lxc-usernet shared quota??
10 views
Skip to first unread message
Narcis Garcia
Jan 27, 2024, 2:39:05 PMJan 27
to LXC users SPM
I'm running 9 unprivileged containers by user account "lxc" on a Debian
12 host (LXC 5.0.2).
I have this content at /etc/lxc/lxc-usernet :
lxc veth shared-br 1024
lxc veth dedicated-br1 10
lxc veth dedicated-br2 10
lxc veth dedicated-br3 10
lxc veth dedicated-br4 10
lxc veth dedicated-br5 10
5 of the containers are linked to "shared-br" and the other 4 containers
are linked to a separate bridge each one (dedicated-brX respectively).
Then I try to start a 10th container linked to "dedicated-br5" ant it
fails with this error:
lxc-user-nic failed to configure requested network:(...) Quota reached
ONLY if I increment this line at /etc/lxc/lxc-usernet I can start container:
lxc veth dedicated-br5 11
My questions to ask:
1. Does it mean all "10" values are a shared and/or lowlimit values?
2. Is there a way to share all cases in a single line (perhaps with
wildcards for user/group/type/bridge)?
--
Narcis Garcia
__________
I'm using this dedicated address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should remove and omit any @, dot and mailto combinations against
automated addresses collectors.
12 host (LXC 5.0.2).
I have this content at /etc/lxc/lxc-usernet :
lxc veth shared-br 1024
lxc veth dedicated-br1 10
lxc veth dedicated-br2 10
lxc veth dedicated-br3 10
lxc veth dedicated-br4 10
lxc veth dedicated-br5 10
5 of the containers are linked to "shared-br" and the other 4 containers
are linked to a separate bridge each one (dedicated-brX respectively).
Then I try to start a 10th container linked to "dedicated-br5" ant it
fails with this error:
lxc-user-nic failed to configure requested network:(...) Quota reached
ONLY if I increment this line at /etc/lxc/lxc-usernet I can start container:
lxc veth dedicated-br5 11
My questions to ask:
1. Does it mean all "10" values are a shared and/or lowlimit values?
2. Is there a way to share all cases in a single line (perhaps with
wildcards for user/group/type/bridge)?
--
Narcis Garcia
__________
I'm using this dedicated address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should remove and omit any @, dot and mailto combinations against
automated addresses collectors.
Narcis Garcia
Jan 27, 2024, 4:35:28 PMJan 27
to LXC users SPM
Now I see I need this to link 11 containers same way:
lxc veth shared-by-1to5 1024
lxc veth dedicated-to6th 10
lxc veth dedicated-to7th 10
lxc veth dedicated-to8th 10
lxc veth dedicated-to9th 10
lxc veth dedicated-to10th 11
lxc veth dedicated-to11th 12
(and I imagine each additional one will need last quota +1)
El 27/1/24 a les 20:38, Narcis Garcia ha escrit:
> I'm running 9 unprivileged containers by user account "lxc" on a Debian tpto
I'm using this express-made address because personal addresses aren't
lxc veth shared-by-1to5 1024
lxc veth dedicated-to6th 10
lxc veth dedicated-to7th 10
lxc veth dedicated-to8th 10
lxc veth dedicated-to9th 10
lxc veth dedicated-to10th 11
lxc veth dedicated-to11th 12
(and I imagine each additional one will need last quota +1)
El 27/1/24 a les 20:38, Narcis Garcia ha escrit:
> I'm running 9 unprivileged containers by user account "lxc" on a Debian tpto
> 12 host (LXC 5.0.2).
>
> I have this content at /etc/lxc/lxc-usernet :
> lxc veth shared-br 1024
> lxc veth dedicated-br1 10
> lxc veth dedicated-br2 10
> lxc veth dedicated-br3 10
> lxc veth dedicated-br4 10
> lxc veth dedicated-br5 10
>
> 5 of the containers are linked to "shared-br" and the other 4 containers
> are linked to a separate bridge each one (dedicated-brX respectively).
>
> Then I try to start a 10th container linked to "dedicated-br5" ant it
> fails with this error:
> lxc-user-nic failed to configure requested network:(...) Quota reached
>
> ONLY if I increment this line at /etc/lxc/lxc-usernet I can start
> container:
> lxc veth dedicated-br5 11
>
> My questions to ask:
> 1. Does it mean all "10" values are a shared and/or lowlimit values?
> 2. Is there a way to share all cases in a single line (perhaps with
> wildcards for user/group/type/bridge)?
>
--
__________
>
> I have this content at /etc/lxc/lxc-usernet :
> lxc veth shared-br 1024
> lxc veth dedicated-br1 10
> lxc veth dedicated-br2 10
> lxc veth dedicated-br3 10
> lxc veth dedicated-br4 10
> lxc veth dedicated-br5 10
>
> 5 of the containers are linked to "shared-br" and the other 4 containers
> are linked to a separate bridge each one (dedicated-brX respectively).
>
> Then I try to start a 10th container linked to "dedicated-br5" ant it
> fails with this error:
> lxc-user-nic failed to configure requested network:(...) Quota reached
>
> ONLY if I increment this line at /etc/lxc/lxc-usernet I can start
> container:
> lxc veth dedicated-br5 11
>
> My questions to ask:
> 1. Does it mean all "10" values are a shared and/or lowlimit values?
> 2. Is there a way to share all cases in a single line (perhaps with
> wildcards for user/group/type/bridge)?
>
--
I'm using this express-made address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
should fix this against automated addresses collectors.
Serge E. Hallyn
Jan 27, 2024, 4:43:28 PMJan 27
to Narcis Garcia, LXC users SPM
Could you cat /run/lxc/nics ?
> --
> You received this message because you are subscribed to the Google Groups "lxc-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to lxc-users+...@lists.linuxcontainers.org.
> To view this discussion on the web visit https://groups.google.com/a/lists.linuxcontainers.org/d/msgid/lxc-users/799c21e0-7b52-496c-bc95-1fce22cad953%40actiu.net.
> You received this message because you are subscribed to the Google Groups "lxc-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to lxc-users+...@lists.linuxcontainers.org.
> To view this discussion on the web visit https://groups.google.com/a/lists.linuxcontainers.org/d/msgid/lxc-users/799c21e0-7b52-496c-bc95-1fce22cad953%40actiu.net.
Narcis Garcia
Jan 28, 2024, 2:13:11 AMJan 28
to LXC users SPM
(as you can suppose, I've rewritten to mask bridges names and any IP)
$ sudo cat /run/lxc/nics
lxc veth shared-by-1to5 veth1002_JPWI
lxc veth dedicated-to6th veth1002_YHcf
lxc veth shared-by-1to5 veth1002_V0Wt
lxc veth shared-by-1to5 veth1002_GO0k
lxc veth dedicated-to7th veth1002_SzSC
lxc veth dedicated-to8th veth1002_FXlm
lxc veth shared-by-1to5 veth1002_yz1L
lxc veth shared-by-1to5 veth1002_MeZO
lxc veth shared-by-1to5 veth1002_EUKJ
lxc veth dedicated-to9th veth1002_5bWG
lxc veth dedicated-to10th veth1002_Lii2
lxc veth dedicated-to11th veth1002_AIqf
("shared-by-1to5" and "dedicated-toX" are bridges)
El 27/1/24 a les 22:43, Serge E. Hallyn ha escrit:
--
Narcis Garcia
__________
I'm using this dedicated address because personal addresses aren't
$ sudo cat /run/lxc/nics
lxc veth shared-by-1to5 veth1002_JPWI
lxc veth dedicated-to6th veth1002_YHcf
lxc veth shared-by-1to5 veth1002_V0Wt
lxc veth shared-by-1to5 veth1002_GO0k
lxc veth dedicated-to7th veth1002_SzSC
lxc veth dedicated-to8th veth1002_FXlm
lxc veth shared-by-1to5 veth1002_yz1L
lxc veth shared-by-1to5 veth1002_MeZO
lxc veth shared-by-1to5 veth1002_EUKJ
lxc veth dedicated-to9th veth1002_5bWG
lxc veth dedicated-to10th veth1002_Lii2
lxc veth dedicated-to11th veth1002_AIqf
("shared-by-1to5" and "dedicated-toX" are bridges)
El 27/1/24 a les 22:43, Serge E. Hallyn ha escrit:
Narcis Garcia
__________
I'm using this dedicated address because personal addresses aren't
masked enough at this mail public archive. Public archive administrator
Narcis Garcia
Jan 30, 2024, 4:29:25 AMJan 30
to lxc-...@lists.linuxcontainers.org
Does anybody know if is there some detailed documentation about
/etc/lxc/lxc-usernet values and implications?
Thank you.
El 28/1/24 a les 8:12, Narcis Garcia ha escrit:
/etc/lxc/lxc-usernet values and implications?
Thank you.
El 28/1/24 a les 8:12, Narcis Garcia ha escrit:
Serge E. Hallyn
Feb 2, 2024, 4:21:43 PMFeb 2
to Narcis Garcia, lxc-...@lists.linuxcontainers.org
Mainly https://linuxcontainers.org/lxc/manpages/man5/lxc-usernet.5.html
I've been looking over the code some more, hoping to find some place
where either the bridge name length has to be shorter, or '-' is
being interpreted as end of the name, as those would explain it.
But I'm not finding anything.
> To view this discussion on the web visit https://groups.google.com/a/lists.linuxcontainers.org/d/msgid/lxc-users/c8724d27-3fd5-4b92-9a49-81ee7e188cca%40actiu.net.
I've been looking over the code some more, hoping to find some place
where either the bridge name length has to be shorter, or '-' is
being interpreted as end of the name, as those would explain it.
But I'm not finding anything.
Narcis Garcia
Feb 3, 2024, 3:52:21 AMFeb 3
to LXC users SPM
Thank you for looking into this, Serge.
El 2/2/24 a les 22:21, Serge E. Hallyn ha escrit:
El 2/2/24 a les 22:21, Serge E. Hallyn ha escrit:
Reply all
Reply to author
Forward
0 new messages