[systemd-devel] Howto run systemd within a linux container
Daniel P. Berrange
berrange at redhat.com
Thu Feb 6 07:38:34 PST 2014
On Thu, Feb 06, 2014 at 04:33:22PM +0100, Greg KH wrote:
> On Thu, Feb 06, 2014 at 10:55:01AM +0000, Daniel P. Berrange wrote:
> > On Wed, Feb 05, 2014 at 11:44:33PM +0100, Richard Weinberger wrote:
> > > Hi!
> > >
> > > We're heavily using Linux containers in our production environment.
> > > As modern Linux distributions move forward to systemd have to make sure that
> > > systemd works within our containers.
> > >
> > > Sadly we're facing issues with cgroups.
> > > Our testbed consists of openSUSE 13.1 with Linux 3.13.1 and libvirt 1.2.1.
> > >
> > > In a plain setup systemd stops immediately because it is unable to
> > > create the cgroup hierarchy.
> > > Mostly because the container uid 0 is in a user namespace and has no
> > > rights to do that.
> >
> > FYI I have succesfully run Fedora 19 with systemd inside a container
> > with libvirt LXC, however, I did *not* enable user namespaces. Every
> > time I try user namespaces I find some other bug in either the kernel
> > or libvirt, so I wouldn't be surprised if yet more breakage has
> > occurred in user namepsaces :-(
>
> Those bugs should now be fixed, if you don't enable the option, how are
> we supposed to know what is left to be done? :)
I have in fact been building my own kernels for Fedora with user namespaces
enabled to debug / test this and have reported all the bugs I found so far.
Just saying that with the track record of bugs since the userns code first
merged, I wouldn't be surprised if there were still more things to iron
out as we try more real world apps like systemd.
Regads,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the systemd-devel
mailing list