Le 29/10/2010 12:00, Osier a écrit :
On 10/29/2010 04:42 PM, Jean-Philippe Menil wrote:
Hi,
i'm trying to test the lxc support in libvirt, but but libvirt failed to
start container with error "lxcContainerAvailable:897 : clone call
returned Operation not permitted, container support is not enabled"
What's the kernel version you use? Just as the error message says, the
system call 'clone' failed, It's probly caused by lacking of kernel
support.
At least you should make sure 'clone' support these flags:
CLONE_NEWPID, CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, SIGCHLD
- Osier
Althought i've compiled libvirt with th lxc support:
configure: Configuration summary
configure: =====================
configure:
configure: Drivers
configure:
configure: Xen: no
configure: Proxy: no
configure: QEMU: yes
configure: UML: yes
configure: OpenVZ: no
configure: VBox: no
configure: XenAPI: no
configure: LXC: yes
configure: PHYP: no
configure: ONE: no
configure: ESX: no
configure: Test: yes
configure: Remote: yes
configure: Network: yes
configure: Libvirtd: yes
configure: netcf: no
configure: macvtap: yes
configure: virtport: no
Here is my xml:
<domain type='lxc'>
<name>lxc1</name>
<memory>500000</memory>
<os>
<type>exe</type>
<init>/bin/sh</init>
</os>
<vcpu>1</vcpu>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<emulator>/usr/lib/libvirt/libvirt_lxc</emulator>
<filesystem type='mount'>
<source dir='/var/lib/lxc/lxc1/rootfs'/>
<target dir='/'/>
</filesystem>
<interface type='bridge'>
<source bridge='U13'/>
<target dev='veth0'/>
</interface>
<console type='pty' >
<target port='5'/>
</console>
</devices>
</domain>
And here are the errors:
10:41:09.968: debug : virCgroupNew:542 : New group /
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
1:cpuacct at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
2:cpuset at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
3:memory at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
4:devices at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
5:freezer at /var/local/cgroup in
10:41:09.968: debug : virCgroupNew:542 : New group /libvirt
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
1:cpuacct at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
2:cpuset at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
3:memory at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
4:devices at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
5:freezer at /var/local/cgroup in
10:41:09.968: debug : virCgroupMakeGroup:484 : Make group /libvirt
10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
/var/local/cgroup/libvirt/
10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
/var/local/cgroup/libvirt/
10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
/var/local/cgroup/libvirt/
10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
/var/local/cgroup/libvirt/
10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
/var/local/cgroup/libvirt/
10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
/var/local/cgroup/libvirt/
10:41:09.968: debug : virCgroupNew:542 : New group /libvirt/lxc
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
1:cpuacct at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
2:cpuset at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
3:memory at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
4:devices at /var/local/cgroup in
10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
5:freezer at /var/local/cgroup in
10:41:09.968: debug : virCgroupMakeGroup:484 : Make group /libvirt/lxc
10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
/var/local/cgroup/libvirt/lxc/
10:41:09.968: debug : lxcControllerRun:595 : Setting up private /dev/pts
10:41:10.012: debug : lxcControllerRun:621 : Mouting 'devpts' on
/var/lib/lxc/lxc1/rootfs/dev/pts
10:41:10.012: debug : lxcControllerRun:636 : Opening tty on private
/var/lib/lxc/lxc1/rootfs/dev/pts/ptmx
10:41:10.044: debug : lxcContainerAvailable:897 : clone call returned
Operation not permitted, container support is not enabled
10:41:10.044: debug : lxcContainerStart:848 : Enable network namespaces
10:41:10.076: debug : lxcContainerStart:854 : clone() completed, new
container PID is -1
10:41:10.076: error : lxcContainerStart:858 : Failed to run clone
container: Operation not permitted
10:41:10.076: debug : vethDelete:159 : veth: veth1
10:41:10.076: debug : virRunWithHook:818 : ip link del veth1
Can someone tell me what i'm doing wrong?
Many thanks.
Regards.
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
Hi,
thanks for your response.
The kernel is a 2.6.36 wit hthe following:
root@redbreast:/tmp# cat /boot/config-2.6.36-dsiun-1a | grep -i pid
CONFIG_PROC_PID_CPUSET=y
CONFIG_PID_NS=y
# CONFIG_SPI_SPIDEV is not set
CONFIG_HID_PID=y
root@redbreast:/tmp# cat /boot/config-2.6.36-dsiun-1a | grep -i cgroup
CONFIG_CGROUPS=y
CONFIG_CGROUP_DEBUG=y
CONFIG_CGROUP_NS=y
CONFIG_CGROUP_FREEZER=y
CONFIG_CGROUP_DEVICE=y
CONFIG_CGROUP_CPUACCT=y
CONFIG_CGROUP_MEM_RES_CTLR=y
CONFIG_CGROUP_MEM_RES_CTLR_SWAP=y
CONFIG_CGROUP_SCHED=y
CONFIG_BLK_CGROUP=m
# CONFIG_DEBUG_BLK_CGROUP is not set
CONFIG_NET_CLS_CGROUP=y
Can you explain, how can i check the clone flags?
Many thanks.
Regards.
begin:vcard
fn:Jean-Philippe Menil
n:Menil;Jean-Philippe
org;quoted-printable:Universit=C3=A9 de Nantes;IRTS - DSI
adr;quoted-printable:;;2, rue de la Houssini=C3=A8re;Nantes;Loire-Atlantique;44332;France
email;internet:jean-philippe.menil@xxxxxxxxxxxxxx
title;quoted-printable:Administrateur R=C3=A9seau
tel;work:02.51.12.53.92
tel;fax:02.51.12.58.60
x-mozilla-html:FALSE
url:http://www.criun.univ-nantes.fr/
version:2.1
end:vcard
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list