[libvirt-users] LXC libvirt support

Daniel P. Berrange berrange at redhat.com
Fri Feb 18 10:17:54 UTC 2011 

On Thu, Feb 17, 2011 at 05:47:43PM -0800, Nirmal Guhan wrote:
> 2011/2/11 Nirmal Guhan <vavatutu at gmail.com>:
> > On Fri, Feb 11, 2011 at 9:05 PM, Osier Yang <jyang at redhat.com> wrote:
> >> 于 2011年02月12日 11:52, Nirmal Guhan 写道:
> >>>
> >>> Hi,
> >>>
> >>> Has anyone used libvirt to start/stop/manage LXC (linux containers) ?
> >>> Is it supported at all? Last I tried, had few issues and the reply was
> >>> :
> >>
> >> Yes, it's supported, though still much work to do, but the basic is
> >> there.
> >>
> >>>
> >>> ///
> >>> Note that libvirt lxc driver is a different implementation from lxc tools
> >>> and doesn't use lxc tools internally.
> >>
> >> Indeed, it doesn't invoke lxc tools.
> >>
> >> You may not be able to do what
> >>>
> >>> you are doing with lxc tools. Especially, the driver doesn't take aware
> >>> of files and settings inside a container at all. You have to prepare them
> >>> by yourself in advance
> >>
> >> libvirt.org has the example, e.g. the busybox example, I guess it could
> >> explain "the driver doesn't take care of files and setting inside a
> >> container at all, you have to prepare them by yourself in advance."
> >>
> >> Regards
> >> Osier
> >
> > Thanks. Will give a try.
> > ~nirmal
> >
> Seeing some strange behavior running fedora 12 for both host and lxc container.
> I do a define, start and console :
> 
> [root at fedora12new lxc-libvirt-scripts]# virsh -c lxc:// console testf12new
> Connected to domain testf12new
> Escape character is ^]
> --> I press enter here and virsh exits.
> 
> I don't get login prompt always. Sometimes I do and when I try to
> login it rejects my password. Apparently, the same rootfs works fine
> with lxc tools and I can login.

There are likely multiple problems here.  The issue where virsh exits
is a bug in libvirts LXC console handling. During Fedora startup
the init process will close & reopen the primary console. If libvirt
notices this happen then it'll think the close is a shutdown and
exit. I need to rewrite console handling to make this reliable.

Rejecting the login is likely a configuration issue - perhaps a
missing securetty entry, but also PAM has various things that
relate to selinux / audit that don't work within a container and
need to be removed - sadly i can't remember just which ones offhand,
but try removing items from the PAM configs.

> Snippet from  etc/event.d/tty1 :
> respawn
> exec /sbin/mingetty pts/0
> 
> I use "exec /sbin/mingetty tty1" for lxc tools and that works fine. I
> had to try pts/0 for libvirt since tty1 does not even get me the
> occasional login prompts I get with pts.
> 
> Also even after virsh shutdown, I see that the container processes do
> not exit. Is there something else I should do?

This 'virsh shutdown' is requesting a graceful shutdown - guests aren't
required to honour this request. virsh detroy is the failsafe

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvirt-users mailing list