View previous topic :: View next topic |
Author |
Message |
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Thu Jan 27, 2022 5:58 pm Post subject: LXD stop working after setting up Docker |
|
|
Hi everybody.
I heve been running LXD for a while now, using it mostly to run linux virtual machines. It was working flawlessly, without any issue whatsoever. However, I decided to try also docker, for using it for isolating specific applications. It was not hard to setup docker, but LXD stopped working as soon as I finish it. This is what happens now when I run LXD:
Code: |
~> sudo rc-service lxd start
Senha:
* Starting lxcfs. ... [ ok ]
* Starting lxd service ... [ ok ]
~> lxc list
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
| ubuntu-lts | RUNNING | 10.212.105.243 (eth0) | fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 (eth0) | VIRTUAL-MACHINE | 0 |
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
~> lxc list
+------------+---------+------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+------+------+-----------------+-----------+
| ubuntu-lts | STOPPED | | | VIRTUAL-MACHINE | 0 |
+------------+---------+------+------+-----------------+-----------+
~> lxc list
+------------+---------+------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+------+------+-----------------+-----------+
| ubuntu-lts | STOPPED | | | VIRTUAL-MACHINE | 0 |
+------------+---------+------+------+-----------------+-----------+
~> dmesg | grep lxc
[ 67.298021] audit: type=1400 audit(1643299870.396:319): avc: denied { write } for pid=4244 comm="lxc" name="unix.socket" dev="dm-1" ino=26235768 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:var_lib_t tclass=sock_file permissive=1
~> lxc start ubuntu-lts
Error: Failed to run: forklimits limit=memlock:unlimited:unlimited -- /usr/bin/qemu-system-x86_64 -S -name ubuntu-lts -uuid 5de2f6da-f44b-4648-a1f3-266cf3306b59 -daemonize -cpu host -nographic -serial chardev:console -nodefaults -no-user-config -sandbox on,obsolete=deny,elevateprivileges=allow,spawn=deny,resourcecontrol=deny -readconfig /var/log/lxd/ubuntu-lts/qemu.conf -spice unix=on,disable-ticketing=on,addr=/var/log/lxd/ubuntu-lts/qemu.spice -pidfile /var/log/lxd/ubuntu-lts/qemu.pid -D /var/log/lxd/ubuntu-lts/qemu.log -smbios type=2,manufacturer=Canonical Ltd.,product=LXD -runas nobody: char device redirected to /dev/pts/2 (label console)
: Process exited with non-zero value 1
Try `lxc info --show-log ubuntu-lts` for more info
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Location: none
Remote: unix://
Arquitetura: x86_64
Criado: 2022/01/18 22:22 -03
Status: Stopped
Type: virtual-machine
Profiles: default
Log:
qemu-system-x86_64:/var/log/lxd/ubuntu-lts/qemu.conf:128: vhost-vsock: unable to set guest cid: Address already in use
~>
|
I have google a little bit and found this bug report, which shows some similarities with the issue I am reporting. However, the bug seems to have been fixed, so it is hardly what is happening to me.
Those are the details of my install of LXD, LXC, QEMU and DOCKER:
Code: |
~> groups
lp wheel cron audio docker kvm users vboxusers pcap lxd vinicius
~> equery uses lxd
[ Legend : U - final flag setting for installation]
[ : I - package is installed with flag ]
[ Colors : set, unset ]
* Found these USE flags for app-containers/lxd-4.0.8-r2:
U I
+ + ipv6 : Add support for IP version 6
+ + nls : Add Native Language Support (using gettext - GNU locale utilities)
+ + verify-sig : Verify upstream signatures on distfiles
~> equery uses lxc
[ Legend : U - final flag setting for installation]
[ : I - package is installed with flag ]
[ Colors : set, unset ]
* Found these USE flags for app-containers/lxc-4.0.11_p1-r1:
U I
- - doc : Add extra documentation (API, Javadoc, etc). It is recommended to enable per package instead of
globally
- - io-uring : Enable io_uring support, and use io_uring instead of epoll
- - man : Build and install man pages
+ + pam : Add support for PAM (Pluggable Authentication Modules) - DANGEROUS to arbitrarily flip
+ + seccomp : Enable seccomp (secure computing mode) to perform system call filtering at runtime to increase
security of programs
+ + ssl : Add support for SSL/TLS connections (Secure Socket Layer / Transport Layer Security)
+ + tools : Build and install additional command line tools
+ + verify-sig : Verify upstream signatures on distfiles
~> equery uses qemu
[ Legend : U - final flag setting for installation]
[ : I - package is installed with flag ]
[ Colors : set, unset ]
* Found these USE flags for app-emulation/qemu-6.2.0:
U I
- - accessibility : Adds support for braille displays using brltty
+ + aio : Enables support for Linux's Async IO
+ + alsa : Enable alsa output for sound emulation
- - bpf : Enable eBPF support for RSS implementation.
+ + bzip2 : Use the bzlib compression library
+ + curl : Support ISOs / -cdrom directives via HTTP or HTTPS.
- - debug : Enable extra debug codepaths, like asserts and extra output. If you want
to get meaningful backtraces see
https://wiki.gentoo.org/wiki/Project:Quality_Assurance/Backtraces
+ + doc : Add extra documentation (API, Javadoc, etc). It is recommended to enable
per package instead of globally
+ + fdt : Enables firmware device tree support
+ + filecaps : Use Linux file capabilities to control privilege rather than set*id (this
is orthogonal to USE=caps which uses capabilities at runtime e.g. libcap)
- - fuse : Enables FUSE block device export
- - glusterfs : Enables GlusterFS cluster fileystem via sys-cluster/glusterfs
- - gnutls : Enable TLS support for the VNC console server. For 1.4 and newer this also
enables WebSocket support. For 2.0 through 2.3 also enables disk quorum
support.
- - gtk : Add support for x11-libs/gtk+ (The GIMP Toolkit)
- - infiniband : Enable Infiniband RDMA transport support
- - io-uring : Enable efficient I/O via sys-libs/liburing.
- - iscsi : Enable direct iSCSI support via net-libs/libiscsi instead of indirectly
via the Linux block layer that sys-block/open-iscsi does.
- - jack : Add support for the JACK Audio Connection Kit
- - jemalloc : Enable jemalloc allocator support
+ + jpeg : Enable jpeg image support for the VNC console server
- - lzo : Enable support for lzo compression
- - multipath : Enable multipath persistent reservation passthrough via
sys-fs/multipath-tools.
+ + ncurses : Enable the ncurses-based console
- - nfs : Enable NFS support
+ + nls : Add Native Language Support (using gettext - GNU locale utilities)
- - numa : Enable NUMA support
- - opengl : Add support for OpenGL (3D graphics)
+ + oss : Add support for OSS (Open Sound System)
+ + pin-upstream-blobs : Pin the versions of BIOS firmware to the version included in the upstream
release. This is needed to sanely support
migration/suspend/resume/snapshotting/etc... of instances. When the blobs
are different, random corruption/bugs/crashes/etc... may be observed.
- - plugins : Enable qemu plugin API via shared library loading.
+ + png : Enable png image support for the VNC console server
+ + pulseaudio : Enable pulseaudio output for sound emulation
- - python : Add optional support/bindings for the Python language
- - python_targets_python3_10 : Build with Python 3.10
- - python_targets_python3_8 : Build with Python 3.8
+ + python_targets_python3_9 : Build with Python 3.9
- - qemu_softmmu_targets_aarch64 : ARM64 system emulation target
- - qemu_softmmu_targets_alpha : system emulation target
+ + qemu_softmmu_targets_arm : system emulation target
- - qemu_softmmu_targets_avr : system emulation target
- - qemu_softmmu_targets_cris : system emulation target
- - qemu_softmmu_targets_hppa : system emulation target
- - qemu_softmmu_targets_i386 : system emulation target
- - qemu_softmmu_targets_m68k : system emulation target
- - qemu_softmmu_targets_microblaze : system emulation target
- - qemu_softmmu_targets_microblazeel : system emulation target
- - qemu_softmmu_targets_mips : system emulation target
- - qemu_softmmu_targets_mips64 : system emulation target
- - qemu_softmmu_targets_mips64el : system emulation target
- - qemu_softmmu_targets_mipsel : system emulation target
- - qemu_softmmu_targets_nios2 : system emulation target
- - qemu_softmmu_targets_or1k : OpenRISC system emulation target
- - qemu_softmmu_targets_ppc : system emulation target
- - qemu_softmmu_targets_ppc64 : system emulation target
- - qemu_softmmu_targets_riscv32 : system emulation target
- - qemu_softmmu_targets_riscv64 : system emulation target
- - qemu_softmmu_targets_rx : Renesas RX system emulation target
- - qemu_softmmu_targets_s390x : system emulation target
- - qemu_softmmu_targets_sh4 : system emulation target
- - qemu_softmmu_targets_sh4eb : system emulation target
+ + qemu_softmmu_targets_sparc : system emulation target
- - qemu_softmmu_targets_sparc64 : system emulation target
- - qemu_softmmu_targets_tricore : system emulation target
+ + qemu_softmmu_targets_x86_64 : system emulation target
- - qemu_softmmu_targets_xtensa : system emulation target
- - qemu_softmmu_targets_xtensaeb : system emulation target
- - qemu_user_targets_aarch64 : ARM64 userspace emulation target
- - qemu_user_targets_aarch64_be : ARM64 big endian userspace emulation target
- - qemu_user_targets_alpha : userspace emulation target
- - qemu_user_targets_arm : ARM (little endian) userspace emulation target
- - qemu_user_targets_armeb : ARM (big endian) userspace emulation target
- - qemu_user_targets_cris : userspace emulation target
- - qemu_user_targets_hexagon : Qualcomm hexagon userspace emulation target
- - qemu_user_targets_hppa : userspace emulation target
- - qemu_user_targets_i386 : userspace emulation target
- - qemu_user_targets_m68k : userspace emulation target
- - qemu_user_targets_microblaze : userspace emulation target
- - qemu_user_targets_microblazeel : userspace emulation target
- - qemu_user_targets_mips : userspace emulation target
- - qemu_user_targets_mips64 : userspace emulation target
- - qemu_user_targets_mips64el : userspace emulation target
- - qemu_user_targets_mipsel : userspace emulation target
- - qemu_user_targets_mipsn32 : MIPS N32 ABI userspace emulation target
- - qemu_user_targets_mipsn32el : MIPS N32 ABI LE userspace emulation target
- - qemu_user_targets_nios2 : userspace emulation target
- - qemu_user_targets_or1k : OpenRISC system emulation target
- - qemu_user_targets_ppc : PowerPC 32-bit big endian userspace emulation target
- - qemu_user_targets_ppc64 : PowerPC 64-bit big endian userspace emulation target
- - qemu_user_targets_ppc64abi32 : userspace emulation target
- - qemu_user_targets_ppc64le : PowerPC 64-bit little endian userspace emulation target
- - qemu_user_targets_riscv32 : userspace emulation target
- - qemu_user_targets_riscv64 : userspace emulation target
- - qemu_user_targets_s390x : userspace emulation target
- - qemu_user_targets_sh4 : userspace emulation target
- - qemu_user_targets_sh4eb : userspace emulation target
- - qemu_user_targets_sparc : userspace emulation target
- - qemu_user_targets_sparc32plus : userspace emulation target
- - qemu_user_targets_sparc64 : userspace emulation target
+ + qemu_user_targets_x86_64 : userspace emulation target
- - qemu_user_targets_xtensa : userspace emulation target
- - qemu_user_targets_xtensaeb : userspace emulation target
- - rbd : Enable rados block device backend support, see
https://docs.ceph.com/en/mimic/rbd/qemu-rbd/
- - sasl : Add support for the Simple Authentication and Security Layer
- - sdl : Enable the SDL-based console
- - sdl-image : SDL Image support for icons
+ + seccomp : Enable seccomp (secure computing mode) to perform system call filtering at
runtime to increase security of programs
+ + slirp : Enable TCP/IP in hypervisor via net-libs/libslirp
- - smartcard : Enable smartcard support
- - snappy : Enable support for Snappy compression (as implemented in app-arch/snappy)
+ + spice : Enable Spice protocol support via app-emulation/spice
- - ssh : Enable SSH based block device support via net-libs/libssh2
- - static : Build the User and Software MMU (system) targets as well as tools as
static binaries
- - static-user : Build the User targets as static binaries
- - systemtap : Enable SystemTAP/DTrace tracing
- - test : Enable dependencies and/or preparations necessary to run tests (usually
controlled by FEATURES=test but can be toggled independently)
+ + udev : Enable virtual/udev integration (device discovery, power and storage
device support, etc)
- - usb : Enable USB passthrough via dev-libs/libusb
+ + usbredir : Use sys-apps/usbredir to redirect USB devices to another machine over TCP
- - vde : Enable VDE-based networking
+ + vhost-net : Enable accelerated networking using vhost-net, see
https://www.linux-kvm.org/page/VhostNet
- - vhost-user-fs : Enable shared file system access using the FUSE protocol carried over
virtio.
- - virgl : Enable experimental Virgil 3d (virtual software GPU)
+ + virtfs : Enable VirtFS via virtio-9p-pci / fsdev. See
https://wiki.qemu.org/Documentation/9psetup
+ + vnc : Enable VNC (remote desktop viewer) support
- - vte : Enable terminal support ( x11-libs/vte) in the GTK+ interface
+ + xattr : Add support for getting and setting POSIX extended attributes, through
sys-apps/attr. Requisite for the virtfs backend.
- - xen : Enables support for Xen backends
- - xfs : Support xfsctl() notification and syncing for XFS backed virtual disks.
- - zstd : Enable support for ZSTD compression
~> equery uses docker
[ Legend : U - final flag setting for installation]
[ : I - package is installed with flag ]
[ Colors : set, unset ]
* Found these USE flags for app-containers/docker-20.10.9:
U I
- - apparmor : Enable AppArmor support.
- - aufs : Enables dependencies for the "aufs" graph driver, including necessary kernel flags.
- - btrfs : Enables dependencies for the "btrfs" graph driver, including necessary kernel flags.
- - cli : This is a temporary use flag which pulls in app-containers/docker-cli, the docker command
line client. This flag is here to assist in the transition to split packages and will be
removed in a future release.
+ + container-init : Makes the a staticly-linked init system tini available inside a container.
- - device-mapper : Enables dependencies for the "devicemapper" graph driver, including necessary kernel flags.
+ + hardened : Activate default security enhancements for toolchain (gcc, glibc, binutils)
- - overlay : Enables dependencies for the "overlay" graph driver, including necessary kernel flags.
+ + seccomp : Enable seccomp (secure computing mode) to perform system call filtering at runtime to
increase security of programs
|
Regarding kernel parameters, those are the details for lxc:
Code: |
~> lxc-checkconfig
LXC version 4.0.11
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points:
/sys/fs/cgroup/openrc
/sys/fs/cgroup/cpuset
/sys/fs/cgroup/cpu
/sys/fs/cgroup/cpuacct
/sys/fs/cgroup/blkio
/sys/fs/cgroup/memory
/sys/fs/cgroup/devices
/sys/fs/cgroup/freezer
/sys/fs/cgroup/net_cls
/sys/fs/cgroup/perf_event
/sys/fs/cgroup/net_prio
/sys/fs/cgroup/hugetlb
/sys/fs/cgroup/pids
/sys/fs/cgroup/rdma
/sys/fs/cgroup/misc
/sys/fs/cgroup/debug
Cgroup v2 mount points:
/sys/fs/cgroup/unified
Cgroup v1 systemd controller: missing
Cgroup v1 clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled, not loaded
Macvlan: enabled, not loaded
Vlan: enabled, loaded
Bridges: enabled, not loaded
Advanced netfilter: enabled, not loaded
CONFIG_NF_NAT_IPV4: missing
CONFIG_NF_NAT_IPV6: missing
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, loaded
FUSE (for use with lxcfs): enabled, not loaded
--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities:
Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig
~>
|
where the only "disable" message is regarding systemd, which is not an issue here since I am running openrc. For docker this is what I have in the kernel:
Code: |
~> /usr/share/docker/contrib/check-config.sh
info: reading kernel config from /proc/config.gz ...
Generally Necessary:
- cgroup hierarchy: properly mounted [/sys/fs/cgroup]
- CONFIG_NAMESPACES: enabled
- CONFIG_NET_NS: enabled
- CONFIG_PID_NS: enabled
- CONFIG_IPC_NS: enabled
- CONFIG_UTS_NS: enabled
- CONFIG_CGROUPS: enabled
- CONFIG_CGROUP_CPUACCT: enabled
- CONFIG_CGROUP_DEVICE: enabled
- CONFIG_CGROUP_FREEZER: enabled
- CONFIG_CGROUP_SCHED: enabled
- CONFIG_CPUSETS: enabled
- CONFIG_MEMCG: enabled
- CONFIG_KEYS: enabled
- CONFIG_VETH: enabled
- CONFIG_BRIDGE: enabled
- CONFIG_BRIDGE_NETFILTER: enabled (as module)
- CONFIG_IP_NF_FILTER: enabled
- CONFIG_IP_NF_TARGET_MASQUERADE: enabled
- CONFIG_NETFILTER_XT_MATCH_ADDRTYPE: enabled
- CONFIG_NETFILTER_XT_MATCH_CONNTRACK: enabled
- CONFIG_NETFILTER_XT_MATCH_IPVS: enabled (as module)
- CONFIG_NETFILTER_XT_MARK: enabled (as module)
- CONFIG_IP_NF_NAT: enabled
- CONFIG_NF_NAT: enabled
- CONFIG_POSIX_MQUEUE: enabled
Optional Features:
- CONFIG_USER_NS: enabled
- CONFIG_SECCOMP: enabled
- CONFIG_CGROUP_PIDS: enabled
- CONFIG_MEMCG_SWAP: enabled
(cgroup swap accounting is currently enabled)
- CONFIG_LEGACY_VSYSCALL_EMULATE: enabled
- CONFIG_BLK_CGROUP: enabled
- CONFIG_BLK_DEV_THROTTLING: enabled
- CONFIG_CGROUP_PERF: enabled
- CONFIG_CGROUP_HUGETLB: enabled
- CONFIG_NET_CLS_CGROUP: enabled
- CONFIG_CGROUP_NET_PRIO: enabled
- CONFIG_CFS_BANDWIDTH: enabled
- CONFIG_FAIR_GROUP_SCHED: enabled
- CONFIG_RT_GROUP_SCHED: enabled
- CONFIG_IP_NF_TARGET_REDIRECT: enabled
- CONFIG_IP_VS: enabled (as module)
- CONFIG_IP_VS_NFCT: enabled
- CONFIG_IP_VS_PROTO_TCP: enabled
- CONFIG_IP_VS_PROTO_UDP: enabled
- CONFIG_IP_VS_RR: enabled (as module)
- CONFIG_EXT4_FS: enabled
- CONFIG_EXT4_FS_POSIX_ACL: enabled
- CONFIG_EXT4_FS_SECURITY: enabled
- Network Drivers:
- "overlay":
- CONFIG_VXLAN: enabled (as module)
- CONFIG_BRIDGE_VLAN_FILTERING: enabled
Optional (for encrypted networks):
- CONFIG_CRYPTO: enabled
- CONFIG_CRYPTO_AEAD: enabled
- CONFIG_CRYPTO_GCM: enabled
- CONFIG_CRYPTO_SEQIV: enabled
- CONFIG_CRYPTO_GHASH: enabled
- CONFIG_XFRM: enabled
- CONFIG_XFRM_USER: enabled
- CONFIG_XFRM_ALGO: enabled
- CONFIG_INET_ESP: enabled (as module)
- "ipvlan":
- CONFIG_IPVLAN: enabled (as module)
- "macvlan":
- CONFIG_MACVLAN: enabled (as module)
- CONFIG_DUMMY: enabled (as module)
- "ftp,tftp client in container":
- CONFIG_NF_NAT_FTP: enabled (as module)
- CONFIG_NF_CONNTRACK_FTP: enabled (as module)
- CONFIG_NF_NAT_TFTP: enabled (as module)
- CONFIG_NF_CONNTRACK_TFTP: enabled (as module)
- Storage Drivers:
- "aufs":
- CONFIG_AUFS_FS: missing
- "btrfs":
- CONFIG_BTRFS_FS: enabled
- CONFIG_BTRFS_FS_POSIX_ACL: enabled
- "devicemapper":
- CONFIG_BLK_DEV_DM: enabled
- CONFIG_DM_THIN_PROVISIONING: enabled
- "overlay":
- CONFIG_OVERLAY_FS: enabled
- "zfs":
- /dev/zfs: present
- zfs command: available
- zpool command: available
Limits:
- /proc/sys/kernel/keys/root_maxkeys: 1000000
~>
|
The only issue there regards the aufs source, which I have not installed.
Finally, I have also took care of the subuid and subgid issue as reported here:
Code: |
~> cat /etc/subuid
root:1000000:1000000000
lxd:1000000:1000000000
vinicius:1001000000:1000000
developer:1002000000:1000000
~> cat /etc/subgid
root:1000000:1000000000
lxd:1000000:1000000000
vinicius:1001000000:1000000
developer:1002000000:1000000
~>
|
I have no idea where to go, so any help will be greatly welcome since I really need my LXD virtual machine.
Thank you for your attention. |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Thu Jan 27, 2022 6:18 pm Post subject: |
|
|
Hi
try setting cgroups to either "hybrid" or even "legacy" in /etc/rc.conf
Also i see
Quote: |
dmesg | grep lxc
[ 67.298021] audit: type=1400 audit(1643299870.396:319): avc: denied { write } for pid=4244 comm="lxc" name="unix.socket" dev="dm-1" ino=26235768 scontext=staff_u:staff_r:staff_t tcontext=staff_u:object_r:var_lib_t tclass=sock_file permissive=1
|
If you have selinux installed plz disable it.I see you have it in permissive which is ok.
Also you can disable auditd.
It is a logging monster.
Do you really need it?
Also i see
Quote: |
Log:
qemu-system-x86_64:/var/log/lxd/ubuntu-lts/qemu.conf:128: vhost-vsock: unable to set guest cid: Address already in use
|
qemu.conf?
This is weird.
I just launched an ubu container and i have
Code: |
ls /var/log/lxd/ubu
console.log forkstart.log lxc.conf lxc.log lxc.log.old
|
Are you trying to run a VM via lxd?
https://wiki.gentoo.org/wiki/LXD#Virtual_machines
Try
Code: |
lsmod | grep vsock
rmmod vmw_vsock_virtio_transport_common vhost_vsock vsock
|
then try relaunching the container.
Also maybe you need libvirtd running.
Is it?
Do non-systemd containers start normally?
https://bugs.gentoo.org/750410 _________________
|
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Thu Jan 27, 2022 8:03 pm Post subject: |
|
|
Thank you very much alamahant for your reply!
alamahant wrote: | Hi
try setting cgroups to either "hybrid" or even "legacy" in /etc/rc.conf |
I did it, as you can see here:
Code: |
~> cat /etc/rc.conf | grep hybrid
# "hybrid" mounts cgroups version 2 on /sys/fs/cgroup/unified and
rc_cgroup_mode="hybrid"
# when hybrid mode is being used.
# /sys/fs/cgroup in hybrid or legacy mode.
~>
|
It did not solve the crash, and the error message is the same:
Code: |
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Location: none
Remote: unix://
Arquitetura: x86_64
Criado: 2022/01/18 22:22 -03
Status: Stopped
Type: virtual-machine
Profiles: default
Log:
qemu-system-x86_64:/var/log/lxd/ubuntu-lts/qemu.conf:128: vhost-vsock: unable to set guest cid: Address already in use
~>
|
alamahant wrote: |
Also i see
Quote: |
Log:
qemu-system-x86_64:/var/log/lxd/ubuntu-lts/qemu.conf:128: vhost-vsock: unable to set guest cid: Address already in use
|
qemu.conf?
This is weird.
I just launched an ubu container and i have
Code: |
ls /var/log/lxd/ubu
console.log forkstart.log lxc.conf lxc.log lxc.log.old
|
|
I cant check that because the machine is down...
Yes, and, as far as I can tell, I have followed the wiki correctly. In fact, before setting up docker my LXD VM was running smoothly, for several weeks.
alamahant wrote: |
Try
Code: |
lsmod | grep vsock
rmmod vmw_vsock_virtio_transport_common vhost_vsock vsock
|
then try relaunching the container.
|
I have tried but the command rmmod does not work:
Code: |
~> lsmod | grep vsock
vhost_vsock 24576 1
vmw_vsock_virtio_transport_common 36864 1 vhost_vsock
vhost 40960 1 vhost_vsock
vsock 45056 2 vmw_vsock_virtio_transport_common,vhost_vsock
~> rmmod vmw_vsock_virtio_transport_common vhost_vsock vsock
rmmod: ERROR: Module vmw_vsock_virtio_transport_common is in use by: vhost_vsock
rmmod: ERROR: Module vhost_vsock is in use
rmmod: ERROR: Module vsock is in use by: vmw_vsock_virtio_transport_common vhost_vsock
~>
|
alamahant wrote: |
Also maybe you need libvirtd running.
Is it?
|
It was not, and as you may see the user was not in the libvirt group either:
Code: |
~> sudo /etc/init.d/libvirtd status
Senha:
* status: stopped
~> groups
lp wheel cron audio docker kvm users vboxusers pcap lxd vinicius
~>
|
I have added libvirtd to boot and the user to the libvirt group. I will let you know if this works.
I have only tried ubuntu, but I will try a non-systemd and let you know.
Than you again for your reply! |
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Thu Jan 27, 2022 8:15 pm Post subject: |
|
|
alamahant wrote: |
Also maybe you need libvirtd running.
Is it?
|
Now it is setup, but the crashing remains and with the same error:
Code: |
~> groups
lp wheel cron audio docker kvm libvirt users vboxusers pcap lxd vinicius
~> sudo^C
~> sudo /etc/init.d/libvirtd status
Senha:
* status: started
~> sudo rc-service lxd start
* Starting lxcfs. ... [ ok ]
* Starting lxd service ... [ ok ]
~> lxc list
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
| ubuntu-lts | RUNNING | 10.212.105.243 (eth0) | fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 (eth0) | VIRTUAL-MACHINE | 0 |
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
~> lxc list
+------------+---------+------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+------+------+-----------------+-----------+
| ubuntu-lts | STOPPED | | | VIRTUAL-MACHINE | 0 |
+------------+---------+------+------+-----------------+-----------+
~> lxc start ubuntu-lts
Error: Failed to run: forklimits limit=memlock:unlimited:unlimited -- /usr/bin/qemu-system-x86_64 -S -name ubuntu-lts -uuid 5de2f6da-f44b-4648-a1f3-266cf3306b59 -daemonize -cpu host -nographic -serial chardev:console -nodefaults -no-user-config -sandbox on,obsolete=deny,elevateprivileges=allow,spawn=deny,resourcecontrol=deny -readconfig /var/log/lxd/ubuntu-lts/qemu.conf -spice unix=on,disable-ticketing=on,addr=/var/log/lxd/ubuntu-lts/qemu.spice -pidfile /var/log/lxd/ubuntu-lts/qemu.pid -D /var/log/lxd/ubuntu-lts/qemu.log -smbios type=2,manufacturer=Canonical Ltd.,product=LXD -runas nobody: char device redirected to /dev/pts/3 (label console)
: Process exited with non-zero value 1
Try `lxc info --show-log ubuntu-lts` for more info
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Location: none
Remote: unix://
Arquitetura: x86_64
Criado: 2022/01/18 22:22 -03
Status: Stopped
Type: virtual-machine
Profiles: default
Log:
qemu-system-x86_64:/var/log/lxd/ubuntu-lts/qemu.conf:128: vhost-vsock: unable to set guest cid: Address already in use
~>
|
alamahant wrote: |
Also i see
Quote: |
Log:
qemu-system-x86_64:/var/log/lxd/ubuntu-lts/qemu.conf:128: vhost-vsock: unable to set guest cid: Address already in use
|
qemu.conf?
This is weird.
I just launched an ubu container and i have
Code: |
ls /var/log/lxd/ubu
console.log forkstart.log lxc.conf lxc.log lxc.log.old
|
|
Look (this was taken before the machine crashes):
Code: |
~> sudo ls /var/log/lxd/ubuntu-lts
qemu.conf qemu.early.log qemu.log qemu.log.old qemu.monitor qemu.pid qemu.spice
~> sudo cat /var/log/lxd/ubuntu-lts/qemu.conf
# Machine
[machine]
graphics = "off"
type = "q35"
accel = "kvm"
usb = "off"
[global]
driver = "ICH9-LPC"
property = "disable_s3"
value = "1"
[global]
driver = "ICH9-LPC"
property = "disable_s4"
value = "1"
[boot-opts]
strict = "on"
# Console
[chardev "console"]
backend = "pty"
# Memory
[memory]
size = "11444M"
# CPU
[smp-opts]
cpus = "4"
sockets = "1"
cores = "4"
threads = "1"
[object "mem0"]
qom-type = "memory-backend-memfd"
size = "11444M"
share = "on"
[numa]
type = "node"
nodeid = "0"
memdev = "mem0"
# Firmware (read only)
[drive]
file = "/usr/share/edk2-ovmf/OVMF_CODE.fd"
if = "pflash"
format = "raw"
unit = "0"
readonly = "on"
# Firmware settings (writable)
[drive]
file = "/var/lib/lxd/virtual-machines/ubuntu-lts/qemu.nvram"
if = "pflash"
format = "raw"
unit = "1"
# Qemu control
[chardev "monitor"]
backend = "socket"
path = "/var/log/lxd/ubuntu-lts/qemu.monitor"
server = "on"
wait = "off"
[mon]
chardev = "monitor"
mode = "control"
[device "qemu_pcie0"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.0"
chassis = "0"
multifunction = "on"
# Balloon driver
[device "qemu_balloon"]
driver = "virtio-balloon-pci"
bus = "qemu_pcie0"
addr = "00.0"
multifunction = "on"
# Random number generator
[object "qemu_rng"]
qom-type = "rng-random"
filename = "/dev/urandom"
[device "dev-qemu_rng"]
driver = "virtio-rng-pci"
bus = "qemu_pcie0"
addr = "00.1"
rng = "qemu_rng"
# Input
[device "qemu_keyboard"]
driver = "virtio-keyboard-pci"
bus = "qemu_pcie0"
addr = "00.2"
# Input
[device "qemu_tablet"]
driver = "virtio-tablet-pci"
bus = "qemu_pcie0"
addr = "00.3"
# Vsock
[device "qemu_vsock"]
driver = "vhost-vsock-pci"
bus = "qemu_pcie0"
addr = "00.4"
guest-cid = "14"
# Virtual serial bus
[device "dev-qemu_serial"]
driver = "virtio-serial-pci"
bus = "qemu_pcie0"
addr = "00.5"
# LXD serial identifier
[chardev "qemu_serial-chardev"]
backend = "ringbuf"
size = "16B"
[device "qemu_serial"]
driver = "virtserialport"
name = "org.linuxcontainers.lxd"
chardev = "qemu_serial-chardev"
bus = "dev-qemu_serial.0"
# Spice agent
[chardev "qemu_spice-chardev"]
backend = "spicevmc"
name = "vdagent"
[device "qemu_spice"]
driver = "virtserialport"
name = "com.redhat.spice.0"
chardev = "qemu_spice-chardev"
bus = "dev-qemu_serial.0"
# Spice folder
[chardev "qemu_spicedir-chardev"]
backend = "spiceport"
name = "org.spice-space.webdav.0"
[device "qemu_spicedir"]
driver = "virtserialport"
name = "org.spice-space.webdav.0"
chardev = "qemu_spicedir-chardev"
bus = "dev-qemu_serial.0"
# USB controller
[device "qemu_usb"]
driver = "qemu-xhci"
bus = "qemu_pcie0"
addr = "00.6"
[chardev "qemu_spice-usb-chardev1"]
backend = "spicevmc"
name = "usbredir"
[chardev "qemu_spice-usb-chardev2"]
backend = "spicevmc"
name = "usbredir"
[chardev "qemu_spice-usb-chardev3"]
backend = "spicevmc"
name = "usbredir"
[device "qemu_spice-usb1"]
driver = "usb-redir"
chardev = "qemu_spice-usb-chardev1"
[device "qemu_spice-usb2"]
driver = "usb-redir"
chardev = "qemu_spice-usb-chardev2"
[device "qemu_spice-usb3"]
driver = "usb-redir"
chardev = "qemu_spice-usb-chardev3"
[device "qemu_pcie1"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.1"
chassis = "1"
# SCSI controller
[device "qemu_scsi"]
driver = "virtio-scsi-pci"
bus = "qemu_pcie1"
addr = "00.0"
[device "qemu_pcie2"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.2"
chassis = "2"
# Config drive (9p)
[fsdev "qemu_config"]
fsdriver = "local"
security_model = "none"
readonly = "on"
path = "/var/lib/lxd/virtual-machines/ubuntu-lts/config.mount"
[device "dev-qemu_config-drive-9p"]
driver = "virtio-9p-pci"
bus = "qemu_pcie2"
addr = "00.0"
mount_tag = "config"
fsdev = "qemu_config"
multifunction = "on"
[device "qemu_pcie3"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.3"
chassis = "3"
# GPU
[device "qemu_gpu"]
driver = "virtio-vga"
bus = "qemu_pcie3"
addr = "00.0"
[device "qemu_pcie4"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.4"
chassis = "4"
# root drive
[drive "lxd_root"]
file = "/var/lib/lxd/storage-pools/mypool/virtual-machines/ubuntu-lts/root.img"
format = "raw"
if = "none"
cache = "writeback"
aio = "threads"
discard = "on"
media = "disk"
file.locking = "off"
readonly = "off"
[device "dev-lxd_root"]
driver = "scsi-hd"
bus = "qemu_scsi.0"
channel = "0"
scsi-id = "0"
lun = "1"
drive = "lxd_root"
bootindex = "0"
[device "qemu_pcie5"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.5"
chassis = "5"
[device "qemu_pcie6"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.6"
chassis = "6"
[device "qemu_pcie7"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "1.7"
chassis = "7"
[device "qemu_pcie8"]
driver = "pcie-root-port"
bus = "pcie.0"
addr = "2.0"
chassis = "8"
multifunction = "on"
~>
|
|
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Thu Jan 27, 2022 9:35 pm Post subject: |
|
|
Quote: |
~> lsmod | grep vsock
vhost_vsock 24576 1
vmw_vsock_virtio_transport_common 36864 1 vhost_vsock
vhost 40960 1 vhost_vsock
vsock 45056 2 vmw_vsock_virtio_transport_common,vhost_vsock
~> rmmod vmw_vsock_virtio_transport_common vhost_vsock vsock
rmmod: ERROR: Module vmw_vsock_virtio_transport_common is in use by: vhost_vsock
rmmod: ERROR: Module vhost_vsock is in use
rmmod: ERROR: Module vsock is in use by: vmw_vsock_virtio_transport_common vhost_vsock
|
Plz try to rmmod all of them.
Then relaunch container.
See this also
https://discuss.linuxcontainers.org/t/vhost-vsock-unable-to-set-guest-cid-address-already-in-use/6762
ie maybe kill all qemu processes before relaunching.
ALSO
for running systemd containers on openrc hosts plz see
https://wiki.gentoo.org/wiki/LXD#Running_systemd_based_containers_on_OpenRC_hosts
Also i use this
Code: |
mkdir -p /sys/fs/cgroup/systemd
mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd
rc-service lxd start
|
to start lxd.
and i use "hybrid" in rc.conf and i can run both docker and lxd --including systemd-- trouble free.
Maybe it helps....
I think docker doesnt work with "unified" but i am not sure... _________________
|
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Fri Jan 28, 2022 3:57 am Post subject: |
|
|
Thank you again alamahant for your reply.
I managed to do that only after running the command
Code: |
sudo rc-service lxd zap
|
Only after "zapping" the lxd service the modules became available for unloading. However that did not solve the problem.
alamahant wrote: |
for running systemd containers on openrc hosts plz see
https://wiki.gentoo.org/wiki/LXD#Running_systemd_based_containers_on_OpenRC_hosts
Also i use this
Code: |
mkdir -p /sys/fs/cgroup/systemd
mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd
rc-service lxd start
|
to start lxd.
and i use "hybrid" in rc.conf and i can run both docker and lxd --including systemd-- trouble free.
Maybe it helps....
I think docker doesnt work with "unified" but i am not sure... |
Thank you very much, I did all of that and a little more and one of those things appeared to have resolved the issue. Besides your suggestions, I have also have better setup libvirt, following the suggestions here.
So after all of this and some reboots the machines are working again. My VM instance is running now for a few hours without crashing.
However, there seems to be other issues, as shown by the output of lxd --info:
Code: |
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Location: none
Remote: unix://
Arquitetura: x86_64
Criado: 2022/01/18 22:22 -03
Status: Running
Type: virtual-machine
Profiles: default
Pid: 4037
Ips:
enp5s0: inet 10.212.105.243 tapf1c1f312
enp5s0: inet6 fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 tapf1c1f312
enp5s0: inet6 fe80::216:3eff:fe8a:9e79 tapf1c1f312
lo: inet 127.0.0.1
lo: inet6 ::1
cscotun0: inet 172.30.8.181
cscotun0: inet6 fe80::a36b:972b:5c34:2921
cscotun0: inet6 fe80::142a:87a:53f1:2bfe
Resources:
Processes: 116
Uso de disco:
root: 40.58GB
Utilização do CPU:
Utilização do CPU (em segundos): 0
Network usage:
cscotun0:
Bytes recebido: 1.91MB
Bytes enviado: 101.64kB
Packets received: 1708
Packets sent: 1237
enp5s0:
Bytes recebido: 2.51MB
Bytes enviado: 439.65kB
Packets received: 3746
Packets sent: 2892
lo:
Bytes recebido: 1.49MB
Bytes enviado: 1.49MB
Packets received: 4265
Packets sent: 4265
Log:
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
qemu-system-x86_64: warning: 9p: degraded performance: a reasonable high msize should be chosen on client/guest side (chosen msize is <= 8192). See https://wiki.qemu.org/Documentation/9psetup#msize for details.
~>
|
There are two warnings. The one regarding permissions seems to be related with this bug. However the bug, that has been posted six years ago, does not shows a solution.
The second warning seems to be related with this posts. Again, there does not seems to be a solution, although in the end someone suggests a "...switch to linuxcontainers ubuntu image instead of the official ones." I have no idea of the differences between linux ubuntu containers and the official ones. By the way this is how I have criated the VM:
Code: |
lxc launch images:ubuntu/21.04/desktop ubuntu-lts --vm -c security.secureboot=false -c limits.cpu=4 -c limits.memory=12GB -s mypool
|
Well, thank you again for your reply. |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Fri Jan 28, 2022 4:18 pm Post subject: |
|
|
Plz try
Code: |
sudo usermod -aG libvirt,lxd $USER
|
_________________
|
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Fri Jan 28, 2022 7:27 pm Post subject: |
|
|
alamahant wrote: | Plz try
Code: |
sudo usermod -aG libvirt,lxd $USER
|
|
Thank you alamahant for your reply. I believe the $USER, which is named vinicius, is already on those two groups:
Code: |
~> groups
lp wheel cron audio docker kvm libvirt users vboxusers pcap lxd vinicius
~>
|
Anyway, the problem is not solved after all. Today the machine has crashed, and I cant restart it:
Code: |
~> lxc list
+------------+---------+------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+------+------+-----------------+-----------+
| ubuntu-lts | STOPPED | | | VIRTUAL-MACHINE | 0 |
+------------+---------+------+------+-----------------+-----------+
~> lxc start ubuntu-lts
Error: Failed to run: forklimits limit=memlock:unlimited:unlimited -- /usr/bin/qemu-system-x86_64 -S -name ubuntu-lts -uuid 5de2f6da-f44b-4648-a1f3-266cf3306b59 -daemonize -cpu host -nographic -serial chardev:console -nodefaults -no-user-config -sandbox on,obsolete=deny,elevateprivileges=allow,spawn=deny,resourcecontrol=deny -readconfig /var/log/lxd/ubuntu-lts/qemu.conf -spice unix=on,disable-ticketing=on,addr=/var/log/lxd/ubuntu-lts/qemu.spice -pidfile /var/log/lxd/ubuntu-lts/qemu.pid -D /var/log/lxd/ubuntu-lts/qemu.log -smbios type=2,manufacturer=Canonical Ltd.,product=LXD -runas nobody: char device redirected to /dev/pts/6 (label console)
: Process exited with non-zero value 1
Try `lxc info --show-log ubuntu-lts` for more info
~>
|
And it is very frustrating that nothing new is show in the log even after the crash:
Code: |
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Location: none
Remote: unix://
Arquitetura: x86_64
Criado: 2022/01/18 22:22 -03
Status: Stopped
Type: virtual-machine
Profiles: default
Pid: 4037
Resources:
Processes: 0
Uso de disco:
root: 40.73GB
Log:
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
qemu-system-x86_64: warning: 9p: degraded performance: a reasonable high msize should be chosen on client/guest side (chosen msize is <= 8192). See https://wiki.qemu.org/Documentation/9psetup#msize for details.
~>
|
So I guess the issue, whatever it is, has not been solved... |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Fri Jan 28, 2022 7:40 pm Post subject: |
|
|
If you run lxd as root?
I always do.
or.....
something like this?
https://bugs.gentoo.org/593196 _________________
Last edited by alamahant on Fri Jan 28, 2022 7:44 pm; edited 1 time in total |
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Fri Jan 28, 2022 7:41 pm Post subject: |
|
|
Well, I guess there is something very much screwed. I have logged in as root and, even after stopping all processes that may be using the vsock and related modules, the services are simply not stopped and the lxd service keeps running:
Code: |
root ~ # history | grep stop
449 rc-service docker stop
458 rc-service lxd stop
476 rc-service lxd stop
483 /etc/init.d/libvirtd stop
493 rc-service libvirt-guests stop
505 /etc/init.d/lxc stop
507 /etc/init.d/lxcfs stop
509 history | grep stop
root ~ # history | grep zap
486 rc-service libvirtd zap
492 rc-service libvirt-guests zap
498 /etc/init.d/qemu-binfmt zap
501 /etc/init.d/lxc zap
502 /etc/init.d/lxcfs zap
503 /etc/init.d/lxd zap
504 /etc/init.d/lxc zap
510 history | grep zap
root ~ #
|
And, as regular user:
Code: |
~> lxc list
+------------+---------+------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+------+------+-----------------+-----------+
| ubuntu-lts | STOPPED | | | VIRTUAL-MACHINE | 0 |
+------------+---------+------+------+-----------------+-----------+
~>
|
|
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Fri Jan 28, 2022 7:52 pm Post subject: |
|
|
Thank you alamahant for your reply
alamahant wrote: | If you run lxd as root?
I always do.
|
I guess that this is what I always do, because this is how I start the lxd service:
Code: |
sudo rc-service lxd start
|
I have seen thus bug report, but the udev rules that they mention is not shown in the link provided. And, maybe due to simple dumbness, I could not find it in the link. Do you have access to this udev rule?
Thank you again! |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Fri Jan 28, 2022 9:02 pm Post subject: |
|
|
Plz see
Code: |
grep kvm /etc/group
kvm:x:78:qemu
|
Maybe add lxd to kvm group.
Code: |
usermod -aG kvm lxd
|
Also see
Code: |
ls -l /dev/vho*
crw-rw---- 1 root kvm 10, 238 Jan 28 18:10 /dev/vhost-net
crw-rw---- 1 root kvm 10, 241 Jan 28 18:10 /dev/vhost-vsock
|
Its here the problem arises.
Try first with the above and if it doesnt work maybe mess with udev rules.
BUT it seems there is no lxd user,just a group.
So maybe add your user to kvm group. _________________
|
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Fri Jan 28, 2022 11:44 pm Post subject: |
|
|
alamahant wrote: | Plz see
Code: |
grep kvm /etc/group
kvm:x:78:qemu
|
|
Here it goes:
Code: |
~> grep kvm /etc/group
kvm:x:78:qemu,vinicius
~>
|
alamahant wrote: |
Also see
Code: |
ls -l /dev/vho*
crw-rw---- 1 root kvm 10, 238 Jan 28 18:10 /dev/vhost-net
crw-rw---- 1 root kvm 10, 241 Jan 28 18:10 /dev/vhost-vsock
|
|
here:
Code: |
~> ls -l /dev/vho*
crw-rw----. 1 root kvm 10, 238 jan 27 22:39 /dev/vhost-net
crw-rw----. 1 root kvm 10, 241 jan 27 22:44 /dev/vhost-vsock
~>
|
alamahant wrote: |
BUT it seems there is no lxd user,just a group.
So maybe add your user to kvm group. |
I believe it is already there:
Code: |
~> groups vinicius
lp wheel audio users kvm cron vboxusers pcap lxd libvirt docker vinicius
~>
|
alamahant wrote: |
Maybe add lxd to kvm group.
Code: |
usermod -aG kvm lxd
|
|
I will do it and let you know the result.
alamahant wrote: |
Try first with the above and if it doesnt work maybe mess with udev rules.
|
This is the most difficult for me because I dont know where to start. I have wrote very basic udev rules for my wacom pen tablet to work with libinput in the past but that is it.
Thank you again for your reply. |
|
Back to top |
|
|
alamahant Advocate
Joined: 23 Mar 2019 Posts: 3879
|
Posted: Sat Jan 29, 2022 12:00 am Post subject: |
|
|
What happens if you run
Code: |
chmod 666 /dev/vhost-vsock
chmod 666 /dev/vhost-net
|
and launch the container again _________________
|
|
Back to top |
|
|
vcmota Guru
Joined: 19 Jun 2017 Posts: 367
|
Posted: Sat Jan 29, 2022 12:24 am Post subject: |
|
|
Thank you again for your attention alamahant.
alamahant wrote: | What happens if you run
Code: |
chmod 666 /dev/vhost-vsock
chmod 666 /dev/vhost-net
|
and launch the container again |
I did it, rebooted the computer and now I cant even see the available instance:
Code: |
~> sudo mkdir -p /sys/fs/cgroup/systemd
Senha:
~> sudo mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd
~> sudo rc-service lxd start
* Starting lxcfs. ... [ ok ]
* Starting lxd service ... [ ok ]
~> lxc list
Error: Get "http://unix.socket/1.0": dial unix /var/lib/lxd/unix.socket: connect: connection refused
~> lxc list
Error: Get "http://unix.socket/1.0": dial unix /var/lib/lxd/unix.socket: connect: connection refused
~> lxc console ubuntu-lts --type=vga
Error: Get "http://unix.socket/1.0": dial unix /var/lib/lxd/unix.socket: connect: connection refused
~>
|
EDIT: I decided to simply stop and zap the lxd service, restarted it, and now it is up:
Code: |
~> sudo /etc/init.d/lxd status
* status: crashed
~> sudo rc-service lxd stop
* Stopping lxd service and containers, waiting 40s ...
* start-stop-daemon: no matching processes found [ ok ]
~> sudo rc-service lxd zap
* Manually resetting lxd to stopped state
~> sudo /etc/init.d/lxd status
* status: stopped
~> sudo rc-service lxd start
* Starting lxd service ... [ ok ]
~> lxd list
Error: unknown command "list" for "lxd"
~> lxc list
+------------+---------+-------------------------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+-------------------------+------+-----------------+-----------+
| ubuntu-lts | RUNNING | 10.212.105.243 (enp5s0) | | VIRTUAL-MACHINE | 0 |
+------------+---------+-------------------------+------+-----------------+-----------+
~> lxc list
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
| ubuntu-lts | RUNNING | 10.212.105.243 (enp5s0) | fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 (enp5s0) | VIRTUAL-MACHINE | 0 |
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
~> lxc list
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
| ubuntu-lts | RUNNING | 10.212.105.243 (enp5s0) | fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 (enp5s0) | VIRTUAL-MACHINE | 0 |
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
~>
|
The log, however, remains unchanged:
Code: |
~> lxc info --show-log ubuntu-lts
Name: ubuntu-lts
Location: none
Remote: unix://
Arquitetura: x86_64
Criado: 2022/01/18 22:22 -03
Status: Running
Type: virtual-machine
Profiles: default
Pid: 6487
Ips:
enp5s0: inet 10.212.105.243 tapa5caac4e
enp5s0: inet6 fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 tapa5caac4e
enp5s0: inet6 fe80::216:3eff:fe8a:9e79 tapa5caac4e
lo: inet 127.0.0.1
lo: inet6 ::1
Resources:
Processes: 104
Uso de disco:
root: 40.75GB
Utilização do CPU:
Utilização do CPU (em segundos): 0
Network usage:
enp5s0:
Bytes recebido: 51.89kB
Bytes enviado: 29.84kB
Packets received: 126
Packets sent: 236
lo:
Bytes recebido: 5.69kB
Bytes enviado: 5.69kB
Packets received: 57
Packets sent: 57
Log:
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
warning: tap: open vhost char device failed: Permission denied
qemu-system-x86_64: warning: 9p: degraded performance: a reasonable high msize should be chosen on client/guest side (chosen msize is <= 8192). See https://wiki.qemu.org/Documentation/9psetup#msize for details.
~>
|
EDIT#2: I can also stop and restart the machine at will at this point:
Code: |
~> lxc list
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
| ubuntu-lts | RUNNING | 10.212.105.243 (enp5s0) | fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 (enp5s0) | VIRTUAL-MACHINE | 0 |
+------------+---------+-------------------------+-------------------------------------------------+-----------------+-----------+
~> lxc stop ubuntu-lts
~> lxc list
+------------+---------+------+------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+------+------+-----------------+-----------+
| ubuntu-lts | STOPPED | | | VIRTUAL-MACHINE | 0 |
+------------+---------+------+------+-----------------+-----------+
~> lxc start ubuntu-lts
~> lxc list
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
| ubuntu-lts | RUNNING | 10.212.105.243 (eth0) | fd42:daae:1bcc:36cb:216:3eff:fe8a:9e79 (eth0) | VIRTUAL-MACHINE | 0 |
+------------+---------+-----------------------+-----------------------------------------------+-----------------+-----------+
~>
|
|
|
Back to top |
|
|
|
|
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
|