Ubuntu
lxc package

lxc-create debug output is broken or useless

Bug #1413343 reported by anatoly techtonik
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
lxc (Ubuntu)
Fix Released
High
Serge Hallyn

Bug Description

Can't create container and debug output doesn't explain anything:

$ lxc-create --logpriority=DEBUG -n buildbox -o here.log
lxc-create: Error creating container buildbox
$ cat here.log
     lxc-create 1421867190.847 WARN lxc_log - lxc_log_init called with log already initialized
     lxc-create 1421867190.847 ERROR lxc_create_ui - Error creating container buildbox

I doubt that --logpriority option is processed at all:

$ lxc-create --logpriority=wat -n buildbox -o here.log
lxc-create: Error creating container buildbox

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: lxc 1.0.6-0ubuntu0.1
ProcVersionSignature: Ubuntu 3.13.0-44.73-generic 3.13.11-ckt12
Uname: Linux 3.13.0-44-generic i686
NonfreeKernelModules: nvidia
ApportVersion: 2.14.1-0ubuntu3.6
Architecture: i386
CurrentDesktop: Unity
Date: Wed Jan 21 21:55:50 2015
InstallationDate: Installed on 2012-03-12 (1045 days ago)
InstallationMedia: Ubuntu 12.04 LTS "Precise Pangolin" - Beta i386 (20120301)
KernLog:
 Jan 21 07:40:13 SONiC kernel: [82266.453659] type=1400 audit(1421815213.422:96): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/lib/cups/backend/cups-pdf" pid=17589 comm="apparmor_parser"
 Jan 21 07:40:13 SONiC kernel: [82266.453673] type=1400 audit(1421815213.422:97): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/sbin/cupsd" pid=17589 comm="apparmor_parser"
 Jan 21 07:40:13 SONiC kernel: [82266.454329] type=1400 audit(1421815213.422:98): apparmor="STATUS" operation="profile_replace" profile="unconfined" name="/usr/sbin/cupsd" pid=17589 comm="apparmor_parser"
SourcePackage: lxc
UpgradeStatus: Upgraded to trusty on 2014-04-18 (277 days ago)
defaults.conf:
 lxc.network.type = veth
 lxc.network.link = lxcbr0
 lxc.network.flags = up
 lxc.network.hwaddr = 00:16:3e:xx:xx:xx

Revision history for this message
anatoly techtonik (techtonik) wrote :
Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

You need to specify a template for the container to create. For instance,

lxc-create -t download -n buildbox -- -d ubuntu -r trusty -a amd64

In newer releases, you do get a better error message:

# lxc-create -n b1
A template must be specified.
Use "none" if you really want a container without a rootfs.

Changed in lxc (Ubuntu):
importance: Undecided → Low
status: New → Fix Released
Revision history for this message
anatoly techtonik (techtonik) wrote : Re: [Bug 1413343] Re: lxc-create debug output is broken or useless

Cool. Is there a way to use default template for current operating
system? I don't want to know about templates yet, so I'd be happy with
whatever default is there (I am not sure what a rootfs in container is
and if I want it).

Also, could it be the problem that I am not running under the root?
Are invalid debug values in options also reported in released versions?

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Sorry, I don't quite understand your questions. What do you mean by "running under the root"? What is "the problem" at this point? If you're getting an error creating unprivileged containers (which are created/started without becoming the root user), see "Basic unprivileged usage" at https://help.ubuntu.com/stable/serverguide/lxc.html. You just need to create ~/.config/lxc/default.conf with a default userid mapping, and grant yourself the right to connect network interfaces to lxcbr0 using the file /etc/lxc/lxc-usernet.

As for a 'default template', I believe the download template is now the most commonly used. You can just do

sudo lxc-create -n b1 -t download

to be interactively queried as to the distribution/release/architecture. In comment #2 I showed how to create a container using the most reason Ubuntu LTS (14.04 trusty tahr) as the guest OS.

Revision history for this message
anatoly techtonik (techtonik) wrote :

Yes, I probably need unprivileged containers (not sure why, though). I wish that lxc-create could provide a better command line guide than searching on the internet and some help about what container do I need. I just need isolated Linux environment to package my Python script so that it is available on Ubuntu.

I've successfully created non-privileged container (just because it is easier) and now I am looking how to login inside and pass files in and out.

Revision history for this message
Serge Hallyn (serge-hallyn) wrote :

Two steps are needed to support completely unprivileged containers.
Suggestions about the best (safe) way to make those easier are very
welcome.

We can definately do better about the id mapping case. I'm not sure about
the lxc-usernet one, but it's definately worth discussing.

 status: triaged
 importance: high
 assignee: serge-hallyn

Changed in lxc (Ubuntu):
assignee: nobody → Serge Hallyn (serge-hallyn)
importance: Low → High
status: Fix Released → Triaged
Revision history for this message
Christian Brauner (cbrauner) wrote :

This is now also documented on https://linuxcontainers.org/lxc/getting-started/.

Changed in lxc (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.