nesting

Given these two LXC features (keyctl and nesting): there is a way to programmatically query them from inside the container? I found /sys/module/kvm_intel/parameters/nested but unfortunately it returns "Y" for both nesting=0 and nesting=1 containers.

When I create a LXC container I always see "nesting = true". At pve-docs I see nesting default to be 0 ("nesting = false"). Is this a case to report?

Hi everyone, I am trying to configure Gitlab runners with custom LXD executors inside proxmox's LXC container. Basically, I want to be able to spin-up LXC containers inside Proxmox's unprivileged LXC container. I did the following: 1. Created unprivileged Ubuntu 22.04 LXC container with...

I want to do some tests with Docker from a container in a version of Proxmox (Virtual Environment 6.4-15). To do this I found that within the Features I must mark Keyct and Nesting, but when trying to do so it does not let me edit. According to what I see in the documentation at...

Hi, Thanks to a few Reddit threads, I got rootless Podman to work inside an LXC container. However, my intention was to use distrobox/toolbox, and it doesn't work. I've documented everything in detail here: https://github.com/alexpdp7/alexpdp7/issues/10 ; the gist is that these tools create...

I am trying to migrate my VMs from libvirt to proxmox, and ran into this issue. Set cpu type to host Add `-hypervisor` cpu flag by using custom cpu type Install fresh win10 Confirm windows task manager shows host CPU VM is working fine Install WSL2 VM no longer boots - hangs on windows splash...

I'm trying to install the Certbot snap inside a Proxmox container but having issues. Reading the forum threads, I've added the following features to the container: 'nesting=1,fuse=1' But unfortunately, this doesn't help. The relevant error messages are: Unpacking squashfs-tools...

I'm trying to use the API to set the NESTING feature flag when creating a container. I am using a TOKEN tied to the root user and assigned the ADMINISTRATOR role for the pool. However, that is not working. In searching the forums, I ran into this thread...

I am wondering what the underlying cause is that makes quotas not work in unprivileged containers? I see with the latest proxmox that we now have nesting=1 and mknod=1 so I am wondering if quotas in unprivileged container might be possible now.

We would like to enbable nesting and keyctl for our LXC containers. Our customers demand these features so they can install and use Docker. There are (fairly old) posts suggesting this would be a security risk and we should be careful if we really want to do it as it could be possible for an...

I know I saw few post about it and fixed few error, but still remain one at the end of the installation of proxmox 6.2 inside proxmox 6.2 - nesting is allowed and I reboot - IOMMU is enabled properly and used by other VM - my host is a Skylake the error the config of proxmox inside kvm

Guten Morgen, könnte man mir bitte mal erklären, was für Auswirkungen die Aktivierung der Features keyctl nesting FUSE haben? Vielen Dank

I have recently began deployment of nested containers following an orderly upgrade to 5.3, when I noticed that only a root user may actually flag the features. What is the rationale for this limitation? What are the implications of setting these flags I'm not considering?

I have a mixed PVE cluster; most guests are running Windows and Linux. In addition, PVE is running on an Intel MacPro where macOS is a guest. I am also running my VM with VGA passthrough on this system as a triple boot guest to macOS, Windows, and Linux. Since passthrough and macOS require...

Hi everyone. I'm trying to nesting containers inside a new CT created in latest Proxmox vesion, 5.0. The point is that when I'm trying to create a new container inside a CT, throws me a list of errors. The first error line: error: Failed to run: /usr/bin/lxd forkstart test...