Bug 607526
| Summary: | [LXC] Can not connect to fedora guest in LXC | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | LiZhang Li <eli> |
| Component: | libvirt | Assignee: | Daniel Veillard <veillard> |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 6.0 | CC: | ajia, berrange, dallan, dyuan, gren, hbrock, llim, mzhan, ozaki.ryota, rwu, vchen, whuang, xen-maint |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | libvirt-0.9.2-1.el6 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2011-12-06 10:46:38 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 621776 | ||
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux major release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Major release. This request is not yet committed for inclusion. We believe this is a misconfiguration, but in any case there's no time to fix it for 6.1. Replacing "/sbin/init" with "/bin/sh" would solve the problem. In may case, that helped me. Anyway, lxc driver should support /sbin/init in the future. There's several issues at play here. - Your Fedora container install needs to be manually configured to run a mingetty on the right device - /dev/console is incorrectly setup in the container. - A bug in libvirt_lxc means that it often quits prematurely resulting in error : vshRunConsole:77 : unable to open tty /dev/pts/10: No such file or 2 & 3 are easily fixed in libvirt. 1 is a documentation problem, and/or a reason to provide a 'virt-bootstrap' tool for LXC with common distros Since RHEL 6.1 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as an exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. Problems 2 & 3 described in comment #6 are fixed upstream by these commits: commit 2fbec002031934c0e5ad660c6af6e34a2647ed3d Author: Daniel P. Berrange <dan> Date: Fri Nov 5 13:27:34 2010 +0000 Fix LXC container console device setup The /dev/console device inside the container must NOT map to the real /dev/console device node, since this allows the container control over the current host console. A fun side effect of this is that starting a container containing a real Fedora OS will kill off your X server. Remove the /dev/console node, and replace it with a symlink to the primary console TTY commit 08fb2a9ce855c6ed1042e451fb4dfc6664a77d64 Author: Daniel P. Berrange <berrange> Date: Tue Feb 22 14:06:09 2011 +0000 Fix group/mode for /dev/pts inside LXC container Normal practice for /dev/pts is to have it mode=620,gid=5 but LXC was leaving mode=000,gid=0 preventing unprivilegd users in the guest use of PTYs * src/lxc/lxc_controller.c: Fix /dev/pts setup commit 4e3117ae50efc0fcbd5ce485cd610dfab7f5c625 Author: Daniel P. Berrange <berrange> Date: Tue Feb 22 17:35:06 2011 +0000 Make LXC container startup/shutdown/I/O more robust The current LXC I/O controller looks for HUP to detect when a guest has quit. This isn't reliable as during initial bootup it is possible that 'init' will close the console and let mingetty re-open it. The shutdown of containers was also flakey because it only killed the libvirt I/O controller and expected container processes to gracefully follow. Change the I/O controller such that when it see HUP or an I/O error, it uses kill($PID, 0) to see if the process has really quit. Change the container shutdown sequence to use the virCgroupKillPainfully function to ensure every really goes away This change makes the use of the 'cpu', 'devices' and 'memory' cgroups controllers compulsory with LXC * docs/drvlxc.html.in: Document that certain cgroups controllers are now mandatory * src/lxc/lxc_controller.c: Check if PID is still alive before quitting on I/O error/HUP * src/lxc/lxc_driver.c: Use virCgroupKillPainfully this bug verified , but can not init system successfully. libvirt-0.9.2-1.el6.x86_64 qemu-kvm-0.12.1.2-2.165.el6.x86_64 kernel-2.6.32-156.el6.x86_64 virt-manager-0.8.6-4.el6 Test step : 1) febootstrap --group-install="base" fedora-14 /mnt/sda5/test-febootstrap/f14 2) virsh -c lxc:/// define vm1.xml <domain type='lxc'> <name>vm1</name> <uuid>47672025-eb2b-d58b-6441-c4703f5c683b</uuid> <memory>500000</memory> <currentMemory>500000</currentMemory> <vcpu>1</vcpu> <os> <type arch='x86_64'>exe</type> <init>/sbin/init</init> </os> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <filesystem type='mount' accessmode='passthrough'> <source dir='/mnt/sda5/test-febootstrap/f14'/> <target dir='/'/> </filesystem> <interface type='network'> <mac address='52:54:00:96:95:3f'/> <source network='default'/> <target dev='veth0'/> </interface> <console type='pty'> <target type='serial' port='0'/> </console> </devices> </domain> 3) #virsh -c lxc:/// start vm1 Domain vm1 started 4) # virsh -c lxc:/// console vm1 Connected to domain vm1 Escape character is ^] /etc/init.d/functions: line 51: /dev/stderr: No such file or directory /etc/init.d/functions: line 51: /dev/stderr: No such file or directory Welcome to Fedora init: readahead-collector main process (5) terminated with status 1 /etc/init.d/functions: line 51: /dev/stderr: No such file or directory Starting udev: udevd33: matchpathcon(/dev/.udev) failed udevd[33]: matchpathcon(/dev/.udev/rules.d) failed udevd[34]: matchpathcon(/dev/core) failed ...... can not init system successfully . Set it as VERIFIED per comment14 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2011-1513.html |
Description of problem: Define a fedora guest <domain type='lxc' id='30013'> <name>fedora-rawhide</name> <uuid>6222c8db-8764-9c54-8fed-2646b8c4ef78</uuid> <memory>32768</memory> <currentMemory>32768</currentMemory> <vcpu>1</vcpu> <os> <type arch='x86_64'>exe</type> <init>/sbin/init</init> </os> <clock offset='utc'/> <on_poweroff>destroy</on_poweroff> <on_reboot>restart</on_reboot> <on_crash>destroy</on_crash> <devices> <emulator>/usr/libexec/libvirt_lxc</emulator> <filesystem type='mount'> <source dir='/tmp/rawhide'/> <target dir='/'/> </filesystem> <interface type='network'> <mac address='52:54:00:73:6b:43'/> <source network='default'/> <target dev='veth1'/> </interface> <console type='pty'> <target port='0'/> </console> </devices> </domain> start the guest and console connect to it the operation just hang there like this: virsh # console fedora-rawhide Connected to domain fedora-rawhide Escape character is ^] sometimes it complains about the wrong /dev/pts like this: error : vshRunConsole:77 : unable to open tty /dev/pts/10: No such file or directory Version-Release number of selected component (if applicable): # rpm -qa | grep libvirt libvirt-client-0.8.1-10.el6.i686 libvirt-debuginfo-0.8.1-10.el6.i686 libvirt-0.8.1-10.el6.i686 libvirt-python-0.8.1-10.el6.i686 libvirt-devel-0.8.1-10.el6.i686 # uname -r 2.6.32-30.el6.i686 How reproducible: 100%