LXC isn't working by default in Lucid because of missing kernel options
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Fix Released
|
Medium
|
Andy Whitcroft | ||
Karmic |
Fix Released
|
Medium
|
Stefan Bader | ||
Lucid |
Fix Released
|
Medium
|
Andy Whitcroft |
Bug Description
SRU Justification:
Impact: LXC (Linux containers) need two other options set to work correctly.
The options should only affect the usage of cgroups.
Fix: Enable those options as they have been in Lucid now for a while and
also make them consistent over all of ports and main.
---
In order to use LXC (Linux Containers), the cgroup must be enable in the kernel.
As of Karmic, only part of what's needed for LXC is enabled, basically we can manually create a context but can't set the list of allowed devices inside it or restrict swap memory.
Here's the cgroup parameters as of current Karmic kernel:
CONFIG_
CONFIG_CGROUPS=y
# CONFIG_CGROUP_DEBUG is not set
CONFIG_CGROUP_NS=y
CONFIG_
# CONFIG_
CONFIG_
CONFIG_
# CONFIG_
CONFIG_
In order to have LXC working correctly including its integration with libvirt, we'd need:
CONFIG_
CONFIG_
Was there any reason not to have these two set to yes ?
Changed in linux (Ubuntu): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
summary: |
- LXC isn't working by default in Karmic (and possibly Lucid) because of - missing kernel options + LXC isn't working by default in Lucid because of missing kernel options |
Changed in linux (Ubuntu Karmic): | |
assignee: | nobody → Stefan Bader (stefan-bader-canonical) |
importance: | Undecided → Medium |
milestone: | none → karmic-updates |
status: | New → In Progress |
Changed in linux (Ubuntu Lucid): | |
assignee: | Tim Gardner (timg-tpi) → Andy Whitcroft (apw) |
milestone: | none → lucid-alpha-1 |
status: | Triaged → In Progress |
Changed in linux (Ubuntu Lucid): | |
status: | In Progress → Fix Committed |
tags: | added: kernel-lucid |
description: | updated |
Changed in linux (Ubuntu Karmic): | |
status: | In Progress → Fix Committed |
Hi Stéphane,
It's likely these were not enabled because they are experimental:
config CGROUP_DEVICE
bool "Device controller for cgroups"
depends on CGROUPS && EXPERIMENTAL
help
Provides a cgroup implementing whitelists for devices which
a process in the cgroup can mknod or open.
config CGROUP_ MEM_RES_ CTLR_SWAP EXPERIMENTAL) "
Especially if you use 32bit system or small memory system, please
bool "Memory Resource Controller Swap Extension(
depends on CGROUP_MEM_RES_CTLR && SWAP && EXPERIMENTAL
help
Add swap management feature to memory resource controller. When you
enable this, you can limit mem+swap usage per cgroup. In other words,
when you disable this, memory resource controller has no cares to
usage of swap...a process can exhaust all of the swap. This extension
is useful when you want to avoid exhaustion swap but this itself
adds more overheads and consumes memory for remembering information.
be careful about enabling this. When memory resource controller
is disabled by boot option, this will be automatically disabled and
there will be no overhead from this. Even when you set this config=y,
if boot option "noswapaccount" is set, swap will not be accounted.
Now, memory usage of swap_cgroup is 2 bytes per entry. If swap page
size is 4096bytes, 512k per 1Gbytes of swap.