[Wolves] Ubuntu 16.04 LXC Unprivileged containers and limits
Simon Burke
simon at samandsimon.co.uk
Wed Aug 3 08:28:39 UTC 2016
Sorry for the delay in reponse (and top posting), I have answered inline
below.
On Tue, 2 Aug 2016 at 17:05 David Goodwin <david at codepoets.co.uk> wrote:
>
>
> I ended up reading the lxc source code at times :(
>
> Perhaps your cgroups aren't mounted in the 'right' way?
>
Im reasonably sure this is the case, especially as logging the lxc-start
command we see the error:
lxc-start 20160803091829.456 ERROR lxc_cgfsng -
cgfsng.c:cgfsng_setup_limits:1645 - No devices cgroup setup for unpriv1
lxc-start 20160803091829.456 ERROR lxc_start -
start.c:lxc_spawn:1226 - failed to setup the devices cgroup for 'unpriv1'
> Are you using systemd ?
>
I am yes, this is a fresh install of ubuntu xenial 16.04
>
> Can you apply limits to the cgroup once the container is started ?
>
After the container is started limits can be applied without issue.
>
> (In my case - e.g.
>
> lxc-cgroup -n containerName memory.limit_in_bytes "300M"
>
> or if you're feeling braver just write to the file(s) probably in
> /sys/fs/cgroup/lxc/<containerName>/limit_in_bytes
>
interestingly the /sys/fs/cgroup/lxc dir is not present on this server.
>
>
> I just have cgroups mounted with this in /etc/fstab :
>
> cgroup /sys/fs/cgroup cgroup defaults 0 0
>
> Mine is identical.
>
> David.
>
Thanks,
Simon.
More information about the Wolves
mailing list