/r/LXC
LXC stands for Linux containers and is a open source Linux container project in development since 2009. LXC provides lightweight OS containers, tools for container management and a wide choice of container OS templates.
LXC is supported in the vanilla Linux kernel and works out of the box on most Linux distributions.
LXC is developed by Daniel Lezcano, Stéphane Graber(Ubuntu) and Serge Hallyn(Ubuntu) and a team of open source developers.
Join the LXD/LXC user's mailer group to communicate with Devs & others regarding support questions.
LXC stands for Linux containers and is a open source Linux container project in development since 2009. LXC provides lightweight OS containers, tools for container management and a wide choice of container OS templates.
LXC is supported in the vanilla Linux kernel and works out of the box on most Linux distributions.
LXC is developed by Daniel Lezcano, Stéphane Graber (Ubuntu) and Serge Hallyn and a team of open source developers.
/r/LXC
1,776 Subscribers
How to install your server for lxc snapshot operations ?
I used to install my server with ubuntu server 22.04 on sata ssd with enough room and ext4 filesystem. After the os installation, i initialize lxd with lxd init command and i create a lxd storage on a secondary nvme drive in block mode with zfs filesystem. Unfortunately, publish and export images take so very long time.
So how do you optimize your server to be able to backup and export lxc container quickly ?
My server is a dell r740xd with dual xeon silver with 256gb ddr4 ecc.
Using Raidz2 with several disks can improve the performance but i search your tips and feedback.
Yours.
19:51 UTC
ROS and LXC container Problem
Hi there,
I am currently running into series problems and about to lose my mind xD
I am new to ros 1 and ubuntu systems, i am running dual boot of windows 11 and ubuntu 22.04 LTS.
inside the ubuntu 22.04 i have installed lxc container service, and setup a new container of ubuntu 20.04.
(If someone asked why do not you install 20.04 directly dual boot i will say i wish i could!, there were infinite problems with dual booting 20.04 on my asus laptop, the last problem were that the keyboard not working so I downloaded 22.04 to be compatible with my laptop, as I have searched and found that new laptops are not quite compatible with old ubuntu versions)^^^
Anyways, now I have installed lxc ubuntu 20.04 container and named it "ros1", to install ros 1 on my container I followed the exact instructions from ros neotic installation, this link : "http://wiki.ros.org/noetic/Installation/Ubuntu"
The ros 1 was successfully installed, and roscore is running ok, but the tutlesim is not working!!
when i try the command:
"rosrun turtlesim turtlesim_node"
it gives me the following error "qt.qpa.xcb: could not connect to display
qt.qpa.plugin: Could not load the Qt platform plugin "xcb" in "" even though it was found.
This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem.
Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, xcb.
Aborted (core dumped)"
After a lot and a lot of search I figured out that the problem is in X11 server regarding GPU set.
I tried to set it and allow the permisions but I could not, every command I run about X11 said permision denied, for example "lxc exec ros1 -- bash -c 'export DISPLAY=:1'"
gives me error of "Error: Get "http://unix.socket/1.0": dial unix /var/snap/lxd/common/lxd/unix.socket: connect: permission denied"
and yes my export DISPLAY command is set to port :1 not :0, I am sure that I am :1 and tested it with running command xeyes on my host, it works well!
But inside the ros1 container of ubuntu 20.04 if i tried to run xeyes it says can not open
"Error: Can't open display: :1"
So, i need to enableX11 server on my lxc container I think or things like that, I am not sure what to do I just want to run the "rosrun turtlesim turtlesim_node" command and open the turtle window, please anyone could help because I have been in this problem for four complete days and do not know what to do.
16:16 UTC
Questions about LXC from a non-programmer's perspective
Hi, I'm new to this lxc containers thing but I want to resolve some doubts about it. I have been working for a while on a virtual machine just to run an animation software developed exclusively for CentOS 7 and 8. My goal is to run this software without the virtual machine and run it with the benefit of my hardware and not the emulated machine hardware. How I should proceed? Should I use LXC? Should I use Docker? Could I benefit from hardware acceleration? Could any GUI software run in LXC/Docker containers? If so, would it be easy to deal with any configuration for X11 or Wayland inside the container?
Maybe these are stupid questions, but I'm not a programmer. I'm just an amateur Linux user with average knowledge to handle some configurations and basic things. I have two machines where I run the qemu/kvm virtual machine; one with OpenSUSE Tumbleweed and the other with Fedora 39. Any help would be greatly appreciated.
02:57 UTC
lxd-to-incus fails to start containers on void linux
[services@blackhole ~]$ incus start elasticsearch-container
Error: Error occurred when starting proxy device: Error: No such file or directory - Failed to safely open namespace file descriptor based on pidfd 3
Try `incus info --show-log elasticsearch-container` for more info[services@blackhole ~]$ incus start elasticsearch-container
Error: Error occurred when starting proxy device: Error: No such file or directory - Failed to safely open namespace file descriptor based on pidfd 3
Try `incus info --show-log elasticsearch-container` for more infoAfter doing lxd-to-incus which worked without issues, I get this error trying to start containers.
Can anyone assist me? All of my containers are now stuck and my entire infrastructure is kind of at a halt because I cant start these containers now and it completely wiped LXD from my system.
Here is the debug log:
```
lxc elasticsearch-container 20240605011615.690 INFO lxccontainer - ../src/lxc/lxccontainer.c:do_lxcapi_start:997 - Set process title to [lxc monitor] /var/lib/incus/containers elasticsearch-container
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 4
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 5
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 6
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 16
lxc elasticsearch-container 20240605011615.691 INFO lsm - ../src/lxc/lsm/lsm.c:lsm_init_static:38 - Initialized LSM security driver nop
lxc elasticsearch-container 20240605011615.691 INFO conf - ../src/lxc/conf.c:run_script_argv:340 - Executing script "/proc/1057/exe callhook /var/lib/incus "default" "elasticsearch-container" start" for container "elasticsearch-container"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "[all]"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "reject_force_umount # comment this to allow umount -f; not recommended"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "[all]"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "kexec_load errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[246:kexec_load] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[246:kexec_load] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[246:kexec_load] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "open_by_handle_at errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[304:open_by_handle_at] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[304:open_by_handle_at] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[304:open_by_handle_at] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "init_module errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[175:init_module] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[175:init_module] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[175:init_module] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "finit_module errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[313:finit_module] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[313:finit_module] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[313:finit_module] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "delete_module errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[176:delete_module] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[176:delete_module] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[176:delete_module] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:1017 - Merging compat seccomp contexts into main context
lxc elasticsearch-container 20240605011615.731 INFO start - ../src/lxc/start.c:lxc_init:881 - Container "elasticsearch-container" is initialized
lxc elasticsearch-container 20240605011615.732 INFO cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_monitor_create:1383 - The monitor process uses "lxc.monitor.elasticsearch-container" as cgroup
lxc elasticsearch-container 20240605011615.756 INFO cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_payload_create:1491 - The container process uses "lxc.payload.elasticsearch-container" as inner and "lxc.payload.elasticsearch-container" as limit cgroup
lxc elasticsearch-container 20240605011615.764 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWUSER
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWNS
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWPID
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWUTS
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWIPC
lxc elasticsearch-container 20240605011615.771 INFO conf - ../src/lxc/conf.c:lxc_map_ids:3603 - Caller maps host root. Writing mapping directly
lxc elasticsearch-container 20240605011615.771 NOTICE utils - ../src/lxc/utils.c:lxc_drop_groups:1368 - Dropped supplimentary groups
lxc elasticsearch-container 20240605011615.772 WARN cgfsng - ../src/lxc/cgroups/cgfsng.c:fchowmodat:1611 - No such file or directory - Failed to fchownat(44, memory.oom.group, 65536, 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc elasticsearch-container 20240605011615.772 WARN cgfsng - ../src/lxc/cgroups/cgfsng.c:fchowmodat:1611 - No such file or directory - Failed to fchownat(44, memory.reclaim, 65536, 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc elasticsearch-container 20240605011615.773 INFO start - ../src/lxc/start.c:do_start:1104 - Unshared CLONE_NEWNET
lxc elasticsearch-container 20240605011615.773 NOTICE utils - ../src/lxc/utils.c:lxc_drop_groups:1368 - Dropped supplimentary groups
lxc elasticsearch-container 20240605011615.773 NOTICE utils - ../src/lxc/utils.c:lxc_switch_uid_gid:1344 - Switched to gid 0
lxc elasticsearch-container 20240605011615.773 NOTICE utils - ../src/lxc/utils.c:lxc_switch_uid_gid:1353 - Switched to uid 0
lxc elasticsearch-container 20240605011615.773 INFO start - ../src/lxc/start.c:do_start:1204 - Unshared CLONE_NEWCGROUP
lxc elasticsearch-container 20240605011615.806 INFO conf - ../src/lxc/conf.c:setup_utsname:875 - Set hostname to "elasticsearch-container"
lxc elasticsearch-container 20240605011615.815 INFO network - ../src/lxc/network.c:lxc_setup_network_in_child_namespaces:4019 - Finished setting up network devices with caller assigned names
lxc elasticsearch-container 20240605011615.815 INFO conf - ../src/lxc/conf.c:mount_autodev:1219 - Preparing "/dev"
lxc elasticsearch-container 20240605011615.815 INFO conf - ../src/lxc/conf.c:mount_autodev:1280 - Prepared "/dev"
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_fill_autodev:1317 - Populating "/dev"
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_fill_autodev:1405 - Populated "/dev"
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_transient_proc:3775 - Caller's PID is 1; /proc/self points to 1
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_setup_ttys:1072 - Finished setting up 0 /dev/tty<N> device(s)
lxc elasticsearch-container 20240605011615.817 INFO conf - ../src/lxc/conf.c:setup_personality:1917 - Set personality to "0lx0"
lxc elasticsearch-container 20240605011615.817 NOTICE conf - ../src/lxc/conf.c:lxc_setup:4469 - The container "elasticsearch-container" is set up
lxc elasticsearch-container 20240605011615.817 NOTICE start - ../src/lxc/start.c:start:2194 - Exec'ing "/sbin/init"
lxc elasticsearch-container 20240605011615.818 NOTICE start - ../src/lxc/start.c:post_start:2205 - Started "/sbin/init" with pid "2019"
lxc elasticsearch-container 20240605011615.818 NOTICE start - ../src/lxc/start.c:signal_handler:446 - Received 17 from pid 2020 instead of container init 2019
lxc elasticsearch-container 20240605011615.859 INFO error - ../src/lxc/error.c:lxc_error_set_and_log:31 - Child <2019> ended on error (255)
lxc elasticsearch-container 20240605011615.883 INFO conf - ../src/lxc/conf.c:run_script_argv:340 - Executing script "/usr/libexec/incus/incusd callhook /var/lib/incus "default" "elasticsearch-container" stopns" for container "elasticsearch-container"
lxc elasticsearch-container 20240605011615.974 INFO conf - ../src/lxc/conf.c:lxc_map_ids:3603 - Caller maps host root. Writing mapping directly
lxc elasticsearch-container 20240605011615.974 NOTICE utils - ../src/lxc/utils.c:lxc_drop_groups:1368 - Dropped supplimentary groups
lxc elasticsearch-container 20240605011615.993 INFO conf - ../src/lxc/conf.c:run_script_argv:340 - Executing script "/usr/libexec/incus/incusd callhook /var/lib/incus "default" "elasticsearch-container" stop" for container "elasticsearch-container"
```[services@blackhole ~]$ incus start elasticsearch-container
Error: Error occurred when starting proxy device: Error: No such file or directory - Failed to safely open namespace file descriptor based on pidfd 3
Try `incus info --show-log elasticsearch-container` for more info[services@blackhole ~]$ incus start elasticsearch-container
Error: Error occurred when starting proxy device: Error: No such file or directory - Failed to safely open namespace file descriptor based on pidfd 3
Try `incus info --show-log elasticsearch-container` for more infoAfter doing lxd-to-incus which worked without issues, I get this error trying to start containers.Can anyone assist me? All of my containers are now stuck and my entire infrastructure is kind of at a halt because I cant start these containers now and it completely wiped LXD from my system.Here is the debug log:
```
lxc elasticsearch-container 20240605011615.690 INFO lxccontainer - ../src/lxc/lxccontainer.c:do_lxcapi_start:997 - Set process title to [lxc monitor] /var/lib/incus/containers elasticsearch-container
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 4
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 5
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 6
lxc elasticsearch-container 20240605011615.691 INFO start - ../src/lxc/start.c:lxc_check_inherited:325 - Closed inherited fd 16
lxc elasticsearch-container 20240605011615.691 INFO lsm - ../src/lxc/lsm/lsm.c:lsm_init_static:38 - Initialized LSM security driver nop
lxc elasticsearch-container 20240605011615.691 INFO conf - ../src/lxc/conf.c:run_script_argv:340 - Executing script "/proc/1057/exe callhook /var/lib/incus "default" "elasticsearch-container" start" for container "elasticsearch-container"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "[all]"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "reject_force_umount # comment this to allow umount -f; not recommended"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:524 - Set seccomp rule to reject force umounts
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "[all]"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "kexec_load errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[246:kexec_load] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[246:kexec_load] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[246:kexec_load] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "open_by_handle_at errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[304:open_by_handle_at] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[304:open_by_handle_at] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[304:open_by_handle_at] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "init_module errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[175:init_module] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[175:init_module] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[175:init_module] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "finit_module errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[313:finit_module] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[313:finit_module] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[313:finit_module] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:807 - Processing "delete_module errno 38"
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding native rule for syscall[176:delete_module] action[327718:errno] arch[0]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[176:delete_module] action[327718:errno] arch[1073741827]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:do_resolve_add_rule:564 - Adding compat rule for syscall[176:delete_module] action[327718:errno] arch[1073741886]
lxc elasticsearch-container 20240605011615.731 INFO seccomp - ../src/lxc/seccomp.c:parse_config_v2:1017 - Merging compat seccomp contexts into main context
lxc elasticsearch-container 20240605011615.731 INFO start - ../src/lxc/start.c:lxc_init:881 - Container "elasticsearch-container" is initialized
lxc elasticsearch-container 20240605011615.732 INFO cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_monitor_create:1383 - The monitor process uses "lxc.monitor.elasticsearch-container" as cgroup
lxc elasticsearch-container 20240605011615.756 INFO cgfsng - ../src/lxc/cgroups/cgfsng.c:cgfsng_payload_create:1491 - The container process uses "lxc.payload.elasticsearch-container" as inner and "lxc.payload.elasticsearch-container" as limit cgroup
lxc elasticsearch-container 20240605011615.764 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWUSER
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWNS
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWPID
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWUTS
lxc elasticsearch-container 20240605011615.765 INFO start - ../src/lxc/start.c:lxc_spawn:1762 - Cloned CLONE_NEWIPC
lxc elasticsearch-container 20240605011615.771 INFO conf - ../src/lxc/conf.c:lxc_map_ids:3603 - Caller maps host root. Writing mapping directly
lxc elasticsearch-container 20240605011615.771 NOTICE utils - ../src/lxc/utils.c:lxc_drop_groups:1368 - Dropped supplimentary groups
lxc elasticsearch-container 20240605011615.772 WARN cgfsng - ../src/lxc/cgroups/cgfsng.c:fchowmodat:1611 - No such file or directory - Failed to fchownat(44, memory.oom.group, 65536, 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc elasticsearch-container 20240605011615.772 WARN cgfsng - ../src/lxc/cgroups/cgfsng.c:fchowmodat:1611 - No such file or directory - Failed to fchownat(44, memory.reclaim, 65536, 0, AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW )
lxc elasticsearch-container 20240605011615.773 INFO start - ../src/lxc/start.c:do_start:1104 - Unshared CLONE_NEWNET
lxc elasticsearch-container 20240605011615.773 NOTICE utils - ../src/lxc/utils.c:lxc_drop_groups:1368 - Dropped supplimentary groups
lxc elasticsearch-container 20240605011615.773 NOTICE utils - ../src/lxc/utils.c:lxc_switch_uid_gid:1344 - Switched to gid 0
lxc elasticsearch-container 20240605011615.773 NOTICE utils - ../src/lxc/utils.c:lxc_switch_uid_gid:1353 - Switched to uid 0
lxc elasticsearch-container 20240605011615.773 INFO start - ../src/lxc/start.c:do_start:1204 - Unshared CLONE_NEWCGROUP
lxc elasticsearch-container 20240605011615.806 INFO conf - ../src/lxc/conf.c:setup_utsname:875 - Set hostname to "elasticsearch-container"
lxc elasticsearch-container 20240605011615.815 INFO network - ../src/lxc/network.c:lxc_setup_network_in_child_namespaces:4019 - Finished setting up network devices with caller assigned names
lxc elasticsearch-container 20240605011615.815 INFO conf - ../src/lxc/conf.c:mount_autodev:1219 - Preparing "/dev"
lxc elasticsearch-container 20240605011615.815 INFO conf - ../src/lxc/conf.c:mount_autodev:1280 - Prepared "/dev"
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_fill_autodev:1317 - Populating "/dev"
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_fill_autodev:1405 - Populated "/dev"
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_transient_proc:3775 - Caller's PID is 1; /proc/self points to 1
lxc elasticsearch-container 20240605011615.816 INFO conf - ../src/lxc/conf.c:lxc_setup_ttys:1072 - Finished setting up 0 /dev/tty<N> device(s)
lxc elasticsearch-container 20240605011615.817 INFO conf - ../src/lxc/conf.c:setup_personality:1917 - Set personality to "0lx0"
lxc elasticsearch-container 20240605011615.817 NOTICE conf - ../src/lxc/conf.c:lxc_setup:4469 - The container "elasticsearch-container" is set up
lxc elasticsearch-container 20240605011615.817 NOTICE start - ../src/lxc/start.c:start:2194 - Exec'ing "/sbin/init"
lxc elasticsearch-container 20240605011615.818 NOTICE start - ../src/lxc/start.c:post_start:2205 - Started "/sbin/init" with pid "2019"
lxc elasticsearch-container 20240605011615.818 NOTICE start - ../src/lxc/start.c:signal_handler:446 - Received 17 from pid 2020 instead of container init 2019
lxc elasticsearch-container 20240605011615.859 INFO error - ../src/lxc/error.c:lxc_error_set_and_log:31 - Child <2019> ended on error (255)
lxc elasticsearch-container 20240605011615.883 INFO conf - ../src/lxc/conf.c:run_script_argv:340 - Executing script "/usr/libexec/incus/incusd callhook /var/lib/incus "default" "elasticsearch-container" stopns" for container "elasticsearch-container"
lxc elasticsearch-container 20240605011615.974 INFO conf - ../src/lxc/conf.c:lxc_map_ids:3603 - Caller maps host root. Writing mapping directly
lxc elasticsearch-container 20240605011615.974 NOTICE utils - ../src/lxc/utils.c:lxc_drop_groups:1368 - Dropped supplimentary groups
lxc elasticsearch-container 20240605011615.993 INFO conf - ../src/lxc/conf.c:run_script_argv:340 - Executing script "/usr/libexec/incus/incusd callhook /var/lib/incus "default" "elasticsearch-container" stop" for container "elasticsearch-container"
```
02:05 UTC
On Debian 12. What's the best way to install lxc? Snap or apt?
I see on Debian-12.5 That the apt version of lxc is 5.0.2-1. The documentation at https://linuxcontainers.org/lxc/getting-started/ and https://ubuntu.com/server/docs/lxc-containers recommend using this method.
I see on snap the version of lxc is: 5.21.1. The documentation at https://documentation.ubuntu.com/lxd/en/stable-5.0/installing/ and https://canonical.com/lxd/install recommend this method. Some old ( 10 years ) answer on askubuntu.com said snaps were the recommended method - but the supporting page on that is 404 https://askubuntu.com/questions/397185/upgrading-lxc-version
I see on the the support page it says 6.0 has been released. https://discuss.linuxcontainers.org/t/lxc-6-0-lts-has-been-released/19567 and it seems the only install method for that is download and compile.
Any recommendations for the best install method for a stable LTS-type system on Debian 12? I didn't see any comments about it at https://discuss.linuxcontainers.org/
21:27 UTC
Lxc help with installing images
So I'm running openwrt on x86_64, and have successfully increased my image size to 32gb, and i believe i have installed all options needed to run lxc containers, but I am having difficulty launching them. It feels like it is not downloading the full image, because it completes very quickly when I click create, and when I press start, it stays with a red status.
I am looking to run some variant of Debian, preferably Ubuntu, so i can run a Unifi server on the same hardware as my routing platform. I have tried several different images from the images.linuxcontainers.org list, and fell like I'm missing something. thanks for your help.
23:03 UTC
Flandre
19:47 UTC
MLSFAW
18:22 UTC
Containers Become Unreachable After a Period of Time
I have some Ubuntu 20 LXC containers running on an Ubuntu 22 host. When they are up and running, the LXC containers can be reached from any other host across the network without issue but, after a couple of days or so, the LXC containers become unreachable across the network (Except for the LXCs' host which can still reach into them without any problem). The only way I can get the LXC containers to become reachable from other hosts again is by stopping and starting the LXC containers again.
I don't know enough about networking to be able to figure out what causes their network connectivity to be lost or where to look in any log files to get to the bottom if it all.
Any ideas what may cause this?
My LXC containers are configured like this:
config:
user.network-config: |
version: 2
ethernets:
eth0:
dhcp4: false
addresses:
- {{ server_ip }}/32
nameservers:
addresses:
- 8.8.8.8
search: []
routes:
- to: 0.0.0.0/0
via: 169.254.0.1
on-link: true
description: Server Routed Profile
devices:
eth0:
ipv4.address: {{ server_ip }}
nictype: routed
parent: wlo1
type: nic
root:
path: /
pool: dataPool
type: disk
name: dataProfile
10:11 UTC
LXC container can't get manual IP
Hi there,
I'm trying to set a manual IP but nothing work.
In /var/lib/lxc/debian_ansible/config :
lxc.net.0.ipv4.address = 10.0.3.100/24
lxc.net.0.ipv4.gateway = autoEven try with dnsmasq.conf:
dhcp-host=debian_ansible,10.0.3.100Even after restarting lxc-net service, restarting container, or rebooting, the containers didn't want to take the 10.0.3.100 IP
sudo lxc-info --version
5.0.2I'll be very glad if someone can help me
Thanks by advance
18:15 UTC
Rpi4 + Pimox + LXC + OpenMediaVault
I installed Proxmox on my Raspberry Pi 4 and created an LXC Debian container with an OpenMediaVault instance. Now everything is working, but how can I connect my physical hard drive by USB 3.0 to OMV? I want to mount the device and not only a mount point.
> ls -al /dev/sd*
brw-rw---- 1 root disk 8, 0 Nov 3 02:03 /dev/sda
brw-rw---- 1 root disk 8, 1 Nov 3 02:03 /dev/sda1
> lsblk -l
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 931.5G 0 disk
sda1 8:1 0 931.5G 0 part /mnt/myharddisk
> ls -al /dev/disk/by-uuid/ | grep sda*
lrwxrwxrwx 1 root root 10 Nov 3 02:03 5b1a451e-c349-4e91-b125-38ee04fb73d1 -> ../../sda1LXC Container Configuration
> cat /etc/pve/lxc/103.conf
arch: arm64
cores: 2
hostname: omvnas
memory: 1024
net0: name=eth0,bridge=vmbr0,firewall=1,gw=192.168.1.1,hwaddr=8A:FE:12:38:67:58,ip=192.168.1.102/24,type=veth
ostype: debian
rootfs: local:103/vm-103-disk-0.raw,size=8G
swap: 128
lxc.mount.auto: cgroup:rw
lxc.mount.auto: proc:rw
lxc.mount.auto: sys:rw
lxc.cgroup.devices.allow: b 8:0 rwm
lxc.cgroup.devices.allow: b 8:1 rwm
lxc.autodev: 1
lxc.hook.autodev: /var/lib/lxc/103/mount-hook.sh
lxc.mount.entry: /mnt/myharddrive media/myharddrive none bind,create=dir,optional 0 0
> cat /var/lib/lxc/103/mount-hook.sh
#!/bin/sh
mknod -m 777 ${LXC_ROOTFS_MOUNT}/dev/sda b 8 0
mknod -m 777 ${LXC_ROOTFS_MOUNT}/dev/sda1 b 8 1Result
pct start 103 --debugbut obtain in to shell
ERROR utils - ../src/lxc/utils.c:safe_mount:1221 - No such file or directory - Failed to mount "/mnt/myharddrive" onto "/usr/lib/aarch64-linux-gnu/lxc/rootfs/media/myharddrive"
Instead into OMV -> Storage -> Disks obtain this message : https://ibb.co/C5MwKts
Anyone have experience mounting a physical hard drive in an LXC container?
02:55 UTC
Wiki and Github for "linux-router" which can be used for both Containers and VMs.
I ran across Github - linux-router.
The Wiki says:
Set Linux as router in one command. Able to provide Internet, or create a WiFi hotspot.Supports transparent proxy (redsocks). Also useful for routing VM/Containers.
It wraps iptables*,* dnsmasq etc. stuff. Use in one command, Restore in one command or by control-c (or even by closing terminal window).
If you read thru the USAGE section - n**otice both LXC and LXD configuration commands are provided!
linux-container config for LXC
Use as a transparent proxy for LXD but without using Profile
13:40 UTC
Frigate on a Proxmox LXC
11:46 UTC
StableDiffusion-XL Bot for Discord using Linux Containers (LXC) and an Nvida GPU (Cuda).
12:23 UTC
lxc-router might be useful with LXC Containers
Thought this might be useful to a some LXC users.
Gary Will developed a bash script named linux-router (one of his github repositories)
See how lxc-router might be used with LXC Containers here:
Using linux-router Bash script, implement a transparent proxy for LXC (github by gary will)
Gary also created detailed linux-router documentation which is very useful to read for a Linux user because of other non-LXC use-cases for linux-router!
17:27 UTC
Pointing lxc to new storage pool location
I had to replace a drive in computer, and now the drive names have changed. Lxc thinks its storage is still at /dev/nmve3 whereas it's now at /dev/nvme2.
Is there a way to point my container to the right place without erasing the contents my old drive?
Thanks!
12:53 UTC
LXC images download
20:11 UTC
lxc: ssh login
Hi,
I receiving this error message:
WARNING: UNPROTECTED PRIVATE KEY FILE!
Permissions 0640 for '/home/..../.ssh/id_rsa.pub' are too open.
It is required that your private key files are NOT accessible by others.
This private key will be ignored.
Load key "/home/..../.ssh/id_rsa.pub": bad permissions
ubuntu@gui: Permission denied (publickey).
Do you know how I can fix this issue ?
Thanks in advance!
15:00 UTC