libvirt users - Dec 2014 - Re: Problem with /dev/tty in LXC established with virt-install

I have created a LXC container with debootstrap followed by virt-install
like this:

host=mylxc1
debootstrap wheezy /home/lxc/$host
virt-install -c lxc:// -n $host --filesystem /home/lxc/$host,/ --ram 1024

I am confused about the /dev filesystem in this container. Specifically
the device '/dev/tty'.
>From inside the container:
~# ls -la /dev/tty
ls: cannot access /dev/tty: No such file or directory

# mknod -m 666 /dev/tty c 4 0
mknod: `/dev/tty': Operation not permitted

A LXC container created and started with the native LXC commands
(lxc-create/lxc-start) has a functioning /dev/tty:

# cat </dev/tty
foo
foo
^C

How can I create a functioning /dev/tty with the LXC driver in libvirt?

 - Vegard V -

On Mon, 01 Dec 2014 12:07:37 +0100 Vegard Vesterheim <vegard.vesterheim at
uninett.no> wrote:
> # mknod -m 666 /dev/tty c 4 0
> mknod: `/dev/tty': Operation not permitted
In the manual for the LXC driver this part of my question is answered:

   "The container init process will be started with CAP_MKNOD capability
   removed and blocked from re-acquiring it. As such it will not be able
   to create any device nodes in /dev or anywhere else in its
   filesystems."

Further down the manual says:

   "Further block or character devices will be made available to
   containers depending on their configuration."

So, my question is: How can I add the device node for /dev/tty with
libvirt?

 - Vegard V -

Hi,

I¹m using openstack to bring up VMs on Ubuntu servers. I am trying to
support live migration with SR-IOV networking interfaces through macvtap.
My libvirt version is 1.2.2. To make sure that the networking interface
with the same name exists on the destination host, I renamed the interface
name on both hosts. However libvirt is not happy with that. Although the
interface after renaming is accessible from the host, libvirt always give
the above error while bringing up a VM with the interface.

The interface XML is in below:

    <interface type="direct">
      <mac address="fa:16:3e:79:52:26"/>
      <model type="virtio"/>
      <driver name="vhost"/>
      <source dev="srv424ac2f0-eb0"
mode="passthrough"/>
      <virtualport type="802.1Qbh">
        <parameters profileid="BaoliPortProfile0"/>
      </virtualport>
    </interface>


openstack nova uses createWithFlags() to bring up the VM, and the above
error will cause exception, and the VM will be left in shutoff state.
Afterwards, However, the VM can be brought up with either a
domain.create() or on the host with Œsudo virsh start <domain>¹.

Note that the VM after being brought up with the second create() call
works perfectly in terms of networking configuration and connectivity.

However, the VM cannot be migrated any more due to the same error.

The error is thrown from src/util/virnetdev.c.

Note that using the same ioctl in a standalone linux program works
perfectly in terms of accessing the renamed interface. See below:

#include <sys/socket.h>
#include <sys/ioctl.h>
#include <linux/if.h>
#include <netdb.h>
#include <stdio.h>

char *getmac(char *iface)
{
#define MAC_STRING_LENGTH 13
  char *ret = malloc(MAC_STRING_LENGTH);
  struct ifreq s;
  int fd = socket(AF_PACKET, SOCK_DGRAM, 0);

  strcpy(s.ifr_name, iface);
  if (fd >= 0 && ret && 0 == ioctl(fd, SIOCGIFHWADDR,
&s))
  {
    int i;
    for (i = 0; i < 6; ++i)
      snprintf(ret+i*2,MAC_STRING_LENGTH-i*2,"%02x",(unsigned char)
s.ifr_addr.sa_data[i]);
  }
  else
  {
    perror("malloc/socket/ioctl failed");
    exit(1);
  }
  return(ret);
}

int main(int argc, char* argv[])
{
  char *mac = getmac(argv[1]);
  printf("%s\n",mac);
  free(mac);
}


Can anybody explain to me why libvirt is not happy with the renamed
interface? Looking at virnetdev.c, it does basically the same as in the
above program.

Any help is appreciated!

Thanks,
Robert

On Mon, 01 Dec 2014 13:20:37 +0100 Vegard Vesterheim
<vegard.vesterheim@uninett.no> wrote:
> So, my question is: How can I add the device node for /dev/tty with
> libvirt?
Answering my own question yet again. I didn't mention that I was
running Debian Wheezy which has libvirt 0.9.12. Looking in the ChangeLog
for libvirt, I see the following:

  2013-07-09  Richard Weinberger  <richard@nod.at>

	LXC: Create /dev/tty within a container
	Many applications use /dev/tty to read from stdin.
	e.g. zypper on openSUSE.

So, the answer to my question is to upgrade libvirt to a newer version.

 - Vegard V -