the container fails to start due to trying to set devices.allow to c 10:200 rwm during boot but that option is not defined in the config.
i manually edited the container config raw.lxc to include those options previously but then deleted the container and then recreated it without the option.
is it possible the raw.lxc config somehow did not get deleted even though it does not appear in the lxc config show output below ?
lxc vv-lxd-openvpn 20200708170638.450 WARN conf - conf.c:lxc_setup_devpts:1616 - Invalid argument - Failed to unmount old devpts instance
lxc vv-lxd-openvpn 20200708170638.451 WARN cgfsng - cgroups/cgfsng.c:get_hierarchy:204 - There is no useable devices controller
lxc vv-lxd-openvpn 20200708170638.451 ERROR cgfsng - cgroups/cgfsng.c:cg_legacy_set_data:2191 - Failed to setup limits for the "devices" controller. The controller seems to be unused by "cgfsng" cgroup driver or not enabled on the cgroup hierarchy
lxc vv-lxd-openvpn 20200708170638.451 WARN cgfsng - cgroups/cgfsng.c:__cg_legacy_setup_limits:2228 - Failed to set "devices.allow" to "c 10:200 rwm"
lxc vv-lxd-openvpn 20200708170638.451 ERROR start - start.c:lxc_spawn:1814 - Failed to setup legacy device cgroup controller limits
lxc vv-lxd-openvpn 20200708170638.451 WARN network - network.c:lxc_delete_network_priv:2561 - Failed to rename interface with index 1
here is the config for the container that is trying to set the devices.allow
$ lxc config show vv-lxd-openvpn
architecture: x86_64
config:
image.architecture: amd64
image.description: ubuntu 16.04 LTS amd64 (release) (20200610)
image.label: release
image.os: ubuntu
image.release: xenial
image.serial: "20200610"
image.type: squashfs
image.version: "16.04"
volatile.base_image: 41945f2d6c1412484e20be9e7fd57a2ea780c02caab4e0db45aae50af8cd14f4
volatile.eth0.hwaddr: 00:16:3e:3e:c1:50
volatile.eth0.name: eth0
volatile.idmap.base: "0"
volatile.idmap.current: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]'
volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]'
volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":100000,"Nsid":0,"Maprange":65536},{"Isuid":false,"Isgid":true,"Hostid":100000,"Nsid":0,"Maprange":65536}]'
volatile.last_state.power: STOPPED
devices:
openvpn-port-forward_1194_9191:
connect: tcp:127.0.0.1:1194
listen: tcp:0.0.0.0:9191
type: proxy
tun:
path: /dev/net/tun
type: unix-char
ephemeral: false
profiles:
- default
stateful: false
description: ""
this is the profile the container utilizes:
$ lxc profile show default
config:
raw.lxc: lxc.apparmor.profile=unconfined
description: Default LXD profile
devices:
eth0:
nictype: bridged
parent: vv_lxd_br0
type: nic
root:
path: /
pool: vv-lxd-local-storage
type: disk
name: default
used_by:
- /1.0/instances/vv-lxd-openvpn
- /1.0/instances/us-numbersro-char
- /1.0/instances/us-numbersro-login
- /1.0/instances/us-numbersro-map
- /1.0/instances/us-numbersro-mariadb
happy lxd’ing