[still stuck] LXC won't start after Passing block storage to container

[GankUnlo]

interesting. it seems now i'm unable to create a new container


Task viewer: CT 107 - Create

OutputStatus

Stop
Logical volume "vm-107-disk-0" created.
mke2fs 1.44.5 (15-Dec-2018)
Discarding device blocks: 4096/2097152 done
Creating filesystem with 2097152 4k blocks and 524288 inodes
Filesystem UUID: 47330049-7907-4ece-822c-9cc682854712
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632

Allocating group tables: 0/64 done
Writing inode tables: 0/64 done
Creating journal (16384 blocks): done
Multiple mount protection is enabled with update interval 5 seconds.
Writing superblocks and filesystem accounting information: 0/64 done

extracting archive '/var/lib/vz/template/cache/debian-9-turnkey-fileserver_15.0-1_amd64.tar.gz'
tar: ./var/spool/postfix/dev/urandom: Cannot mknod: Operation not permitted
tar: ./var/spool/postfix/dev/random: Cannot mknod: Operation not permitted
Total bytes read: 844503040 (806MiB, 89MiB/s)
tar: Exiting with failure status due to previous errors
Logical volume "vm-107-disk-0" successfully removed
TASK ERROR: unable to create CT 107 - command 'lxc-usernsexec -m u:0:100000:65536 -m g:0:100000:65536 -- tar xpf - -z --totals --one-file-system -p --sparse --numeric-owner --acls --xattrs '--xattrs-include=user.*' '--xattrs-include=security.capability' '--warning=no-file-ignored' '--warning=no-xattr-write' -C /var/lib/lxc/107/rootfs --skip-old-files --anchored --exclude './dev/*'' failed: exit code 2

 

[oguz]

nteresting. it seems now i'm unable to create a new container

has nothing to do with your problem i think, see here in the output:

tar: ./var/spool/postfix/dev/urandom: Cannot mknod: Operation not permitted
tar: ./var/spool/postfix/dev/random: Cannot mknod: Operation not permitted

turnkey containers need privileged CT to work

also when you ran the debug command, it wrote a file in /tmp/lxc-100.log. you should attach that file here, as that has the most verbose information.

I can see that it says mount failed. does not exist, but this is not true.

we will see what's going on in the full debug log.
can you see the disk with fdisk -l or lsblk and similar commands?

has something changed for how to properly pass a block storage device to a container?

we changed some stuff in our mounting API to allow hotplugging, but that shouldn't affect this process

 

[GankUnlo]

has nothing to do with your problem i think, see here in the output:

turnkey containers need privileged CT to work

thank you, momentary lapse, CT recreated now to get log

also when you ran the debug command, it wrote a file in /tmp/lxc-100.log. you should attach that file here, as that has the most verbose information.

I believe I already posted this but here it is again

lxc-start 100 20200302203739.484 INFO     lsm - lsm/lsm.c:lsm_init:50 - LSM security driver AppArmor

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "reject_force_umount  # comment this to allow umount -f;  not recommended"

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for reject_force_umount action 0(kill)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for reject_force_umount action 0(kill)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for reject_force_umount action 0(kill)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for reject_force_umount action 0(kill)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "[all]"

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "kexec_load errno 1"

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for kexec_load action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for kexec_load action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for kexec_load action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for kexec_load action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "open_by_handle_at errno 1"

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for open_by_handle_at action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for open_by_handle_at action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for open_by_handle_at action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for open_by_handle_at action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "init_module errno 1"

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for init_module action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for init_module action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for init_module action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for init_module action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "finit_module errno 1"

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for finit_module action 327681(errno)

lxc-start 100 20200302203739.484 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for finit_module action 327681(errno)

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for finit_module action 327681(errno)

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for finit_module action 327681(errno)

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "delete_module errno 1"

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for delete_module action 327681(errno)

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for delete_module action 327681(errno)

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for delete_module action 327681(errno)

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for delete_module action 327681(errno)

lxc-start 100 20200302203739.485 INFO     seccomp - seccomp.c:parse_config_v2:1008 - Merging compat seccomp contexts into main context

lxc-start 100 20200302203739.485 INFO     conf - conf.c:run_script_argv:372 - Executing script "/usr/share/lxc/hooks/lxc-pve-prestart-hook" for container "100", config section "lxc"

lxc-start 100 20200302203740.356 DEBUG    conf - conf.c:run_buffer:340 - Script exec /usr/share/lxc/hooks/lxc-pve-prestart-hook 100 lxc pre-start produced output: mount: /var/lib/lxc/.pve-staged-mounts/mp5: special device /dev/disk/by-id/ata-ST400DM000-1F2168_Z30091R1-part1 does not exist.



lxc-start 100 20200302203740.356 DEBUG    conf - conf.c:run_buffer:340 - Script exec /usr/share/lxc/hooks/lxc-pve-prestart-hook 100 lxc pre-start produced output: command 'mount /dev/disk/by-id/ata-ST400DM000-1F2168_Z30091R1-part1 /var/lib/lxc/.pve-staged-mounts/mp5' failed: exit code 32



lxc-start 100 20200302203740.378 ERROR    conf - conf.c:run_buffer:352 - Script exited with status 32

lxc-start 100 20200302203740.378 ERROR    start - start.c:lxc_init:897 - Failed to run lxc.hook.pre-start for container "100"

lxc-start 100 20200302203740.378 ERROR    start - start.c:__lxc_start:2032 - Failed to initialize container "100"

can you see the disk with fdisk -l or lsblk and similar commands?

output from fdisk-l

Disk /dev/sdc: 3.7 TiB, 4000787025920 bytes, 976754645 sectors
Disk model: Expansion Desk
Units: sectors of 1 * 4096 = 4096 bytes
Sector size (logical/physical): 4096 bytes / 4096 bytes
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
Disklabel type: dos
Disk identifier: 0x7f34f9ea

Device Boot Start End Sectors Size Id Type
/dev/sdc1 2048 976752639 976750592 3.7T 7 HPFS/NTFS/exFAT

output lsblk
sdc 8:32 0 3.7T 0 disk
└─sdc1 8:33 0 3.7T 0 part

we changed some stuff in our mounting API to allow hotplugging, but that shouldn't affect this process

well what worked for me before, isn't working now.

 

[GankUnlo]

I re-did this , i'd read somewhere removing the /dev directory from mp may fix the issue. but that is not the case

root@xkey:~# pct set 100  --mp0  /disk/by-id/ata-ST400DM000-1F2168_Z30091R1-part1,mp=/mnt/extHDD,backup=0,ro=0
root@xkey:~# pct stop 100
root@xkey:~# pct start 100
Job for pve-container@100.service failed because the control process exited with error code.
See "systemctl status pve-container@100.service" and "journalctl -xe" for details.
command 'systemctl start pve-container@100' failed: exit code 1
root@xkey:~# lxc-start -n 100 -F -l DEBUG -o /tmp/lxc-100.1.log
lxc-start: 100: conf.c: run_buffer: 352 Script exited with status 2
lxc-start: 100: start.c: lxc_init: 897 Failed to run lxc.hook.pre-start for container "100"
lxc-start: 100: start.c: __lxc_start: 2032 Failed to initialize container "100"
Segmentation fault
root@xkey:~# cat /tmp/lxc-100.1.log
lxc-start 100 20200303234432.234 INFO     lsm - lsm/lsm.c:lsm_init:50 - LSM security driver AppArmor
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "reject_force_umount  # comment this to allow umount -f;  not recommended"
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for reject_force_umount action 0(kill)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for reject_force_umount action 0(kill)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for reject_force_umount action 0(kill)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:do_resolve_add_rule:535 - Set seccomp rule to reject force umounts
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for reject_force_umount action 0(kill)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "[all]"
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "kexec_load errno 1"
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for kexec_load action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for kexec_load action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for kexec_load action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for kexec_load action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "open_by_handle_at errno 1"
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for open_by_handle_at action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for open_by_handle_at action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for open_by_handle_at action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for open_by_handle_at action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "init_module errno 1"
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for init_module action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for init_module action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for init_module action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for init_module action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "finit_module errno 1"
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for finit_module action 327681(errno)
lxc-start 100 20200303234432.234 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for finit_module action 327681(errno)
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for finit_module action 327681(errno)
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for finit_module action 327681(errno)
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:789 - Processing "delete_module errno 1"
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:975 - Added native rule for arch 0 for delete_module action 327681(errno)
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:984 - Added compat rule for arch 1073741827 for delete_module action 327681(errno)
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:994 - Added compat rule for arch 1073741886 for delete_module action 327681(errno)
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:1004 - Added native rule for arch -1073741762 for delete_module action 327681(errno)
lxc-start 100 20200303234432.235 INFO     seccomp - seccomp.c:parse_config_v2:1008 - Merging compat seccomp contexts into main context
lxc-start 100 20200303234432.235 INFO     conf - conf.c:run_script_argv:372 - Executing script "/usr/share/lxc/hooks/lxc-pve-prestart-hook" for container "100", config section "lxc"
lxc-start 100 20200303234433.186 DEBUG    conf - conf.c:run_buffer:340 - Script exec /usr/share/lxc/hooks/lxc-pve-prestart-hook 100 lxc pre-start produced output: directory '/disk/by-id/ata-ST400DM000-1F2168_Z30091R1-part1' does not exist

lxc-start 100 20200303234433.206 ERROR    conf - conf.c:run_buffer:352 - Script exited with status 2
lxc-start 100 20200303234433.206 ERROR    start - start.c:lxc_init:897 - Failed to run lxc.hook.pre-start for container "100"
lxc-start 100 20200303234433.206 ERROR    start - start.c:__lxc_start:2032 - Failed to initialize container "100"
root@xkey:~#

 

[GankUnlo]

i've reached my limit on trying 'random' ideas. i'm about to start researching downgrading... smh so frustrated this was working before update...

Edit: I read also, at some point it was best to mount disk by-id and this did work for me in the past. however, it now seems the only way i'm updating and mounting my ext device to container is by using

 pct set 100  --mp0  /dev/sdc1,mp=/mnt/extHDD,backup=0,ro=0

like a charm

not exactly, [SOLVED] but, i'm satisfied with this outcome as long as it holds after reboots etc.