Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! thanks a lot for the detailed answer by the way have you been succesfull in starting a f15 container on your f15? I have been debuggin for 2 hours now when i start f15 container it screws my host by interfering with my hosts's systemd which somehow doesn't make sense and when i use systemd-nspawn i get a bunch of errors and the system doesn't finish starting here is a paste of systemd log from systemd-nspawn session http://pastie.org/2218625 I haven't tried it yet. Will see what I can do. Couple of quick questions. 1) You say it screws your host if you don't uses nospawn. What happens? host console is not useable, random issues around missing characters when i type unable to login on other terminals because i cannot type and i see so many systemd logs on the console 2) Have you disabled the sys_admin cap by dropping it in that container? I find that causes me all sorts of grief. i will try that 3) Was this a fresh template build or did you upgrade an F14 machine to F15 (I was going to use yum --releasever=15 distro-sync in one of my running F14 containers). yes fresh install Regards, Mike -- Michael H. Warfield (AI4NB) | (770) 985-6132 | m...@wittsend.com /\/\|=mhw=|\/\/ | (678) 463-0932 | http://www.wittsend.com/mhw/ NIC whois: MHW9 | An optimist believes we live in the best of all PGP Key: 0x674627FF| possible worlds. A pessimist is sure of it! -- AppSumo Presents a FREE Video for the SourceForge Community by Eric Ries, the creator of the Lean Startup Methodology on Lean Startup Secrets Revealed. This video shows you how to validate your ideas, optimize your ideas and identify your business strategy.
Re: [Lxc-users] what's the difference in lxc-attach
On 04/07/2011 07:46 AM, Ramez Hanna wrote: from a post that i found earlier in the archive subject entering a container by Daniel Lezcano i cannot see the differece between lxc-attach and lxc-execute could someone explain? lxc-execute creates a container and exec's a command/application inside it (see manual). lxc-attach enters a *running* container and exec's a command inside it (manual soon to come). This ability of creating an exogenous process inside a container requires a kernel patchset. C. -- Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev ___ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
