[systemd-devel] Systemd in LXC container
Alexander Vladimirov
alexander.idkfa.vladimirov at gmail.com
Thu Nov 15 22:05:00 PST 2012
Using recommendations here:
http://www.mail-archive.com/systemd-devel@lists.freedesktop.org/msg06972.html
and updated lxc-archlinux template I have managed to run (almost)
unmodified Arch Linux installation in container.
This exposed a couple of problems in systemd.
The first one is: systemd goes through /proc/self/mountinfo entries to
perform unmount actions on shutdown. when running in container, it contains
root filesystem entry, which systemd fails to unmount, resulting in unclean
shutdown.
I was able to fix it using simple patch (http://pastie.org/5380592) which
makes systemd ignore root mount when running in container.
The second issue is journald reporting journal corruption on every
container boot, regardless of clean shutdown. This also happens when I
bind-mount hosts journal directory into container.
Here is what lxc config and related files look like:
# cat /var/lib/lxc/lxc0/config
lxc.utsname=lxc0
lxc.tty=1
lxc.pts=1024
lxc.rootfs=/var/lib/lxc/lxc0/rootfs
lxc.mount=/var/lib/lxc/lxc0/fstab
lxc.cap.drop = sys_module mac_admin mac_override
#hooks
lxc.hook.mount=/usr/share/lxc/hooks/mount
#networking
lxc.network.type=veth
lxc.network.flags=up
lxc.network.link=br0
lxc.network.name=eth0
lxc.network.mtu=1500
#cgroups
lxc.cgroup.devices.deny = a
lxc.cgroup.devices.allow = c *:* m
lxc.cgroup.devices.allow = b *:* m
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
lxc.cgroup.devices.allow = c 1:7 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:2 rwm
lxc.cgroup.devices.allow = c 136:* rwm
# cat /usr/share/lxc/hooks/mount
#!/bin/sh
dev_path="/usr/lib/lxc/rootfs/dev"
mkdir -p "${dev_path}/pts"
mknod -m 666 "${dev_path}/null" c 1 3
mknod -m 666 "${dev_path}/zero" c 1 5
mknod -m 666 "${dev_path}/full" c 1 7
mknod -m 666 "${dev_path}/random" c 1 8
mknod -m 666 "${dev_path}/urandom" c 1 9
mknod -m 666 "${dev_path}/tty" c 5 0
mknod -m 600 "${dev_path}/console" c 5 1
# cat /var/lib/lxc/lxc0/fstab
none /var/lib/lxc/lxc0/rootfs/dev tmpfs dev 0 0
sysfs sys sysfs ro,defaults 0 0
proc proc proc nodev,noexec,nosuid 0 0
/proc/sys /var/lib/lxc/lxc0/rootfs/proc/sys none ro,bind 0 0
host system is also Arch Linux running systemd version 195
Can anyone provide any insights on how can I find out what causes journal
corruption?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/systemd-devel/attachments/20121116/530fc72d/attachment.html>
More information about the systemd-devel
mailing list