Hi,
to me it seems this is not a bug, but an issue with the default config.
To run virtualization in a LXD container - which by default is unprivileged for
security you have to make some changes.
We will not change LXD/Libvirt defaults for that afaik, but the following is my
recommendation as a container profile addition to get KVM+Libvirt running fine
in a container.
config:
boot.autostart: "true"
linux.kernel_modules: openvswitch,nbd,ip_tables,ip6_tables,kvm
security.nesting: "true"
security.privileged: "true"
description: ""
devices:
eth0:
mtu: "9000"
name: eth0
nictype: bridged
parent: lxdbr0
type: nic
kvm:
path: /dev/kvm
type: unix-char
mem:
path: /dev/mem
type: unix-char
tun:
path: /dev/net/tun
type: unix-char
name: kvm
used_by: []
You can create that with "lxc profile new kvm" and then launch those guests
that need it with default+kvm profile, while leaving the other secure and
unprivileged.
$ lxc launch ubuntu-daily:c/amd64 c --profile default --profile kvm
I hope that helps to understand, but IMHO it is not a bug.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1802906
Title:
libvirt inside lxd container cannot start virbr0 (Unable to set bridge
virbr0 forward_delay: Permission denied)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1802906/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
