Le 29/10/2010 12:00, Osier a écrit :
On 10/29/2010 04:42 PM, Jean-Philippe Menil wrote:
> Hi,
>
> i'm trying to test the lxc support in libvirt, but but libvirt failed to
> start container with error "lxcContainerAvailable:897 : clone call
> returned Operation not permitted, container support is not enabled"
>
What's the kernel version you use? Just as the error message says, the
system call 'clone' failed, It's probly caused by lacking of kernel
support.
At least you should make sure 'clone' support these flags:
CLONE_NEWPID, CLONE_NEWNS, CLONE_NEWUTS, CLONE_NEWIPC, SIGCHLD
- Osier
> Althought i've compiled libvirt with th lxc support:
> configure: Configuration summary
> configure: =====================
> configure:
> configure: Drivers
> configure:
> configure: Xen: no
> configure: Proxy: no
> configure: QEMU: yes
> configure: UML: yes
> configure: OpenVZ: no
> configure: VBox: no
> configure: XenAPI: no
> configure: LXC: yes
> configure: PHYP: no
> configure: ONE: no
> configure: ESX: no
> configure: Test: yes
> configure: Remote: yes
> configure: Network: yes
> configure: Libvirtd: yes
> configure: netcf: no
> configure: macvtap: yes
> configure: virtport: no
>
> Here is my xml:
> <domain type='lxc'>
> <name>lxc1</name>
> <memory>500000</memory>
> <os>
> <type>exe</type>
> <init>/bin/sh</init>
> </os>
> <vcpu>1</vcpu>
> <clock offset='utc'/>
> <on_poweroff>destroy</on_poweroff>
> <on_reboot>restart</on_reboot>
> <on_crash>destroy</on_crash>
> <devices>
> <emulator>/usr/lib/libvirt/libvirt_lxc</emulator>
> <filesystem type='mount'>
> <source dir='/var/lib/lxc/lxc1/rootfs'/>
> <target dir='/'/>
> </filesystem>
> <interface type='bridge'>
> <source bridge='U13'/>
> <target dev='veth0'/>
> </interface>
> <console type='pty' >
> <target port='5'/>
> </console>
> </devices>
> </domain>
>
> And here are the errors:
> 10:41:09.968: debug : virCgroupNew:542 : New group /
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
> at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 1:cpuacct at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 2:cpuset at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 3:memory at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 4:devices at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 5:freezer at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupNew:542 : New group /libvirt
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
> at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 1:cpuacct at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 2:cpuset at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 3:memory at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 4:devices at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 5:freezer at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupMakeGroup:484 : Make group /libvirt
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/
> 10:41:09.968: debug : virCgroupNew:542 : New group /libvirt/lxc
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping 0:cpu
> at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 1:cpuacct at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 2:cpuset at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 3:memory at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 4:devices at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupDetect:232 : Detected mount/mapping
> 5:freezer at /var/local/cgroup in
> 10:41:09.968: debug : virCgroupMakeGroup:484 : Make group /libvirt/lxc
> 10:41:09.968: debug : virCgroupMakeGroup:496 : Make controller
> /var/local/cgroup/libvirt/lxc/
> 10:41:09.968: debug : lxcControllerRun:595 : Setting up private /dev/pts
> 10:41:10.012: debug : lxcControllerRun:621 : Mouting 'devpts' on
> /var/lib/lxc/lxc1/rootfs/dev/pts
> 10:41:10.012: debug : lxcControllerRun:636 : Opening tty on private
> /var/lib/lxc/lxc1/rootfs/dev/pts/ptmx
> 10:41:10.044: debug : lxcContainerAvailable:897 : clone call returned
> Operation not permitted, container support is not enabled
> 10:41:10.044: debug : lxcContainerStart:848 : Enable network namespaces
> 10:41:10.076: debug : lxcContainerStart:854 : clone() completed, new
> container PID is -1
> 10:41:10.076: error : lxcContainerStart:858 : Failed to run clone
> container: Operation not permitted
> 10:41:10.076: debug : vethDelete:159 : veth: veth1
> 10:41:10.076: debug : virRunWithHook:818 : ip link del veth1
>
> Can someone tell me what i'm doing wrong?
>
> Many thanks.
>
> Regards.
>
>
>
> --
> libvir-list mailing list
> libvir-list(a)redhat.com
>
https://www.redhat.com/mailman/listinfo/libvir-list
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list Hi,
thanks for your response.
The kernel is a 2.6.36 wit hthe following:
root@redbreast:/tmp# cat /boot/config-2.6.36-dsiun-1a | grep -i pid
CONFIG_PROC_PID_CPUSET=y
CONFIG_PID_NS=y
# CONFIG_SPI_SPIDEV is not set
CONFIG_HID_PID=y
root@redbreast:/tmp# cat /boot/config-2.6.36-dsiun-1a | grep -i cgroup
CONFIG_CGROUPS=y
CONFIG_CGROUP_DEBUG=y
CONFIG_CGROUP_NS=y
CONFIG_CGROUP_FREEZER=y
CONFIG_CGROUP_DEVICE=y
CONFIG_CGROUP_CPUACCT=y
CONFIG_CGROUP_MEM_RES_CTLR=y
CONFIG_CGROUP_MEM_RES_CTLR_SWAP=y
CONFIG_CGROUP_SCHED=y
CONFIG_BLK_CGROUP=m
# CONFIG_DEBUG_BLK_CGROUP is not set
CONFIG_NET_CLS_CGROUP=y
Can you explain, how can i check the clone flags?
Many thanks.
Regards.