LXC 설치 후 cgroup namespace 요구할 때

lxc를 설치후 lxc-chkconfig를 실행해보면 아래와 같이 cgroup namespace가 required로 나오는 경우가 있다.

# lxc-checkconfig

--- Namespaces ---

Namespaces: enabled

Utsname namespace: enabled

Ipc namespace: enabled

Pid namespace: enabled

User namespace: enabled

Network namespace: enabled

Multiple /dev/pts instances: enabled

--- Control groups ---

Cgroup: enabled

Cgroup namespace: required

Cgroup device: enabled

Cgroup sched: enabled

Cgroup cpu account: enabled

Cgroup memory controller: enabled

Cgroup cpuset: enabled

--- Misc ---

Veth pair device: enabled

Macvlan: enabled

Vlan: enabled

Bridges: enabled

Advanced netfilter: enabled

CONFIG_NF_NAT_IPV4: enabled

CONFIG_NF_NAT_IPV6: enabled

CONFIG_IP_NF_TARGET_MASQUERADE: enabled

CONFIG_IP6_NF_TARGET_MASQUERADE: enabled

CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled

--- Checkpoint/Restore ---

checkpoint restore: enabled

CONFIG_FHANDLE: enabled

CONFIG_EVENTFD: enabled

CONFIG_EPOLL: enabled

CONFIG_UNIX_DIAG: enabled

CONFIG_INET_DIAG: enabled

CONFIG_PACKET_DIAG: enabled

CONFIG_NETLINK_DIAG: enabled

File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration

usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

커널 버전 3.0부터 cgroup namespace 설정은 없어졌는데 어쩌란 말이냐..

원래는 아래와 같이 나와야 정상이다.

# lxc-checkconfig

--- Namespaces ---

Namespaces: enabled

Utsname namespace: enabled

Ipc namespace: enabled

Pid namespace: enabled

User namespace: enabled

Network namespace: enabled

Multiple /dev/pts instances: enabled

--- Control groups ---

Cgroup: enabled

Cgroup clone_children flag: enabled

Cgroup device: enabled

Cgroup sched: enabled

Cgroup cpu account: enabled

Cgroup memory controller: enabled

Cgroup cpuset: enabled

--- Misc ---

Veth pair device: enabled

Macvlan: enabled

Vlan: enabled

Bridges: enabled

Advanced netfilter: enabled

CONFIG_NF_NAT_IPV4: enabled

CONFIG_NF_NAT_IPV6: enabled

CONFIG_IP_NF_TARGET_MASQUERADE: enabled

CONFIG_IP6_NF_TARGET_MASQUERADE: enabled

CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled

--- Checkpoint/Restore ---

checkpoint restore: enabled

CONFIG_FHANDLE: enabled

CONFIG_EVENTFD: enabled

CONFIG_EPOLL: enabled

CONFIG_UNIX_DIAG: enabled

CONFIG_INET_DIAG: enabled

CONFIG_PACKET_DIAG: enabled

CONFIG_NETLINK_DIAG: enabled

File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration

usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

이 때는 아래와 같이 cgroup-lite를 설치해 주고 리부팅 하면 된다.

sudo apt-get install cgroup-lite