libvirt users - Apr 2014 - Re: Issue with 1.2.3 and lxcCheckNetNsSupport

Hi there

I’ve just moved to libvirt-1.2.3 from 1.2.1; we use it for dealing with lxc
containers
I just wanted to report that everything went well for us with this new release,
except for one little glitch
At some point the lxc drivers seems to check that the kernel indeed has the
netns feature built in
Well in our environment this checks miserably fails; I haven’t been able to tell
exactly why, but could find this post that might be related
Bug 1050210 – lxcCheckNetNsSupport fails to detect NETNS

As a quick workaround I have this patch below in place, with which everything
else seems to be working fine; at least all our system tests are passing..

It feels like the way the 1.2.3 code checks for the presence of netns is clearly
not exactly right (in our case selinux is disabled), and I wish a more reliable
solution can be found in the future :)

Hope this helps — Thanks in any case

On Tue, Apr 08, 2014 at 04:53:44PM +0200, Thierry Parmentelat
wrote:
> Hi there
> 
> I’ve just moved to libvirt-1.2.3 from 1.2.1; we use it for dealing with lxc
containers
> I just wanted to report that everything went well for us with this new
release, except for one little glitch
> At some point the lxc drivers seems to check that the kernel indeed has the
netns feature built in
> Well in our environment this checks miserably fails; I haven’t been able to
tell exactly why, but could find this post that might be related
> Bug 1050210 – lxcCheckNetNsSupport fails to detect NETNS
> 
> As a quick workaround I have this patch below in place, with which
everything else seems to be working fine; at least all our system tests are
passing..
> 
> It feels like the way the 1.2.3 code checks for the presence of netns is
clearly not exactly right (in our case selinux is disabled), and I wish a more
reliable solution can be found in the future :)
Yes, there was a screw up in LXC for this. It is fixed by

  https://www.redhat.com/archives/libvir-list/2014-April/msg00315.html

which will be in GIT shortly & in the first 1.2.3.x maint release.

Regards,
Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

OK great, thanks !

On 08 Apr 2014, at 17:04, Daniel P. Berrange <berrange@redhat.com> wrote:
> On Tue, Apr 08, 2014 at 04:53:44PM +0200, Thierry Parmentelat wrote:
>> Hi there
>> 
>> I’ve just moved to libvirt-1.2.3 from 1.2.1; we use it for dealing with
lxc containers
>> I just wanted to report that everything went well for us with this new
release, except for one little glitch
>> At some point the lxc drivers seems to check that the kernel indeed has
the netns feature built in
>> Well in our environment this checks miserably fails; I haven’t been
able to tell exactly why, but could find this post that might be related
>> Bug 1050210 – lxcCheckNetNsSupport fails to detect NETNS
>> 
>> As a quick workaround I have this patch below in place, with which
everything else seems to be working fine; at least all our system tests are
passing..
>> 
>> It feels like the way the 1.2.3 code checks for the presence of netns
is clearly not exactly right (in our case selinux is disabled), and I wish a
more reliable solution can be found in the future :)
> 
> Yes, there was a screw up in LXC for this. It is fixed by
> 
>  https://www.redhat.com/archives/libvir-list/2014-April/msg00315.html
> 
> which will be in GIT shortly & in the first 1.2.3.x maint release.
> 
> Regards,
> Daniel
> -- 
> |: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/
:|
> |: http://libvirt.org              -o-             http://virt-manager.org
:|
> |: http://autobuild.org       -o-         http://search.cpan.org/~danberr/
:|
> |: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc
:|