[OpenWrt-Devel] LXC is broken on Caos Calmer
Antonio Aloisio
gnuton at gnuton.org
Thu Feb 11 08:32:52 EST 2016
Howdy!
Thanks to Daniel's suggestions I went a little bit further in creating
containers from the available templates but they remain broken and the
kernel is indeed not supporting LXC.
The point is that I would expect that if there are some packages available
in the repo, those are supposed to work.
Said that I can help to get something fixed here and submit some patches as
soon as I get how those problems should be addressed
First of all the kernel does not seem to support LXC.
I'm new to openwrt and i have some questions in order to get started... so,
sorry if they may sounds silly for some of you.
1. What would be the best strategy to distribute a working lxc kernel? can
lxc be part of the mainstream kernel for some targets?
2. Can we make lxc packages available only to some architectures/targets?
3 Luka is there any public container repos which would work with openwrt?
4. is there any documentation about how to get lxc working on openwrt
devices?
Cheerio,
Antonio
gnuton at Honeypot:~$ lxc-checkconfig
--- Namespaces ---
Namespaces: required
Utsname namespace: missing
Ipc namespace: required
Pid namespace: required
User namespace: missing
Network namespace: missing
Multiple /dev/pts instances: missing
--- Control groups ---
Cgroup: required
Cgroup namespace: required
Cgroup device: missing
Cgroup sched: missing
Cgroup cpu account: missing
Cgroup memory controller: missing
--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
File capabilities: enabled
Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig
On Thu, Feb 11, 2016 at 2:47 PM, Luka Perkov <luka at openwrt.org> wrote:
> Hi Daniel & Antonio,
>
> > On Feb 11, 2016, at 11:08 AM, Daniel Golle <daniel at makrotopia.org>
> wrote:
> >
> > Hi Antonio,
> >
> > thanks for trying all that and reporting back your results!
> >
> >> On Thu, Feb 11, 2016 at 12:47:50AM +0200, Antonio Aloisio wrote:
> >> Hi there!
> >> Here is a few findings about LXC templates available on OpenWRT CC.
> >>
> >> Just for reference, here below you can see all the templates available
> on
> >> CC and what works and what does not.
> >
> > Maybe we should split-up the templates into individual packages, each
> > having its own set of dependencies.
>
> I am ok with that. Feel free to send the patch.
>
> In general I would advise to make the container rootfs outside of OpenWrt.
> Making it in OpenWrt leads to unnecessary overhead.
>
> >> /usr/share/lxc/templates/lxc-oracle <-- BAD ARCHITECTURE. NO ARM
> >> /usr/share/lxc/templates/lxc-plamo <-- depends on "flock". It may work.
> I
> >> get Failed to download
> >
> > flock is available as a package, you should be able to install it.
> >
> >> /usr/share/lxc/templates/lxc-busybox <-- creates the containers, but
> >> doesn't start (busybox no statically linked)
> >
> > Well, that's odd, but there's not much we can do. Maybe report that
> > to LXC and let them know not everybody uses glibc...
> >
> >> /usr/share/lxc/templates/lxc-fedora <-- fails to
> >> download /releases/20/Fedora/armhfp/os
> >
> > Also, please report that upstream (check that it wasn't already fixed
> > in more recent versions of LXC)
> >
> >> /usr/share/lxc/templates/lxc-sshd <--- fails requires ssh-keygen. is it
> >> available on openwrt?
> >
> > Installing openssh-keygen, openssh-client and openssh-client-utils may
> > help...
> >
> >> /usr/share/lxc/templates/lxc-ubuntu-cloud <-- no idea what's broken
> >> /usr/share/lxc/templates/lxc-openmandriva
> >> /usr/share/lxc/templates/lxc-gentoo <-- requires tar. maybe works
> >220MB.
> >> Ran out of disk on /tmp
> >
> > Probably temp directory for LXC should be configurable, so it can
> > go to /mnt/tmp or somewhere with enough space on a specific system...
> >
> >> /usr/share/lxc/templates/lxc-download <-- no idea what's wrong
> >
> >
> >> /usr/share/lxc/templates/lxc-archlinux <-- fails require pacman. not
> >> available
> >
> > I agree it'd be nice to have, I remember that pacstrap was quite
> > painful to get working, I've tried that before...
> >
> >> /usr/share/lxc/templates/lxc-cirros <-- require tar. works? some problem
> >> still with lxc cgroups
> >
> > Did you compile OpenWrt from source?
> > I'm asking because LXC depends on CONFIG_LXC_KERNEL_OPTIONS and
> > CONFIG_LXC_BUSYBOX_OPTIONS to work properly, and I believe this isn't
> > enabled in the binary release of CC.
>
> Right.
>
> >> /usr/share/lxc/templates/lxc-debian <-- requires debootstrap. itäs not a
> >> openwrt package
> >> /usr/share/lxc/templates/lxc-ubuntu <-- requires debootstrap. itäs not a
> >> openwrt package
> >
> > You can install debootstrap, it is available, I've just updated it to
> > the most recent release.
> >
> >> /usr/share/lxc/templates/lxc-centos <-- requires yum. fails container
> >> creation
> >
> > Hm, nobody ever packaged all the foreign-distribution package managers
> > for OpenWrt. It's quite a lot of work...
> >
> >> /usr/share/lxc/templates/lxc-altlinux <-- requires apt-get. fails
> container
> >> creation
> >
> > Why doesn't the template just you debootstrap...?
> >
> >> /usr/share/lxc/templates/lxc-alpine <-- requires sha256sum. is it
> available?
> >
> > Try installing coreutils-sha256sum which provides sha256sum
> >
> >> /usr/share/lxc/templates/lxc-opensuse <-- requires zipper. not available
> >
> >
> > Cheers
> >
> >
> > Daniel
> >
> >>
> >> Cheers,
> >> Antonio
> >>
> >> On Wed, Feb 10, 2016 at 10:03 PM, Daniel Golle <daniel at makrotopia.org>
> >> wrote:
> >>
> >>> Hi Antonio,
> >>>
> >>>> On Wed, Feb 10, 2016 at 09:52:25PM +0200, Antonio Aloisio wrote:
> >>>> Hi there,
> >>>> I have tried to run lxc on openwrt but it looks to me that those
> packages
> >>>> are broken.
> >>>
> >>> I'm actively using LXC, however, I use a custom overlayfs method to
> >>> create OpenWrt containerers
>
> Yup. We don't have out of the box containers which are widely available. I
> often make OpenWrt containers from .tar rootfs archives.
>
>
> >>>> root at Honeypot:/home/gnuton# lxc-create -t download -n xx
> >>>> Setting up the GPG keyring
> >>>> ERROR: Unable to fetch GPG key from keyserver.
> >>>> lxc_container: lxccontainer.c: create_run_template: 1102 container
> >>> creation
> >>>> template for xx failed
> >>>
> >>> I manually use debootstrap to setup Debian rootfs and throwing that at
> >>> LXC works great. I once went through the Debian template and believe it
> >>> would make sense to fix it up to work on OpenWrt, so LXC becomes more
> >>> useable. Do you have gnupg installed? If not or if GPG stuff fails for
> >>> some reason, you can try to to modify the Debian template to use
> >>> debootstrap having the signature checks disabled (not ideal,
> >>> obviously).
> >>>
> >>>> I have also installed LXC LuCi web GUI and it doesn't work too.
> >>>> The GUI would allow me to create a openwrt based conatainer, but the
> >>> truth
> >>>> is that there is no such template available as you may see from the
> above
> >>>> list.
> >>>
> >>> I never tried lxc-download nor the LuCI GUI which is afaik just a
> >>> proof-of-concept and not that usable in it's current state.
>
> Actually the GUI does work. You need to have containers and/or proper
> container URL where you are hosting containers for you architecture.
>
> >>>
> >>>> Digging further I had a look at the source code and I noticed there
> some
> >>>> problems too
> >>>> for instance
> >>>
> https://github.com/openwrt/packages/blob/master/utils/lxc/patches/030-lxc-download.patch
> >>>> points lxc-download to use a not working server.
> >>>
> >>> If you feel like helping, please suggest a patch via github.
> >>>
> >>>> I would like to know what's the status of LXC, is it supposed to work
> or
> >>>> those packages are unmantained?
> >>>
> >>> Good question... @luka ?
>
> It is working. However, some knowledge of LXC and OpenWrt in general is
> needed to make the proper setup.
>
> Patches as always are welcome.
>
> Luka
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.infradead.org/pipermail/openwrt-devel/attachments/20160211/fa82e3af/attachment.htm>
-------------- next part --------------
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list