Hi everyone,
I am trying to configure Gitlab runners with custom LXD executors inside proxmox's LXC container.
Basically, I want to be able to spin-up LXC containers inside Proxmox's unprivileged LXC container.
I did the following:
1. Created unprivileged Ubuntu 22.04 LXC container with keyctl, nesting and FUSE enabled;
2. Updated all the packages and installed snapd;
3. Added lxc.mount.entry to container's config (to be able to install snaps).
Here's how container's config look like:
4. Installed snap version of LXD
After the above, if I try to start a new container, I get uid/gid allocation error:
On the host with Proxmox, I have the following in /etc/sub{u,g}id:
I am not sure exactly why there are 2 lines with root (I did some experiments with it before), but I tried to keep only `root:100000:65536` and it didn't change anything.
I believe, the error I am getting is related to the mappings inside the LXC container (ubuntu22unpriv). I tried to change mappings there, but if I understood correctly, snapd doesn't care about /etc/sub{u,g}id mappings.
I am not sure if I am digging in the right direction, so I would appreciate any help.
Could there be something on the Proxmox side, that I forgot about?
Thanks a lot for any help!
I am trying to configure Gitlab runners with custom LXD executors inside proxmox's LXC container.
Basically, I want to be able to spin-up LXC containers inside Proxmox's unprivileged LXC container.
I did the following:
1. Created unprivileged Ubuntu 22.04 LXC container with keyctl, nesting and FUSE enabled;
2. Updated all the packages and installed snapd;
3. Added lxc.mount.entry to container's config (to be able to install snaps).
Here's how container's config look like:
Code:
arch: amd64
cores: 1
features: fuse=1,keyctl=1,nesting=1
hostname: ubuntu22unpriv
memory: 1024
net0: name=eno1,bridge=vmbr1,gw=10.0.5.1,hwaddr=32:20:26:14:ED:5A,ip=10.0.5.115/24,type=veth
ostype: ubuntu
rootfs: local-zfs:subvol-115-disk-0,size=20G
swap: 512
unprivileged: 1
lxc.mount.entry: /dev/fuse dev/fuse none bind,create=file,optionalAfter the above, if I try to start a new container, I get uid/gid allocation error:
Code:
root@ubuntu22unpriv:~# /snap/bin/lxc launch ubuntu:22.04
Creating the instance
Error: Failed instance creation: Failed creating instance record: Failed initialising instance: Invalid config: LXD doesn't have a uid/gid allocation. In this mode, only privileged containers are supportedOn the host with Proxmox, I have the following in /etc/sub{u,g}id:
Code:
root:20001:199
root:100000:65536
user1:165536:65536
user2:231072:65536
user3:296608:65536
user4:362144:65536I believe, the error I am getting is related to the mappings inside the LXC container (ubuntu22unpriv). I tried to change mappings there, but if I understood correctly, snapd doesn't care about /etc/sub{u,g}id mappings.
I am not sure if I am digging in the right direction, so I would appreciate any help.
Could there be something on the Proxmox side, that I forgot about?
Thanks a lot for any help!
Last edited: