[arch-general] libvirt / lxc : no valid cgroup for machine
Tom Kuther
tom at kuther.net
Sun Feb 16 04:57:26 EST 2014
Am 16.02.2014 00:52, schrieb arnaud gaboury:
>>
>> - Systemd creates all necessary cgroups
>
> How can I be sure systemd created them ? Are the command line &
> results below OK ?
>
> gabx at hortensia ➤➤ ~aur/libvirt-git # cat /proc/cgroups
> #subsys_name hierarchy num_cgroups enabled
> cpuset 3 2 1
> cpu 4 2 1
> cpuacct 4 2 1
> memory 5 2 1
> devices 6 2 1
> freezer 7 2 1
> net_cls 8 2 1
> blkio 9 2 1
>
Looks okay, anyways that's not a good command to check this.
Take a look at /sys/fs/cgroup/systemd/
Or even better:
└» systemd-cgls
(output for my libvirt_lxc container)
├─machine.slice
│ └─machine-lxc\x2darch\x2dweb1.scope
│ ├─28422 /usr/lib/libvirt/libvirt_lxc --name arch-web1 --console 21
--security=none --handshake 24 --background --veth macvlan1
│ └─machine.slice
│ └─machine-lxc\x2darch\x2dweb1.scope
│ ├─machine.slice
│ │ └─machine-lxc\x2darch\x2dweb1.scope
│ │ └─user.slice
│ │ └─user-0.slice
│ │ └─user at 0.service
│ │ └─28488 /usr/lib/systemd/systemd --user
│ ├─user.slice
│ │ └─user-0.slice
│ │ └─user at 0.service
│ │ └─28489 (sd-pam)
│ └─system.slice
│ ├─28428 /usr/bin/init
│ ├─systemd-logind.service
│ │ └─28459 /usr/lib/systemd/systemd-logind
│ ├─console-getty.service
│ │ └─28463 /sbin/agetty --noclear -s console 115200 38400 9600
│ ├─dbus.service
│ │ └─28458 /usr/bin/dbus-daemon --system --address=systemd:
--nofork --nopidfile --systemd-activation
│ ├─sshd.service
│ │ └─28470 /usr/bin/sshd -D
│ └─systemd-journald.service
│ └─28443 /usr/lib/systemd/systemd-journald
>>
>> - The cgroup that gets auto-created (machine.slice/machine-lxc...)
>
> Where can I see these cgroup and who auto-created them ?
>
See above. More info about "who" and "how":
http://libvirt.org/cgroups.html
>
> needs
>> to be chown'ed to the mapped uid/gid. libvirt doesn't do that yet, but
>> there's a patch on the libvirt devel mailing-list by Richard Weinberger
>> which fixes this. Posted yesterday.
>
> - I tried to install linvirt-git, but got an error when building.
The libvirt-git AUR package worked fine 2 days ago. But it could be temp
breakage upstream. No error output, no help possible.
>
>> - The container's rootfs needs to be chown'ed to the mapped uid, I used
>> a simple script that reads `ls -n` and chowns all dirs and files with a
>> defined offset (new_uid=$[$old_uid + 5000] .. you get the idea)
>
> I think I see. Do you mean sharing your script?
-----snip----
#!/bin/bash
LXC_VM=$1
ID_OFFSET=$2
LXC_BASEDIR=/var/lib/lxc
if [[ ! -d "${LXC_BASEDIR}/${LXC_VM}/rootfs" ]]; then
echo "ERROR: ${LXC_BASEDIR}/${LXC_VM}/rootfs does not exist"
exit 1
fi
cd ${LXC_BASEDIR}/${LXC_VM}
echo "Changing directories"
for dir in `find rootfs -type d`; do
old_uid=`ls -nd ${dir}|awk '{print $3}'`
old_gid=`ls -nd ${dir}|awk '{print $4}'`
new_uid=$[${old_uid} + ${ID_OFFSET}]
new_gid=$[${old_gid} + ${ID_OFFSET}]
chown ${new_uid}:${new_gid} ${dir}
done
echo "Changing files"
for file in `find rootfs -type f`; do
old_uid=`ls -nd ${file}|awk '{print $3}'`
old_gid=`ls -nd ${file}|awk '{print $4}'`
new_uid=$[${old_uid} + ${ID_OFFSET}]
new_gid=$[${old_gid} + ${ID_OFFSET}]
chown ${new_uid}:${new_gid} ${file}
done
----snap----
Disclaimer: separating dirs and files has no real reason here. Needs to
run as root. May kill your cat etc..
>
> TY Tom for your help.
>
NP
~tom
More information about the arch-general
mailing list