Discussion:
Cannot start network: Failed to attach
(too old to reply)
Jochen Wiedmann
2016-02-24 08:09:22 UTC
Permalink
Hi,

this mailing list seems to be appropriate for beginners questions like
the following. Hope, that's the case.

I am running a CentOS 6.7 VM on VirtualBox with LXC 1.0.8 installed
from the EPEL repository. I am creating an LXC container, but cannot
start it, because some problems with the network (see below). Most
likely, my network configuration is not correct. ifconfig shows three
interfaces to be present ("eth0", "eth1", and "lo").

What might be wrong? Or, what to try next?

Thanks,

Jochen

[***@lxc ~]$ sudo cat /etc/lxc/lxc-usernet
jwi eth0 lxcbr0 10
***@lxc ~]$ sudo rm -rf /var/lib/lxc/centos6/
[sudo] password for jwi:
[***@lxc ~]$ sudo lxc-create -t download -n centos6 -- -d centos -r 6 -a amd64
Using image from local cache
Unpacking the rootfs

---
You just created a CentOS container (release=6, arch=amd64, variant=default)

To enable sshd, run: yum install openssh-server

For security reason, container images ship without user accounts
and without a root password.

Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.
[***@lxc ~]$ sudo lxc-start -n centos6
lxc-start: conf.c: instantiate_veth: 3105 failed to attach
'veth47FB4Q' to the bridge 'virbr0': No such device
lxc-start: conf.c: lxc_create_network: 3388 failed to create netdev
lxc-start: start.c: lxc_spawn: 841 failed to create the network
lxc-start: start.c: __lxc_start: 1100 failed to spawn 'centos6'
lxc-start: lxc_start.c: main: 341 The container failed to start.
lxc-start: lxc_start.c: main: 345 Additional information can be
obtained by setting the --logfile and --logpriority options.
--
The next time you hear: "Don't reinvent the wheel!"

Loading Image...
Fajar A. Nugraha
2016-02-24 08:49:26 UTC
Permalink
On Wed, Feb 24, 2016 at 3:09 PM, Jochen Wiedmann
Post by Jochen Wiedmann
Hi,
this mailing list seems to be appropriate for beginners questions like
the following. Hope, that's the case.
I am running a CentOS 6.7 VM on VirtualBox with LXC 1.0.8 installed
from the EPEL repository. I am creating an LXC container, but cannot
You're missing a lot by sticking with c6. Especially if you stick with
the default kernel.
Post by Jochen Wiedmann
start it, because some problems with the network (see below). Most
likely, my network configuration is not correct. ifconfig shows three
interfaces to be present ("eth0", "eth1", and "lo").
What might be wrong? Or, what to try next?
jwi eth0 lxcbr0 10
That file is irrelevant. It's only used for unprivileged containers,
which won't work on c6 since it needs kernel capabilities that's only
available in newer kernels.
Post by Jochen Wiedmann
'veth47FB4Q' to the bridge 'virbr0': No such device
Does virbr0 exist?

It's usually created by libvirt (which also sets up things like
dnsmasq and iptables rules). You could also create your own bridge
manually (if you know how) and use that for lxc.
--
Fajar
Jochen Wiedmann
2016-02-24 08:59:05 UTC
Permalink
Post by Fajar A. Nugraha
You're missing a lot by sticking with c6. Especially if you stick with
the default kernel.
What alternative are you suggesting? This is a VM, so I'm flexible.
Post by Fajar A. Nugraha
Does virbr0 exist?
It's usually created by libvirt (which also sets up things like
dnsmasq and iptables rules). You could also create your own bridge
manually (if you know how) and use that for lxc.
Meaning: I've got to install libvirt, right?

Thanks, Jochen
--
The next time you hear: "Don't reinvent the wheel!"

http://www.keystonedevelopment.co.uk/wp-content/uploads/2014/10/evolution-of-the-wheel-300x85.jpg
Jochen Wiedmann
2016-02-24 09:06:59 UTC
Permalink
On Wed, Feb 24, 2016 at 9:59 AM, Jochen Wiedmann
Post by Jochen Wiedmann
Post by Fajar A. Nugraha
Does virbr0 exist?
It's usually created by libvirt (which also sets up things like
dnsmasq and iptables rules). You could also create your own bridge
manually (if you know how) and use that for lxc.
Meaning: I've got to install libvirt, right?
Thanks! Installing libvirt fixed my problem.

Jochen
--
The next time you hear: "Don't reinvent the wheel!"

http://www.keystonedevelopment.co.uk/wp-content/uploads/2014/10/evolution-of-the-wheel-300x85.jpg
Thomas Belián
2016-02-24 12:51:52 UTC
Permalink
10:06 AM in
Nachricht
Post by Jochen Wiedmann
On Wed, Feb 24, 2016 at 9:59 AM, Jochen Wiedmann
Post by Jochen Wiedmann
Post by Fajar A. Nugraha
Does virbr0 exist?
It's usually created by libvirt (which also sets up things like
dnsmasq and iptables rules). You could also create your own
bridge
Post by Jochen Wiedmann
Post by Jochen Wiedmann
Post by Fajar A. Nugraha
manually (if you know how) and use that for lxc.
Meaning: I've got to install libvirt, right?
Thanks! Installing libvirt fixed my problem.
Jochen
Hello Jochen,

I think next time it should be enough to install bridge-utils und to
create the bridge you need (virbr, you can create it via
/etc/sysconfig/network-scripts/ifcfg-virbr0).

Thomas


--
Thomas Belián

Fachhochschule Erfurt
Fakultät Gebäudetechnik und Informatik
Fachrichtung Angewandte Informatik

Postfach 45 01 55, 99051 Erfurt

Telefon: 0361 6700 - 647
Telefax: 0361 6700 - 643
E-Mail: ***@fh-erfurt.de
Web: https://ai.fh-erfurt.de
Fajar A. Nugraha
2016-02-25 09:44:15 UTC
Permalink
On Wed, Feb 24, 2016 at 7:51 PM, Thomas Belián
Post by Thomas Belián
10:06 AM in
Nachricht
Post by Jochen Wiedmann
Thanks! Installing libvirt fixed my problem.
Jochen
Hello Jochen,
I think next time it should be enough to install bridge-utils und to
create the bridge you need (virbr, you can create it via
/etc/sysconfig/network-scripts/ifcfg-virbr0).
With THAT alone, you'd get something similar to vmware/virtualbox's
"host only network". If you want the container to access outside host,
you also need to setup iptables and dnsmasq.

Later versions of lxc have a script that makes this easier. For
example, in 2.0.0-0.1.beta2 you'd have /etc/init.d/lxc-net which
basically calls "/usr/libexec/lxc/lxc-net start|stop".

You CAN create RPM for lxc-2.0.0-0.1.beta2 from github sources, but
using it on centos6 requires you to edit some files manually (e.g.
replace "ip link add dev ${LXC_BRIDGE} type bridge" with "brctl addbr
${LXC_BRIDGE}" on /usr/libexec/lxc/lxc-net)
--
Fajar
Thomas Belián
2016-02-25 11:52:10 UTC
Permalink
in
Nachricht
Post by Fajar A. Nugraha
On Wed, Feb 24, 2016 at 7:51 PM, Thomas Belián
Post by Thomas Belián
10:06 AM in
Nachricht
Post by Jochen Wiedmann
Thanks! Installing libvirt fixed my problem.
Jochen
Hello Jochen,
I think next time it should be enough to install bridge-utils und to
create the bridge you need (virbr, you can create it via
/etc/sysconfig/network-scripts/ifcfg-virbr0).
With THAT alone, you'd get something similar to vmware/virtualbox's
"host only network". If you want the container to access outside host,
you also need to setup iptables and dnsmasq.
Really? I use it that way with KVM. Add a bridge device br0 with
bridge-utils and add to this bridge my "real" ethernet device. All my
KVM guests got this br0 device and everything is fine. Ok, LXC/LXD would
add another device in a different namespace to this bridge, but this
shouldn't be a problem. But maybe I'm wrong...

But anyway, using libvirt with the virbr0 which libvirt provides is
maybe the easier solution (if my solutions works with lxc, I never
tested this (shame on me)).

Thomas.




--
Thomas Belián

Fachhochschule Erfurt
Fakultät Gebäudetechnik und Informatik
Fachrichtung Angewandte Informatik

Postfach 45 01 55, 99051 Erfurt

Telefon: 0361 6700 - 647
Telefax: 0361 6700 - 643
E-Mail: ***@fh-erfurt.de
Web: https://ai.fh-erfurt.de
Fajar A. Nugraha
2016-02-25 12:09:07 UTC
Permalink
On Thu, Feb 25, 2016 at 6:52 PM, Thomas Belián
Post by Thomas Belián
Post by Fajar A. Nugraha
Post by Thomas Belián
I think next time it should be enough to install bridge-utils und
to
Post by Fajar A. Nugraha
Post by Thomas Belián
create the bridge you need (virbr, you can create it via
/etc/sysconfig/network-scripts/ifcfg-virbr0).
With THAT alone, you'd get something similar to vmware/virtualbox's
"host only network". If you want the container to access outside
host,
Post by Fajar A. Nugraha
you also need to setup iptables and dnsmasq.
Really? I use it that way with KVM. Add a bridge device br0 with
bridge-utils and add to this bridge my "real" ethernet device. All my
Ah, that would be bridging your real network device. Indeed, that would work.

I thought you're trying to replicate virbr0 functionality (the one
created by libvirt, which is similar to "NAT network" in virtualbox)
by hand.
Post by Thomas Belián
But anyway, using libvirt with the virbr0 which libvirt provides is
maybe the easier solution
For c6, it probably is.
--
Fajar
Fajar A. Nugraha
2016-02-24 10:59:34 UTC
Permalink
On Wed, Feb 24, 2016 at 3:59 PM, Jochen Wiedmann
Post by Jochen Wiedmann
Post by Fajar A. Nugraha
You're missing a lot by sticking with c6. Especially if you stick with
the default kernel.
What alternative are you suggesting? This is a VM, so I'm flexible.
Well, https://linuxcontainers.org/ says "Project sponsored by
Canonical Ltd". And there's also
http://blog.dustinkirkland.com/2016/02/zfs-is-fs-for-containers-in-ubuntu-1604.html

Anything with recent-enough kernel should work. I like ubuntu since
it's easiest to get lxc working there (obviously), but any distro with
recent-enough kernel should be able to support most newer features
(e.g. unprivileged containers, additional security using
apparmor/seccomp).

A c6 host should be able to run sysvinit and upstart-based priviliged
containers (i.e. root in container has the same id as root in host),
but it won't provide the usual security and restriction that you're
used to in VMs (for example, the host might set CPU/memory limit for a
container, but a privileged host would be able to reset that limit).
And you won't be able to run systemd-based containers either (those
need lxcfs)

As for the bridge, newer lxc installations (e.g. 1.1.5 or 2 beta) will
create lxcbr0 which behaves similar to virbr0. In your case, the easy
way out is to install libvirt (which you did). If you had used ubuntu,
you'd already have lxcbr0 automagically configured ready to use.
--
Fajar
Jochen Wiedmann
2016-02-24 11:04:45 UTC
Permalink
Post by Fajar A. Nugraha
Post by Jochen Wiedmann
What alternative are you suggesting? This is a VM, so I'm flexible.
Well, https://linuxcontainers.org/ says "Project sponsored by
Canonical Ltd". And there's also
http://blog.dustinkirkland.com/2016/02/zfs-is-fs-for-containers-in-ubuntu-1604.html
Okay, I'll consider giving Ubuntu a try.

Thanks again,

Jochen
Continue reading on narkive:
Loading...