Difference between revisions of "Lxc-systemd"

From ArchWiki
Jump to: navigation, search
(Created page with "=LXC and systemd= These are brief notes that describe how to configure a Linux container that runs systemd inside. They ought to be consumed into the main LXC wiki page when ...")
 
 
(7 intermediate revisions by 6 users not shown)
Line 1: Line 1:
=LXC and systemd=
+
#redirect [[Linux_Containers#Systemd_considerations_.28required.29]]
 
 
These are brief notes that describe how to configure a Linux container that runs systemd inside. They ought to be consumed into the main LXC wiki page when that is rewritten.
 
 
 
Without specific configuration, conflicts arise between systemd and lxc in the /dev tree. A new mode called 'autodev' has been added to LXC to help rectify this.
 
 
 
LXC needs to be configured to use its new "autodev" mode which causes it to create a new /dev tree and it must be denied mknod capabilities to prevent systemd attempting to start udev:
 
 
 
  lxc.autodev = 1
 
  lxc.cap.drop = mknod
 
 
 
This will cause LXC to create its own device tree but this also means that the traditional way of manually creating device nodes in the
 
container rootfs /dev tree will not work because /dev is overmounted by LXC. Should you require (and you probably will) any device nodes
 
that are not created by LXC by default then you will need to use an ''autodev hook'' script:
 
 
 
  lxc.hook.autodev = /path/to/script
 
 
 
Where the script is similar to:
 
 
 
  #!/bin/bash
 
  # LXC Autodev hook.
 
  cd ${LXC_ROOTFS_MOUNT}/dev
 
  mknod .....
 
 
 
The reason for dropping the mknod capability is described at http://www.freedesktop.org/wiki/Software/systemd/ContainerInterface where it explains that this is necessary to prevent systemd from starting udev (udev does not work inside a container and trying to use it will make the host do strange things!).
 
 
 
Additionally you should ensure that you have a pty declaration in your LXC container because the presence of this causes LXC to mount devpts as a new instance (without this the container gets the host's devpts and that is not a good thing - more strange things will happen!):
 
 
 
  lxc.pts = 1024
 
 
 
Note that there is no need to explicitly mount system devices (either via the container config or via its own /etc/fstab) and this should not be done because systemd (or LXC in the case of /dev...) takes care of it:
 
 
 
* /dev/pts
 
* /dev/shm
 
* /proc
 
* /sys
 

Latest revision as of 10:05, 20 April 2015