Nels Nelson nelsnelson
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo lxc-create -t sshd -n test -f /var/lib/lxc/test/config -l DEBUG -o /tmp/lxc.log &> /dev/null | |
| $ sudo lxc-start -d -n test -f /var/lib/lxc/test/config -P /var/lib/lxc/test -l DEBUG -o /tmp/lxc.log | |
| $ cat /tmp/lxc.log | |
| lxc-create 1391637847.305 WARN lxc_log - lxc_log_init called with log already initialized | |
| lxc-start 1391637853.096 WARN lxc_log - lxc_log_init called with log already initialized | |
| lxc-start 1391637853.099 DEBUG lxc_cgroup - cgroup_init | |
| lxc-start 1391637853.099 INFO lxc_cgroup - Initialized cgroup driver cgroupfs | |
| lxc-start 1391637853.099 INFO lxc_lsm - LSM security driver SELinux | |
| lxc-start 1391637853.099 DEBUG lxc_start - sigchild handler set | |
| lxc-start 1391637853.100 DEBUG lxc_console - no console peer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat /tmp/lxc.log | |
| lxc-create 1392051349.564 WARN lxc_log - lxc_log_init called with log already initialized | |
| lxc-create 1392051349.588 INFO lxc_create_ui - container test created | |
| lxc-start 1392051366.650 INFO lxc_start_ui - using rcfile /var/lib/lxc/test/config | |
| lxc-start 1392051366.650 WARN lxc_log - lxc_log_init called with log already initialized | |
| lxc-start 1392051366.652 DEBUG lxc_cgroup - cgroup_init | |
| lxc-start 1392051366.652 INFO lxc_cgroup - Initialized cgroup driver cgroupfs | |
| lxc-start 1392051366.652 INFO lxc_lsm - LSM security driver SELinux | |
| lxc-start 1392051366.653 DEBUG lxc_start - sigchild handler set | |
| lxc-start 1392051366.653 DEBUG lxc_console - no console peer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # | |
| # lxc: linux Container library | |
| # Authors: | |
| # Daniel Lezcano <daniel.lezcano@free.fr> | |
| # Nels Nelson <nels.n.nelson@gmail.com> | |
| # This library is free software; you can redistribute it and/or |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #! /usr/bin/env bash | |
| exec &>/dev/null | |
| sudo lxc-stop -n outer -t 5 | |
| sudo lxc-destroy -n outer | |
| exec &>/dev/tty | |
| set -x | |
| sudo lxc-create -n outer -t minimal -l DEBUG -o /tmp/lxc.log |
nelsnelson
/ container-nesting-failure-examples.txt
Created
April 8, 2014 19:15
Container nesting failure examples
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # First attempt without apparmor | |
| # | |
| # lxc-create -n outer -t minimal | |
| # ls /var/lib/lxc/outer/rootfs | |
| bin dev etc home lib lib64 proc root run run-dhcp sbin sys tmp usr var | |
| # ls /var/lib/lxc/outer/rootfs/sys | |
| # lxc-start -n outer -- bash | |
| bash: cannot set terminal process group (-1): Inappropriate ioctl for device |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Detect use under userns (unsupported) | |
| for arg in "$@"; do | |
| [ "$arg" = "--" ] && break | |
| if [ "$arg" = "--mapped-uid" -o "$arg" = "--mapped-gid" ]; then | |
| echo "This template can't be used for unprivileged containers." 1>&2 | |
| echo "You may want to try the \"download\" template instead." 1>&2 | |
| exit 1 | |
| fi |
nelsnelson
/ container-cgroups.txt
Created
April 10, 2014 15:50
Container cgroups that get mounted with lxc.mount.auto = cgroup
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| bash-4.2# pwd | |
| /sys/fs/cgroup | |
| bash-4.2# ls | |
| blkio cpu cpuacct cpuset devices freezer hugetlb hugetlb,net_prio,perf_event,blkio,freezer,devices,memory,cpuacct,cpu,cpuset memory net_prio perf_event | |
| bash-4.2# ls -la | |
| total 0 | |
| drwxr-xr-x. 3 root root 260 Apr 9 21:13 . | |
| drwxr-xr-x. 7 root root 0 Apr 9 21:13 .. | |
| lrwxrwxrwx. 1 root root 75 Apr 9 21:13 blkio -> hugetlb,net_prio,perf_event,blkio,freezer,devices,memory,cpuacct,cpu,cpuset | |
| lrwxrwxrwx. 1 root root 75 Apr 9 21:13 cpu -> hugetlb,net_prio,perf_event,blkio,freezer,devices,memory,cpuacct,cpu,cpuset |
nelsnelson
/ nested-containers.txt
Created
April 10, 2014 19:12
Nested containers not visible in host
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # lxc-create -n outer -t minimal | |
| # lxc-start -n outer -d | |
| # lxc-attach -n outer -- bash | |
| bash-4.2# mkdir /var/lib/lxc | |
| bash-4.2# lxc-create -n inner -t minimal | |
| bash-4.2# lxc-start -n inner -d | |
| bash-4.2# lxc-attach -n inner -- bash | |
| bash-4.2# ls /sys/fs/cgroup | |
| blkio cpu cpuacct cpuset devices freezer hugetlb hugetlb,net_prio,perf_event,blkio,freezer,devices,memory,cpuacct,cpu,cpuset memory net_prio perf_event | |
| bash-4.2# |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /sys/fs/cgroup$ ls -la | |
| total 0 | |
| drwxr-xr-x. 4 root root 0 Mar 28 18:42 . | |
| drwxr-xr-x. 7 root root 0 Mar 28 18:42 .. | |
| -r--r--r--. 1 root root 0 Mar 28 18:42 blkio.io_merged | |
| -r--r--r--. 1 root root 0 Mar 28 18:42 blkio.io_merged_recursive | |
| -r--r--r--. 1 root root 0 Mar 28 18:42 blkio.io_queued | |
| -r--r--r--. 1 root root 0 Mar 28 18:42 blkio.io_queued_recursive | |
| -r--r--r--. 1 root root 0 Mar 28 18:42 blkio.io_service_bytes | |
| -r--r--r--. 1 root root 0 Mar 28 18:42 blkio.io_service_bytes_recursive |
nelsnelson
/ gist:10426516
Created
April 10, 2014 21:47
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2013-04-15 Daniel P. Berrange <berrange@redhat.com> | |
| Track symlinks for co-mounted cgroup controllers | |
| If a cgroup controller is co-mounted with another, eg | |
| /sys/fs/cgroup/cpu,cpuacct | |
| Then it is a requirement that there exist symlinks at | |
| /sys/fs/cgroup/cpu |