Re: Lxc support

[Jean-Philippe Menil <jean-philippe.menil@xxxxxxxxxxxxxx>]

Le 29/10/2010 15:59, Daniel P. Berrange a Ãcrit :
> On Fri, Oct 29, 2010 at 03:41:25PM +0200, Jean-Philippe Menil wrote:
> > Le 29/10/2010 14:51, Serge Hallyn a Ãcrit :
> > > Quoting Jean-Philippe Menil (jean-philippe.menil@xxxxxxxxxxxxxx):
> > > > 10:41:10.076: error : lxcContainerStart:858 : Failed to run clone
> > > > container: Operation not permitted
> > >
> > > I would guess that the libvirt process creating the container has dropped
> > > some
> > > of the needed capabilities (CAP_SYS_ADMIN and a few others).  Is libvirtd
> > > running as root?  What does /proc/$$/status for that process show?
> > Hi,
> >
> > libvirt is running as root.
> >
> > root@redbreast:/tmp# ps aux | grep libvirtd | grep -v grep
> > root     15718  0.0  0.0 157760  2924 ?        Sl   15:35   0:00
> > /usr/sbin/libvirtd -d
> >
> > root@redbreast:/tmp# cat /proc/15718/status
> > Name:	libvirtd
> > State:	S (sleeping)
> > Tgid:	15718
> > Pid:	15718
> > PPid:	1
> > TracerPid:	0
> > Uid:	0	0	0	0
> > Gid:	0	0	0	0
> > FDSize:	64
> > Groups:	0
> > VmPeak:	  181892 kB
> > VmSize:	  157760 kB
> > VmLck:	       0 kB
> > VmHWM:	    2924 kB
> > VmRSS:	    2924 kB
> > VmData:	  115012 kB
> > VmStk:	     136 kB
> > VmExe:	     792 kB
> > VmLib:	    6372 kB
> > VmPTE:	     124 kB
> > VmSwap:	       0 kB
> > Threads:	7
> > SigQ:	2/16382
> > SigPnd:	0000000000000000
> > ShdPnd:	0000000000000000
> > SigBlk:	0000000000000000
> > SigIgn:	0000000000001000
> > SigCgt:	0000000180014007
> > CapInh:	0000000000000000
> > CapPrm:	ffffffffffffffff
> > CapEff:	ffffffffffffffff
> > CapBnd:	ffffffffffffffff
> > Cpus_allowed:	ffff
> > Cpus_allowed_list:	0-15
> > Mems_allowed:	00000000,00000003
> > Mems_allowed_list:	0-1
> > voluntary_ctxt_switches:	321
> > nonvoluntary_ctxt_switches:	7
> >
> > and
> >
> > root@redbreast:/tmp# cat /proc/15718/cgroup
> > 1:blkio,net_cls,freezer,devices,memory,cpuacct,cpu,ns,debug,cpuset:/
>
> The problem is probably the 'blkio' controller combined with the 'ns'
> controller. The 'blkio' controller will refuse to allow creation of
> any child cgroups. This will cause the libvirt warning you see below.
> It will also break the 'ns' cgroup, because that *requires* that you
> can create child cgroups when creating a new container.
>
> > root@redbreast:/tmp# mount | grep cgroup
> > none on /var/local/cgroup type cgroup (rw)
> >
> > In the log, i can find the following:
> > 15:35:58.853: debug : virCgroupMakeGroup:496 : Make controller
> > /var/local/cgroup/libvirt/lxc/
> > 15:35:58.853: warning : lxcStartup:2109 : Unable to create cgroup for
> > driver: Operation not permitted
>
>
> Daniel
Yes, you are right.
Removing the blk_cgroup module, and now everything work's fine.

Many thanks for your help.

Regards.

begin:vcard
fn:Jean-Philippe Menil
n:Menil;Jean-Philippe
org;quoted-printable:Universit=C3=A9 de Nantes;IRTS - DSI
adr;quoted-printable:;;2, rue de la Houssini=C3=A8re;Nantes;Loire-Atlantique;44332;France
email;internet:jean-philippe.menil@xxxxxxxxxxxxxx
title;quoted-printable:Administrateur R=C3=A9seau
tel;work:02.51.12.53.92
tel;fax:02.51.12.58.60
x-mozilla-html:FALSE
url:http://www.criun.univ-nantes.fr/
version:2.1
end:vcard

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list