maas in a container
Daniel Bidwell
drbidwell at gmail.com
Sun Aug 21 23:06:33 UTC 2016
Here is my "maastest profile" with lxc profile show maastest
name: maastest
config:
raw.lxc: lxc.cgroup.devices.allow = c 10:237 rwm
lxc.cgroup.devices.allow = b 7:*
rwm lxc.aa_profile = unconfined
security.privileged: "true"
description: ""
devices:
eth0:
name: eth0
nictype: bridged
parent: br0
type: nic
eth1:
name: eth1
nictype: bridged
parent: br2
type: nic
loop0:
path: /dev/loop0
type: unix-block
loop1:
path: /dev/loop1
type: unix-block
loop2:
path: /dev/loop2
type: unix-block
loop3:
path: /dev/loop3
type: unix-block
loop4:
path: /dev/loop4
type: unix-block
loop5:
path: /dev/loop5
type: unix-block
loop6:
path: /dev/loop6
type: unix-block
loop7:
path: /dev/loop7
type: unix-block
and container config with lxc config show maastest
namname: maastest
profiles:
- maastest
config:
volatile.base_image:
8f5108a99312694da883bf1396e688bf9f91cf22061eb9ecd806b43b24c6651f
volatile.eth0.hwaddr: 00:16:3e:ee:6f:c4
volatile.eth1.hwaddr: 00:16:3e:ff:9c:be
volatile.last_state.idmap: '[]'
devices:
root:
path: /
type: disk
ephemeral: false
It looks like it is giving out dhcp leases correctly, but not mounting
the images for the pxeboot tftd. Here is a segment of
maastest:/var/log/maas/clusterd.log
provisioningserver.utils.shell.ExternalProcessError: Command
`sudo /usr/bin/uec2roottar --user=maas /var/lib/maas/boot-
resources/cache/root-image-
78c4caf368edf45272fedf7c74b3c29d8a8c74b8e526710f09a1b59488784188
/var/lib/maas/boot-resources/cache/root-tgz-
78c4caf368edf45272fedf7c74b3c29d8a8c74b8e526710f09a1b59488784188`
returned non-zero exit status 1:
mount: cannot mount block device /dev/loop0 read-only
Traceback (most recent call last):
File "/usr/bin/uec2roottar", line 27, in <module>
uec2roottar.main(args)
File "/usr/lib/python2.7/dist-
packages/provisioningserver/import_images/uec2roottar.py", line 194, in
main
extract_image(image, output)
File "/usr/lib/python2.7/dist-
packages/provisioningserver/import_images/uec2roottar.py", line 177, in
extract_image
with loop_mount(image, mountpoint):
File "/usr/lib/python2.7/contextlib.py", line 17, in
__enter__
return self.gen.next()
File "/usr/lib/python2.7/dist-
packages/provisioningserver/import_images/uec2roottar.py", line 130, in
loop_mount
check_call(['mount', '-o', 'ro', image, mountpoint])
File "/usr/lib/python2.7/subprocess.py", line 540, in
check_call
raise CalledProcessError(retcode, cmd)
subprocess.CalledProcessError: Command '[u'mount', u'-o',
u'ro', '/var/lib/maas/boot-resources/cache/root-image-
78c4caf368edf45272fedf7c74b3c29d8a8c74b8e526710f09a1b59488784188',
u'/tmp/maas-bYv_sD']' returned non-zero exit status 32
The last time I did this it was with maas 1.7 or something like that.
I didn't have any trouble with this then. This is with version 1.9.4
on trusty.
Would this work better if I just moved it to a physical machine instead
of trying to use a container? I don't know which problems are caused
by container configuration and which are just some setting tweak of the
newer version that I have missed.
On Thu, 2016-08-11 at 16:57 -0500, Jason Hobbs wrote:
> Daniel,
>
> Can you show the full dump of your profile and container configs?
>
> Here's what my 'maas' profile looks like:
>
> ubuntu at beartic:~$ lxc profile show maas
> name: maas
> config:
> raw.lxc: |-
> lxc.cgroup.devices.allow = c 10:237 rwm
> lxc.aa_profile = unconfined
> lxc.cgroup.devices.allow = b 7:* rwm
> security.privileged: "true"
> description: ""
> devices:
> eth0:
> name: eth0
> nictype: bridged
> parent: br1
> type: nic
> loop0:
> path: /dev/loop0
> type: unix-block
> loop1:
> path: /dev/loop1
> type: unix-block
> loop2:
> path: /dev/loop2
> type: unix-block
> loop3:
> path: /dev/loop3
> type: unix-block
> loop4:
> path: /dev/loop4
> type: unix-block
> loop5:
> path: /dev/loop5
> type: unix-block
> loop6:
> path: /dev/loop6
> type: unix-block
> loop7:
> path: /dev/loop7
> type: unix-block
>
> Here's the config for the container maas is running in:
> ubuntu at beartic:~$ lxc config show maas-server
> name: maas-server
> profiles:
> - maas
> config:
> volatile.base_image:
> d23ee1f4fd284aeaba6adeb67cccf7b871e96178d637fec96320aab7cc9634b1
> volatile.eth0.hwaddr: 00:16:3e:ca:9e:31
> volatile.last_state.idmap: '[]'
> devices:
> root:
> path: /
> type: disk
> ephemeral: false
>
> Thanks,
> Jason
>
> On Wed, Aug 10, 2016 at 8:09 AM, Daniel Bidwell <drbidwell at gmail.com>
> wrote:
> > I have followed the steps below, but still no luck. Here is what I
> > have:
> >
> > /var/log/syslog on my container, maastest, shows:
> >
> > Aug 10 12:51:05 maastest kernel: [210439.259086] audit: type=1400
> > audit(14708334
> > 65.435:829): apparmor="DENIED" operation="mount" info="failed flags
> > match" error
> > =-13 profile="lxd-maastest_</var/lib/lxd>" name="/tmp/maas-9bYBDZ/"
> > pid=13267 co
> > mm="mount" fstype="ext4" srcname="/dev/loop0" flags="ro"
> >
> > From the machine holding the container a "lxc profile show
> > maastest"
> > returns:
> >
> > lxc profile show maastest
> > name: maastest
> > config:
> > raw.lxc: lxc.cgroup.devices.allow = c 10:237 rwm
> > lxc.cgroup.devices.allow = b 7:*
> > rwm lxc.aa_profile = unconfined
> > security.privileged: "true"
> > description: ""
> > devices:
> > ...
> >
> > The maastest profile has been applied to the maastest container.
> >
> > /etc/apparmor.d/lxc-custom-default contains:
> >
> > profile lxc-container-extx-mounts
> > flags=(attach_disconnected,mediate_deleted) {
> > #include <abstractions/lxc/container-base>
> > mount fstype=ext4 -> /**,
> > mount fstype=ext3 -> /**,
> > mount fstype=ext2 -> /**,
> > }
> >
> > Any suggestions as to what I am missing?
> >
> > On Sat, 2016-08-06 at 22:50 -0500, Jason Hobbs wrote:
> > > Hi Daniel,
> > >
> > > There is some documentation for installing MAAS in a container
> > here:
> > >
> > > https://maas.ubuntu.com/docs/install.html#container-install
> > >
> > > It's focused on 2.0 but the same steps should work for 1.9.3 too.
> > It
> > > covers setting up the loop devices.
> > >
> > > Hope this helps,
> > > Jason
> > >
> > > On Sat, Aug 6, 2016 at 10:11 PM, Daniel Bidwell <drbidwell at gmail.
> > com>
> > > wrote:
> > > > I have a lxd container running on 16.04 with maas 1.9.3 running
> > in
> > > > it.
> > > >
> > > > The pxe boot doesn't work because the container doesn't have
> > any
> > > > /dev/loop* devices and will not allow me to create any.
> > > >
> > > > How do I go about creating /dev/loop* devices and allowing them
> > to
> > > > work
> > > > in a container?
> > > > --
> > > > Daniel Bidwell <drbidwell at gmail.com>
> > > >
> > > >
> > > > --
> > > > Juju mailing list
> > > > Juju at lists.ubuntu.com
> > > > Modify settings or unsubscribe at: https://lists.ubuntu.com/mai
> > lman
> > > > /listinfo/juju
> > > >
> > --
> > Daniel Bidwell <drbidwell at gmail.com>
> >
> >
--
Daniel Bidwell <drbidwell at gmail.com>
More information about the Juju
mailing list