Re: [libvirt-users] User Namespace in LXC
Hi Saurabh,
First of all. I think there are something wrong in you container configure file
the <idmap> should under <domain>.
such as
<domain type='lxc'>
<name>xxx</name>
<memory unit='KiB'>102400</memory>
<currentMemory unit='KiB'>102400</currentMemory>
<vcpu placement='static'>1</vcpu>
<resource>
<partition>/machine</partition>
</resource>
<os>
<type arch='x86_64'>exe</type>
<init>/bin/sh</init>
</os>
<idmap>
<uid start='0' target='1000' count='10'/>
<gid start='0' target='1000' count='10'/>
</idmap>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>destroy</on_crash>
<devices>
<console type='pty'>
<target type='lxc' port='0'/>
</console>
</devices>
</domain>
If your system doesn't support user namespace and your container has configure file,
then when you start container, this error will be threw out.
error: Failed to start domain xxx
error: internal error: guest failed to start: Kernel doesn't support user namespace:
If your configure file is right and the libvirt_lxc doesn't throw out error message,
it's a bug we should fix.
On 11/13/2013 01:24 PM, Saurabh Deochake wrote:
Hi Gao,
I checked the output of "lxc-checkconfig" command and it showed
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
*User namespace: missing*
Network namespace: enabled
Multiple /dev/pts instances: enabled
Here it shows that User namespace support is missing. I tried to check for Namespaces
Support in kernel menuconfig. It has support for following namespaces only:
--- Namespaces support
[*] UTS namespace
[*] IPC namespace
[*] PID Namespaces
[*] Network namespace
There is no User Namespace support. So do I need to patch the kernel for user namespace
support? What should I do in order to get user namespace working?
Following are my system details:
OS: Fedora 19
Kernel: 3.9.5
Disable the xfs filesystem, and then you will see User namespace under Namespaces
support.
Enjoy it.
Thanks