[libvirt] Lxc support

Osier jyang at redhat.com
Fri Oct 29 10:00:27 UTC 2010 

On 10/29/2010 04:42 PM, Jean-Philippe Menil wrote:
> Hi,
>
> i'm trying to test the lxc support in libvirt, but but libvirt failed to
> start container with error "lxcContainerAvailable:897 : clone call
> returned Operation not permitted, container support is not enabled"
>

What's the kernel version you use? Just as the error message says, the
system call 'clone' failed, It's probly caused by lacking of kernel
support.

At least you should make sure 'clone' support these flags:

CLONE_NEWPID, CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, SIGCHLD

- Osier

> Althought i've compiled libvirt with th lxc support:
> configure: Configuration summary
> configure: =====================
> configure:
> configure: Drivers
> configure:
> configure: Xen: no
> configure: Proxy: no
> configure: QEMU: yes
> configure: UML: yes
> configure: OpenVZ: no
> configure: VBox: no
> configure: XenAPI: no
> configure: LXC: yes
> configure: PHYP: no
> configure: ONE: no
> configure: ESX: no
> configure: Test: yes
> configure: Remote: yes
> configure: Network: yes
> configure: Libvirtd: yes
> configure: netcf: no
> configure: macvtap: yes
> configure: virtport: no
>
> Here is my xml:
> <domain type='lxc'>
> <name>lxc1</name>
> <memory>500000</memory>
> <os>
> <type>exe</type>
> <init>/bin/sh</init>
> </os>
> <vcpu>1</vcpu>
> <clock offset='utc'/>
> <on_poweroff>destroy</on_poweroff>
> <on_reboot>restart</on_reboot>
> <on_crash>destroy</on_crash>
> <devices>
> <emulator>/usr/lib/libvirt/libvirt_lxc</emulator>
> <filesystem type='mount'>
> <source dir='/var/lib/lxc/lxc1/rootfs'/>
> <target dir='/'/>
> </filesystem>
> <interface type='bridge'>
> <source bridge='U13'/>
> <target dev='veth0'/>
> </interface>
> <console type='pty' >
> <target port='5'/>
> </console>
> </devices>
> </domain>
>
> And here are the errors:
> 10:41:09.968: debug : virCgroupNew:542 : New group /
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
> at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 1:cpuacct at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 2:cpuset at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 3:memory at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 4:devices at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 5:freezer at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupNew:542 : New group /libvirt
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
> at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 1:cpuacct at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 2:cpuset at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 3:memory at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 4:devices at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 5:freezer at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupMakeGroup:484 : Make group /libvirt
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupNew:542 : New group /libvirt/lxc
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
> at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 1:cpuacct at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 2:cpuset at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 3:memory at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 4:devices at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 5:freezer at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupMakeGroup:484 : Make group /libvirt/lxc
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/lxc/
> 10:41:09.968: debug : lxcControllerRun:595 : Setting up private /dev/pts
> 10:41:10.012: debug : lxcControllerRun:621 : Mouting 'devpts' on
> /var/lib/lxc/lxc1/rootfs/dev/pts
> 10:41:10.012: debug : lxcControllerRun:636 : Opening tty on private
> /var/lib/lxc/lxc1/rootfs/dev/pts/ptmx
> 10:41:10.044: debug : lxcContainerAvailable:897 : clone call returned
> Operation not permitted, container support is not enabled
> 10:41:10.044: debug : lxcContainerStart:848 : Enable network namespaces
> 10:41:10.076: debug : lxcContainerStart:854 : clone() completed, new
> container PID is -1
> 10:41:10.076: error : lxcContainerStart:858 : Failed to run clone
> container: Operation not permitted
> 10:41:10.076: debug : vethDelete:159 : veth: veth1
> 10:41:10.076: debug : virRunWithHook:818 : ip link del veth1
>
> Can someone tell me what i'm doing wrong?
>
> Many thanks.
>
> Regards.
>
>
>
> --
> libvir-list mailing list
> libvir-list at redhat.com
> https://www.redhat.com/mailman/listinfo/libvir-list

More information about the libvir-list mailing list