Struggling with Container lab 3.2 lxc

smithy7 · October 3

I can not seem to get the container to run. The information for this Containers Course seems to rely on outdated versions of Ubuntu and I do not know what to do.

When creating the unprivileged container and specifying Ubuntu Xenial: "ERROR: could not find."

Okay so try installing Ubuntu Noble instead now I get:

$lxc-start -n unpriv-xipe-user -d

lxc-start: unpriv-xipe-user: ../src/lxc/lxccontainer.c: wait_on_daemonized_start: 829 No such file or directory - Failed to receive the container state
lxc-start: unpriv-xipe-user: ../src/lxc/tools/lxc_start.c: lxc_start_main: 307 The container failed to start
lxc-start: unpriv-xipe-user: ../src/lxc/tools/lxc_start.c: lxc_start_main: 310 To get more details, run the container in foreground mode
lxc-start: unpriv-xipe-user: ../src/lxc/tools/lxc_start.c: lxc_start_main: 312 Additional information can be obtained by setting the --logfile and --logpriority options

Try sudo! Yet I get:

$sudo lxc-start -n unpriv-xipe-user -d
lxc-start: unpriv-xipe-user: ../src/lxc/tools/lxc_start.c: lxc_start_main: 267 No container config >>specified

I've looked online and am wondering where the path for lxc container configs are and whether I need to write them or if this is some other error either on my part or from the difference between versions..

I also tried prsalinux's post about editing grub .config when he had a similar problem but to no avail.

chrispokorni · October 8

Hi @smithy7,

[EDIT]
Due to LXC's reliance on cgroup1, the official LXC documentation still recommends the installation of LXC on earlier releases of the Ubuntu OS - Bionic, predating the adoption of cgroup2. Its operation on more recent Ubuntu releases is obstructed by the presence of cgroup2 that is not supported by LXC.
[/EDIT]

In light of these limitations, the sensible recommendation is to attempt the LXC exercises on a Virtual Machine operated by an earlier guest Ubuntu OS release. I do not recommend natively operating earlier Ubuntu OS releases that no longer receive security updates.

Also, booting a more recent cgroup2 enabled Ubuntu OS release and switching to cgroup1 (even if temporarily) only for the purpose of these exercises is not recommended. The suggested workaround referenced above, while successful for LXC operations, could have adverse effects on the other containerization tools.

Once LXC runs on a supported OS release, there is the issue of running containers from images available through the LXC image registry. The download template retrieves the list of available images. Over time, this list is updated with new images while older ones are removed once out of support. Make sure you analyze the output list for the most up to date images available, then select an image distribution, release and architecture to create the container. You can also browse through the image registry at https://images.linuxcontainers.org/ for the most up o date images available to download.

While course updates are in progress, please follow these instructions to get started with LXC.

Regards,
-Chris

zacts · November 7

Hello,

I'm getting a similar error. I tried this with Ubuntu 20.04. lxc-start doesn't report an error, but the state of the container remains as STOPPED.

--

zak@ubuntu20:~$ lxc-create --template download --name unpriv-cont-user -- --dist ubuntu --release questing --arch amd64
Using image from local cache
Unpacking the rootfs

You just created an Ubuntu questing amd64 (20251107_07:42) container.

To enable SSH, run: apt install openssh-server
No default root or user password are set by LXC.
zak@ubuntu20:~$ lxc-start -n unpriv-cont-user -d
zak@ubuntu20:~$
zak@ubuntu20:~$ lxc-ls -f
NAME STATE AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED
unpriv-cont-user STOPPED 0 - - - true
zak@ubuntu20:~$ lxc-info -n unpriv-cont-user
Name: unpriv-cont-user
State: STOPPED
zak@ubuntu20:~$

zacts · November 7

If I try it with sudo lxc-start I'm getting the same error as above.

zak@ubuntu20:~$ sudo lxc-start -n unpriv-cont-user -d
[sudo] password for zak:
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 266 No container config specified

zacts · November 7

Note: I'm running Ubuntu 20.04 in virt-manager as the host OS for lxc.

zacts · November 8

I seem to have gotten it to work.

I tried the fix in this guide: Lab 3.2 LXC.

Also, I seem to have to do everything as sudo, but when I do that it seems to work.

Here is a log of my command line session:

zak@ubuntu20:~$ setfacl -R -m u:100000:x ~/.local
setfacl: /home/zak/.local/share/containers/storage/overlay/40563e6a01a74e110bb85bdd2ac8a9e9f89f3d2c921786a495306be0bfdbf638/diff/var/cache/apt/archives/partial: Operation not permitted
setfacl: /home/zak/.local/share/containers/storage/overlay/40563e6a01a74e110bb85bdd2ac8a9e9f89f3d2c921786a495306be0bfdbf638/diff/var/cache/apt/archives/partial: Permission denied
zak@ubuntu20:~$ sudo setfacl -R -m u:100000:x ~/.local
zak@ubuntu20:~$ sudo setfacl -m u:100000:x ~/
zak@ubuntu20:~$ lxc-create --template download --name unpriv-cont-user
Downloading the image index

DIST RELEASE ARCH VARIANT BUILD

almalinux 10 amd64 default 20251107_23:08
almalinux 10 arm64 default 20251107_23:08
...

Distribution:
ubuntu
Release:
questing
Architecture:
amd64

Downloading the image index
Downloading the rootfs
Downloading the metadata
The image cache is now ready
Unpacking the rootfs

You just created an Ubuntu questing amd64 (20251107_07:42) container.

To enable SSH, run: apt install openssh-server
No default root or user password are set by LXC.
zak@ubuntu20:~$ lxc-start -n unpriv-cont-user -d
lxc-start: unpriv-cont-user: lxccontainer.c: wait_on_daemonized_start: 877 Received container state "ABORTING" instead of "RUNNING"
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 306 The container failed to start
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 309 To get more details, run the container in foreground mode
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 311 Additional information can be obtained by setting the --logfile and --logpriority options
zak@ubuntu20:~$ lxc-start -n unpriv-cont-user
lxc-start: unpriv-cont-user: lxccontainer.c: wait_on_daemonized_start: 877 Received container state "ABORTING" instead of "RUNNING"
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 306 The container failed to start
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 309 To get more details, run the container in foreground mode
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 311 Additional information can be obtained by setting the --logfile and --logpriority options
zak@ubuntu20:~$ lxc-start -n unpriv-cont-user --
--close-all-fds --foreground --name= --share-net
--console= --help --pidfile= --share-uts
--console-log= --logfile= --quiet --usage
--daemon --logpriority= --rcfile= --version
--define --lxcpath= --share-ipc
zak@ubuntu20:~$ lxc-start -n unpriv-cont-user --foreground
lxc-start: unpriv-cont-user: network.c: lxc_create_network_unpriv_exec: 2976 lxc-user-nic failed to configure requested network: cmd/lxc_user_nic.c: 1206: main: Quota reached
lxc-start: unpriv-cont-user: start.c: lxc_spawn: 1843 Failed to create the network
lxc-start: unpriv-cont-user: start.c: __lxc_start: 2074 Failed to spawn container "unpriv-cont-user"
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 306 The container failed to start
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 311 Additional information can be obtained by setting the --logfile and --logpriority options
zak@ubuntu20:~$ sudo lxc-start -n unpriv-cont-user -d
lxc-start: unpriv-cont-user: tools/lxc_start.c: main: 266 No container config specified
zak@ubuntu20:~$ sudo lxc-create --template download --name unpriv-cont-user -- --dist ubuntu --release jammy --arch amd64
Downloading the image index
Downloading the rootfs
Downloading the metadata
The image cache is now ready
Unpacking the rootfs

You just created an Ubuntu jammy amd64 (20251107_07:42) container.

To enable SSH, run: apt install openssh-server
No default root or user password are set by LXC.
zak@ubuntu20:~$ sudo lxc-start -n unpriv-cont-user -d
zak@ubuntu20:~$ lxc-ls -f
NAME STATE AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED
unpriv-cont-user STOPPED 0 - - - true
zak@ubuntu20:~$ sudo lxc-ls -f
NAME STATE AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED
unpriv-cont-user RUNNING 0 - 10.0.3.176 - false
zak@ubuntu20:~$
zak@ubuntu20:~$ sudo lxc-info -n unpriv-cont-user
Name: unpriv-cont-user
State: RUNNING
PID: 4265
IP: 10.0.3.176
CPU use: 0.69 seconds
BlkIO use: 21.76 MiB
Memory use: 31.18 MiB
KMem use: 6.52 MiB
Link: vethkONNnj
TX bytes: 1.86 KiB
RX bytes: 2.72 KiB
Total bytes: 4.58 KiB

chrispokorni · November 10

Hi @zacts,

As cgroup v2 was adopted across Ubuntu releases beginning with 20.04 LTS, the successfully tested Ubuntu OS release seems to have been downgraded to Ubuntu OS Bionic release 18.04 LTS - defaulting to cgroup v1. Over time, the changes in support have severely impacted especially the unprivileged container deployment.

Course content updates are in progress, aiming for a more recent LTS release as the container host for the course lab exercises. This will most likely conflict with the LXC lab exercises in their current format. Perhaps LXC lab will remain in the curriculum as an optional lab exercise, which will require special container host considerations - such as setting up a virtual container host (VM) with the supported Ubuntu 18.04 LTS only for the purpose of LXC experimentation. Luckily the release is still available to download from the Ubuntu releases page

Regards,
-Chris

Struggling with Container lab 3.2 lxc

Comments

DIST RELEASE ARCH VARIANT BUILD

Categories

Upcoming Training

Kubernetes Administration (LFS458)

Linux System Administration (LFS301)

Open Source Virtualization (LFS462)

Linux Kernel Debugging and Security (LFD440)