unprivileged lxc containers won't start, need to put sessions into "pids" cgroup controller
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
lxc (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Wily |
New
|
Medium
|
Unassigned | ||
systemd (Ubuntu) |
Fix Released
|
Medium
|
Unassigned | ||
Wily |
Fix Released
|
Medium
|
Martin Pitt |
Bug Description
I'n trying to get (unpriviliged) lxc containers to run on wily. I create a container like this:
> lxc-create -t download -n u1 -- -d ubuntu -r wily -a amd64
that works. However, starting the container fails:
> lxc-start -n u1
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
Setting the log priority to debug shows the following (relevant part only):
lxc-start 1452717530.484 INFO lxc_start - start.c:
lxc-start 1452717530.484 DEBUG lxc_start - start.c:
lxc-start 1452717530.484 INFO lxc_start - start.c:
lxc-start 1452717530.484 INFO lxc_cgroup - cgroup.
lxc-start 1452717530.489 ERROR lxc_cgmanager - cgmanager.
lxc-start: cgmanager.c: lxc_cgmanager_
lxc-start 1452717530.490 ERROR lxc_start - start.c:
lxc-start: start.c: __lxc_start: 1213 failed to spawn 'u1'
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
lxc-start 1452717530.484 INFO lxc_start - start.c:
lxc-start 1452717530.484 DEBUG lxc_start - start.c:
lxc-start 1452717530.484 INFO lxc_start - start.c:
lxc-start 1452717530.484 INFO lxc_cgroup - cgroup.
lxc-start 1452717530.489 ERROR lxc_cgmanager - cgmanager.
lxc-start: cgmanager.c: lxc_cgmanager_
lxc-start 1452717530.490 ERROR lxc_start - start.c:
lxc-start: start.c: __lxc_start: 1213 failed to spawn 'u1'
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start 1452717530.513 ERROR lxc_start_ui - lxc_start.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.
So it seems a cgmanager issue. Syslog shows:
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager:
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager: Invalid path /run/cgmanager/
Jan 13 21:37:58 miranda cgmanager[22010]: cgmanager:
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager:
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager: Invalid path /run/cgmanager/
Jan 13 21:38:50 miranda cgmanager[22010]: cgmanager:
Changed in systemd (Ubuntu Wily): | |
status: | New → Triaged |
summary: |
- unprivileged lxc containers won't start + unprivileged lxc containers won't start, need to put sessions into + "pids" cgroup controlelr |
summary: |
unprivileged lxc containers won't start, need to put sessions into - "pids" cgroup controlelr + "pids" cgroup controller |
You're using a newer kernel which provides the 'pids' cgroup. Systemd doesn't
know about that one and so doesn't create a cgroup for you that you own. Lxc
in turn (in wily) doesn't yet know how to handle that.
You can work around this several ways. The simplest is to do
sudo cgm create pids user
sudo cgm chown pids user $(id -u) $(id -g)
cgm movepid pids user $$
before you start the container.