Fail creating LXC container on mvebu (Turris Omnia)

opotonil · September 11, 2021, 12:24pm

After upgrade to OpenWRT 21.02.0, I installed luci-app-lxc and tried to create a container from the web interface, but nothing happened, so I tried from the cli and got this error:

# lxc-create -n test -t download
Failed to create lock for test
lxc-create: test: tools/lxc_create.c: main: 260 Failed to create lxc container

I found this topic with the same error but I don't understand how @erdoukki solved it. I tried to comment all references to cgroup v1 devices in /usr/share/lxc/config/common.conf and reboot, but I get the same error.

erdoukki · September 11, 2021, 12:42pm

what results give the following command ?

lxc-checkconfig

opotonil · September 11, 2021, 12:48pm

Here is the command output:

# lxc-checkconfig 
/usr/bin/lxc-checkconfig: line 66: lxc-start: not found
LXC version 
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
newuidmap is not installed
newgidmap is not installed
Network namespace: enabled

--- Control groups ---
Cgroups: enabled

Cgroup v1 mount points: 


Cgroup v2 mount points: 
/sys/fs/cgroup

Cgroup v1 systemd controller: missing
Cgroup v1 freezer controller: missing
Cgroup namespace: required
Cgroup device: missing
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled, not loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, not loaded
Advanced netfilter: enabled, not loaded
CONFIG_NF_NAT_IPV4: missing
CONFIG_NF_NAT_IPV6: missing
CONFIG_IP_NF_TARGET_MASQUERADE: missing
CONFIG_IP6_NF_TARGET_MASQUERADE: missing
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, loaded
FUSE (for use with lxcfs): enabled, not loaded

--- Checkpoint/Restore ---
checkpoint restore: missing
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: missing
CONFIG_INET_DIAG: missing
CONFIG_PACKET_DIAG: missing
CONFIG_NETLINK_DIAG: enabled
File capabilities: 

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

This seems worrisome Cgroup namespace: required.

erdoukki · September 11, 2021, 1:04pm

I have these ipk installed :

cgroup-tools
cgroupfs-mount
libcgroup
lxc-cgroup

You can check with :

opkg list-installed | grep cgroup

erdoukki · September 11, 2021, 1:17pm

you look to missing lxc-start also ;
I have all this installed :

opkg list-installed | grep lxc

liblxc - 4.0.5-3
luci-app-lxc - git-21.103.58362-49d2a94
lxc - 4.0.5-3
lxc-attach - 4.0.5-3
lxc-auto - 4.0.5-3
lxc-autostart - 4.0.5-3
lxc-cgroup - 4.0.5-3
lxc-checkconfig - 4.0.5-3
lxc-common - 4.0.5-3
lxc-config - 4.0.5-3
lxc-configs - 4.0.5-3
lxc-console - 4.0.5-3
lxc-copy - 4.0.5-3
lxc-create - 4.0.5-3
lxc-destroy - 4.0.5-3
lxc-device - 4.0.5-3
lxc-execute - 4.0.5-3
lxc-freeze - 4.0.5-3
lxc-hooks - 4.0.5-3
lxc-info - 4.0.5-3
lxc-init - 4.0.5-3
lxc-ls - 4.0.5-3
lxc-monitor - 4.0.5-3
lxc-monitord - 4.0.5-3
lxc-snapshot - 4.0.5-3
lxc-start - 4.0.5-3
lxc-stop - 4.0.5-3
lxc-templates - 4.0.5-3
lxc-top - 4.0.5-3
lxc-unfreeze - 4.0.5-3
lxc-unprivileged - 4.0.5-3
lxc-unshare - 4.0.5-3
lxc-user-nic - 4.0.5-3
lxc-usernsexec - 4.0.5-3
lxc-wait - 4.0.5-3
rpcd-mod-lxc - 20201208

erdoukki · September 11, 2021, 1:19pm

Here is a topic about LXC and how to install and user : OpenWrt ARM64 QUICK LXC HOWTO/GUIDE (LMS in Debian System in LXC Container)

opotonil · September 11, 2021, 7:47pm

Thanks you.

Finally after install lxc-auto and reboot, all is working:

# opkg list-installed *cgroup*
# opkg list-installed | grep lxc
liblxc - 4.0.5-3
luci-app-lxc - git-21.103.58362-49d2a94
lxc - 4.0.5-3
lxc-attach - 4.0.5-3
lxc-auto - 4.0.5-3
lxc-common - 4.0.5-3
lxc-configs - 4.0.5-3
lxc-console - 4.0.5-3
lxc-create - 4.0.5-3
lxc-hooks - 4.0.5-3
lxc-start - 4.0.5-3
lxc-stop - 4.0.5-3
lxc-templates - 4.0.5-3
rpcd-mod-lxc - 20201208

I will need open another topic to know how configure the network to add the container to a vlan using DSA. This seem don't work:

lxc.net.0.type = veth
lxc.net.0.link = br-lan.1

erdoukki · September 11, 2021, 10:06pm

from one of my working config :

# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = br-lan
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:FF:AA:00:00:04

install kmod-veth and remember to use only a bridged network with veth...

erdoukki · September 11, 2021, 10:07pm

this sould work if you have installed kmod-veth, and if br-lan.1 is an existing network...

opotonil · September 12, 2021, 11:12am

Thanks @erdoukki

I have opened another topic explaining better how I want to configure the network and what fails.

tmomas · September 22, 2021, 11:13am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.