LXC + systemd

galliley89 · January 26, 2015, 6:54am

Hello everybody!
I use OpenSUSE 13.2 for experiment with LXC (version in 13.2 is 1.0.6).
My test container don’t start at boot.

config file of container


lxc.network.type = empty
lxc.rootfs = /var/lib/lxc/test01/rootfs
lxc.utsname = test01
lxc.autodev=1
lxc.start.auto=1
lxc.group=onboot
lxc.tty = 4
lxc.pts = 1024
lxc.mount = /var/lib/lxc/test01/fstab
lxc.cap.drop = sys_module mac_admin mac_override mknod sys_time

# When using LXC with apparmor, uncomment the next line to run unconfined:
lxc.aa_profile = unconfined

lxc.cgroup.devices.deny = a
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rm

But I don’t have a fun :(, because autostart still not working.
After that /usr/lib/systemd/system/lxc.service was edited


[Unit]
Description=LXC Container Initialization and Autoboot Code
After=syslog.target network.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStartPre=/usr/lib/lxc/lxc-devsetup
#ExecStart=/usr/lib/lxc/lxc-autostart-helper start
#ExecStop=/usr/lib/lxc/lxc-autostart-helper stop
ExecStart=/usr/bin/lxc-autostart -g onboot
ExecStop=/usr/bin/lxc-autostart -a -s -t 5
# Environment=BOOTUP=serial
# Environment=CONSOLETYPE=serial
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=multi-user.target

And it began to work. Maybe I’m wrong…

tsu2 · January 26, 2015, 9:13pm

Yeah,
Looks like you found a bug. The original script the Unit file was pointing to is not related to the LXC service itself. The script says it’s supposed to start containers which are supposed to autostart, not the LXC service itself.
Congrats on finding your solution.

Pls submit a bug with your finding to
http://bugzilla.opensuse.org.

BTW -
If you’re into Linux containers, I haven’t looked at latest LXC but the current trend is to implement docker instead. It’s in the main OSS. I’m using docker on 13.2 (and originally on 13.1) with no issues.

BTW2 -
I’m a bit disappointed there seems to be some other issues with LXC I found when looking at what you found. The YAST2 management applet for LXC is broken which would have been a major reason I might have looked at LXC again.

Recommendation:
If you’re into Linux Containers, you might find some relevant info in some of my openSUSE wiki articles.
https://en.opensuse.org/User:Tsu2
All the LXC articles are old (I haven’t used LXC for over a year) some things probably don’t work anymore. Some articles are about things I tried to do which never worked completely from the beginning but might contain some interesting techniques… Like in my “installing OpenStack” (OpenStack at that time refused to run properly on openSUSE) you might notice some things I described to try to work around certain issues like installing files and apps into a non-running container.

You’ll also find a number of other interesting things about both LXC and Docker.

Too bad about the broken YAST applet. I did notice in 13.2 there are packages to integrate with Libvirt which look like they’re worth looking at, but libvirt won’t install without installing the foundations for QEMU/KVM so that’ll be on your system as well if it’s that’s an issue (many people probably won’t care).

Good Luck,
TSU