lxc for debian etch

R

RobFantini

Famous Member
May 24, 2012
2,085
117
133
Boston,Mass
Hello

We have some debian etch openvz systems that we'd like to convert to lxc .

Currently debian 4 is not supported:

Code: 
s035  ~ # pct restore 3581  /mnt/pve/nfs-pve/dump/vzdump-openvz-3544-2015_09_05-22_00_02.tar.lzo 
Formatting '/var/lib/vz/images/3581/vm-3581-disk-1.raw', fmt=raw size=12884901888
mke2fs 1.42.12 (29-Aug-2014)
Discarding device blocks: done                            
Creating filesystem with 3145728 4k blocks and 786432 inodes
Filesystem UUID: 4234b5c8-843d-43f4-a208-aea3b3c7b2fb
Superblock backups stored on blocks: 
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Multiple mount protection is enabled with update interval 5 seconds.
Writing superblocks and filesystem accounting information: done 

extracting archive '/mnt/pve/nfs-pve/dump/vzdump-openvz-3544-2015_09_05-22_00_02.tar.lzo'
Total bytes read: 3416524800 (3.2GiB, 184MiB/s)
Detected container architecture: i386
###########################################################
Converting OpenVZ configuration to LXC.
Please check the configuration and reconfigure the network.
###########################################################
unsupported debian version '4.0'

So the convert script does not handle etch.

Now I have gotten etch to work with lxc at amazon ec2 . So I know etch can run fine in a lxc.

So a question - has anyone some clues on getting etch to work with pve lxc ? Or point me to which scripts I should look at patching .

best regards, Rob
 
Code: 
s035  /etc/pve/lxc # cat 3581.conf
arch: i386
hostname: CT3581
memory: 512
rootfs: local:3581/vm-3581-disk-1.raw,size=12G
swap: 512


# pct start 3581
missing 'ostype' - internal error at /usr/share/perl5/PVE/LXC.pm line 997.


added ostype: debian  to 3581.conf
then
# pct start 3581
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.

So I figure there are some edits to do in the lxc .


How do I mount /var/lib/vz/images/35101/vm-35101-disk-1.raw to do edits in /etc/ there ?
 
Debian etch is out of date and unsupported - no security updates. You should really update that system.
 
dietmar said:
Debian etch is out of date and unsupported - no security updates. You should really update that system.
Click to expand...

true it is out of date, however cost to upgrade the crucial software is not feasable. so I deal with key services like ssh , ldap etc by rebuilding software from source..
 
also How do I mount /var/lib/vz/images/35101/vm-35101-disk-1.raw to do edits in /etc/ there ?

even with the patch, there are some adjustments needed to etch /etc/ . I'll document those ...
 
RobFantini said:
also How do I mount /var/lib/vz/images/35101/vm-35101-disk-1.raw to do edits in /etc/ there ?
Click to expand...

You can simply use a loop mount, for example:

# mkdir /mmt/test
# mount -o loop /var/lib/vz/images/35101/vm-35101-disk-1.raw /mnt/test

Then apply your changes

# umount /mnt/test
 
I get this when trying to start:

lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 346 To get more details, run the container in foreground mode.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.


I checked man page for pct and could not see how to set foreground mode or additional logging.

can lxc-start be used directly to start a lxc ? possibly I'd get more debugging info.
 
I see that the convert script does not touch /etc .

I'm getting this at lxc start:
Code: 
/sbin/getty: invalid option -- -
Usage: getty [-hiLmw] [-l login_program] [-t timeout] [-I initstring] [-H login_host] baud_rate,... line [termtype]
or      [-hiLmw] [-l login_program] [-t timeout] [-I initstring] [-H login_host] line baud_rate,... [termtype]
/sbin/getty: invalid option -- -
Usage: getty [-hiLmw] [-l login_program] [-t timeout] [-I initstring] [-H login_host] baud_rate,... line [termtype]
or      [-hiLmw] [-l login_program] [-t timeout] [-I initstring] [-H login_host] line baud_rate,... [termtype]
/sbin/getty: invalid option -- -

at startup pve adds / changes these lines in inittab:
Code: 
1:2345:respawn:/sbin/getty --noclear 38400 tty1
2:23:respawn:/sbin/getty --noclear 38400 tty2

--noclear in getty is not supported by Debian Etch's inittab / getty .

I tried adding --noclear to an openvz on another system, restarted and get the same getty complaints. The result is console at pve does not work.

So at startup pve is converting /etc/inittab and that breaks console and maybe other things. Is there a way to adjust the start script to prevent /etc/inittab changes ?
 
We only use --noclear if we detect debian version > 7. I test here with debian etch and console works perfectly.
Maybe you added some custom hacks?
 
dietmar said:
We only use --noclear if we detect debian version > 7. I test here with debian etch and console works perfectly.
Maybe you added some custom hacks?
Click to expand...

Yea I had changed /etc/debian_version to a higher number in order to get ' pct restore ' to work.

so I mounted the image and changed the version to 4 . that got the inittab issue fixed, thank you!

next there is another issue I'll reply to the thread ..
 
so after inittab issue I have got this :

Code: 
lxc-start -n 35444  -F --logfile=35444.log --logpriority=debug
unsupported debian version '4.0'
lxc-start: conf.c: run_buffer: 336 Script exited with status 25
lxc-start: conf.c: lxc_setup: 3827 failed to run mount hooks for container '35444'.
lxc-start: start.c: do_start: 702 failed to setup the container
lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 2
lxc-start: start.c: __lxc_start: 1172 failed to spawn '35444'
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.

from logfile=35444.log :
Code: 
...
      lxc-start 1442061316.180 INFO     lxc_conf - conf.c:mount_file_entries:2026 - mount points have been setup
      lxc-start 1442061316.181 INFO     lxc_conf - conf.c:run_script_argv:356 - Executing script '/usr/share/lxc/hooks/lxc-pve-mount-hook' for container '35444', config section 'lxc'
      lxc-start 1442061316.525 ERROR    lxc_conf - conf.c:run_buffer:336 - Script exited with status 25
      lxc-start 1442061316.526 ERROR    lxc_conf - conf.c:lxc_setup:3827 - failed to run mount hooks for container '35444'.
      lxc-start 1442061316.526 ERROR    lxc_start - start.c:do_start:702 - failed to setup the container
      lxc-start 1442061316.526 ERROR    lxc_sync - sync.c:__sync_wait:51 - invalid sequence number 1. expected 2
      lxc-start 1442061316.526 WARN     lxc_conf - conf.c:lxc_delete_network:2995 - failed to remove interface 'eth0'
      lxc-start 1442061316.576 ERROR    lxc_start - start.c:__lxc_start:1172 - failed to spawn '35444'
      lxc-start 1442061316.576 INFO     lxc_conf - conf.c:run_script_argv:356 - Executing script '/usr/share/lxc/hooks/lxc-pve-poststop-hook' for container '35444', config section 'lxc'
      lxc-start 1442061316.924 ERROR    lxc_start_ui - lxc_start.c:main:344 - The container failed to start.
      lxc-start 1442061316.924 ERROR    lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.
      lxc-start 1442061596.845 INFO     lxc_start_ui - lxc_start.c:main:264 - using rcfile /var/lib/lxc/35444/config
      lxc-start 1442061596.845 WARN     lxc_confile - confile.c:config_pivotdir:1825 - lxc.pivotdir is ignored.  It will soon become an error.
      lxc-start 1442061596.847 WARN     lxc_cgmanager - cgmanager.c:cgm_get:993 - do_cgm_get exited with error
      lxc-start 1442061596.847 INFO     lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
      lxc-start 1442061596.847 INFO     lxc_seccomp - seccomp.c:parse_config_v2:318 - processing: .reject_force_umount  # comment this to allow umount -f;  not recommended.
      lxc-start 1442061596.847 INFO     lxc_seccomp - seccomp.c:parse_config_v2:410 - Adding native rule for reject_force_umount action 0
...

      lxc-start 1442061597.568 DEBUG    lxc_conf - conf.c:mount_entry:1751 - mountflags already was 4096, skipping remount
      lxc-start 1442061597.568 DEBUG    lxc_conf - conf.c:mount_entry:1777 - mounted '/sys/fs/fuse/connections' on '/usr/lib/x86_64-linux-gnu/lxc/rootfs/sys/fs/fuse/connections', type 'none'
      lxc-start 1442061597.568 INFO     lxc_conf - conf.c:mount_file_entries:2026 - mount points have been setup
      lxc-start 1442061597.569 INFO     lxc_conf - conf.c:run_script_argv:356 - Executing script '/usr/share/lxc/hooks/lxc-pve-mount-hook' for container '35444', config section 'lxc'
      lxc-start 1442061597.916 ERROR    lxc_conf - conf.c:run_buffer:336 - Script exited with status 25
      lxc-start 1442061597.916 ERROR    lxc_conf - conf.c:lxc_setup:3827 - failed to run mount hooks for container '35444'.
      lxc-start 1442061597.916 ERROR    lxc_start - start.c:do_start:702 - failed to setup the container
      lxc-start 1442061597.916 ERROR    lxc_sync - sync.c:__sync_wait:51 - invalid sequence number 1. expected 2
      lxc-start 1442061597.917 WARN     lxc_conf - conf.c:lxc_delete_network:2995 - failed to remove interface 'eth0'
      lxc-start 1442061597.984 ERROR    lxc_start - start.c:__lxc_start:1172 - failed to spawn '35444'
      lxc-start 1442061597.984 INFO     lxc_conf - conf.c:run_script_argv:356 - Executing script '/usr/share/lxc/hooks/lxc-pve-poststop-hook' for container '35444', config section 'lxc'
      lxc-start 1442061598.330 ERROR    lxc_start_ui - lxc_start.c:main:344 - The container failed to start.
      lxc-start 1442061598.330 ERROR    lxc_start_ui - lxc_start.c:main:348 - Additional information can be obtained by setting the --logfile and --logpriority options.
 
dietmar said:
It is always the same reason, and I already uploaded the patch:

https://git.proxmox.com/?p=pve-container.git;a=commitdiff;h=4596e30d34cbf19281391132334adcbb126bbada

So you either apply that manually, or you wait until we update the package on the package repository...
Click to expand...

So I edited /usr/share/perl5/PVE/LXC/Setup/Debian.pm and made the change.

then started from scratch. this dump has /etc/debian_version set to 4.0 :
Code: 
pct restore 105 /mnt/pve/nfs-pve/dump/vzdump-openvz-3544-2015_09_05-22_00_02.tar.lzo
Formatting '/var/lib/vz/images/105/vm-105-disk-1.raw', fmt=raw size=12884901888
mke2fs 1.42.12 (29-Aug-2014)
Discarding device blocks: done                            
Creating filesystem with 3145728 4k blocks and 786432 inodes
Filesystem UUID: 2ce2427e-6d44-4275-b46c-562e8b77a7bc
Superblock backups stored on blocks: 
        32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208

Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Multiple mount protection is enabled with update interval 5 seconds.
Writing superblocks and filesystem accounting information: done 

extracting archive '/mnt/pve/nfs-pve/dump/vzdump-openvz-3544-2015_09_05-22_00_02.tar.lzo'
Total bytes read: 3416524800 (3.2GiB, 172MiB/s)
Detected container architecture: i386
###########################################################
Converting OpenVZ configuration to LXC.
Please check the configuration and reconfigure the network.
###########################################################
So that worked .

then added network.

start:
Code: 
 lxc-start -n 105 -F --logfile=105.log --logpriority=debug
input too long - aborting
lxc-start: conf.c: run_buffer: 336 Script exited with status 255
lxc-start: conf.c: lxc_setup: 3827 failed to run mount hooks for container '105'.
lxc-start: start.c: do_start: 702 failed to setup the container
lxc-start: sync.c: __sync_wait: 51 invalid sequence number 1. expected 2
lxc-start: start.c: __lxc_start: 1172 failed to spawn '105'
lxc-start: lxc_start.c: main: 344 The container failed to start.
lxc-start: lxc_start.c: main: 348 Additional information can be obtained by setting the --logfile and --logpriority options.

from logfile:
Code: 
      lxc-start 1442064735.960 INFO     lxc_start_ui - lxc_start.c:main:264 - using rcfile /var/lib/lxc/105/config
      lxc-start 1442064735.960 WARN     lxc_confile - confile.c:config_pivotdir:1825 - lxc.pivotdir is ignored.  It will soon become an error.
      lxc-start 1442064735.961 WARN     lxc_cgmanager - cgmanager.c:cgm_get:993 - do_cgm_get exited with error
      lxc-start 1442064735.961 INFO     lxc_lsm - lsm/lsm.c:lsm_init:48 - LSM security driver AppArmor
      lxc-start 1442064735.961 INFO     lxc_seccomp - seccomp.c:parse_config_v2:318 - processing: .reject_force_umount  # comment this to allow umount -f;  not recommended.
      lxc-start 1442064735.961 INFO     lxc_seccomp - seccomp.c:parse_config_v2:410 - Adding native rule for reject_force_umount action 0
..
      lxc-start 1442064735.961 INFO     lxc_seccomp - seccomp.c:parse_config_v2:410 - Adding native rule for finit_module action 327681
      lxc-start 1442064735.961 WARN     lxc_seccomp - seccomp.c:do_resolve_add_rule:227 - Seccomp: got negative # for syscall: finit_module
      lxc-start 1442064735.961 WARN     lxc_seccomp - seccomp.c:do_resolve_add_rule:228 - This syscall will NOT be blacklisted
..
      lxc-start 1442064736.689 INFO     lxc_conf - conf.c:run_script_argv:356 - Executing script '/usr/share/lxc/hooks/lxc-pve-mount-hook' for container '105', config section 'lxc'
      lxc-start 1442064737.039 ERROR    lxc_conf - conf.c:run_buffer:336 - Script exited with status 255
      lxc-start 1442064737.039 ERROR    lxc_conf - conf.c:lxc_setup:3827 - failed to run mount hooks for container '105'.
      lxc-start 1442064737.039 ERROR    lxc_start - start.c:do_start:702 - failed to setup the container
      lxc-start 1442064737.039 ERROR    lxc_sync - sync.c:__sync_wait:51 - invalid sequence number 1. expected 2
      lxc-start 1442064737.039 WARN     lxc_conf - conf.c:lxc_delete_network:2995 - failed to remove interface 'eth0'
      lxc-start 1442064737.096 ERROR    lxc_start - start.c:__lxc_start:1172 - failed to spawn '105'

I'm in no hurry so can wait until next release.

If you or others want me to continue testing then let me know what to try. Otherwise I'll wait until next release then get back to this.
 
Last edited:
Seems some of the files we read are too large:

what is the size of the following files inside the container:

/etc/hosts
/etc/securetty
/etc/crontab
/etc/cron.d/*

All file should be smaller the 32KB (I guess we should increase that limit)
 
dietmar said:
Seems some of the files we read are too large:

what is the size of the following files inside the container:

/etc/hosts
/etc/securetty
/etc/crontab
/etc/cron.d/*

All file should be smaller the 32KB (I guess we should increase that limit)
Click to expand...

Code: 
s035  /media/test2/etc # du -sh /etc/crontab /etc/hosts /etc/securetty /etc/cron.d
4.0K    /etc/crontab
4.0K    /etc/hosts
4.0K    /etc/securetty
32K     /etc/cron.d

I'll make cron.d smaller for now. and test if that make a difference.
 
You must log in or register to reply here.
Top Bottom