Another failed attempt - what am I doing wrong?

wisdomlight · January 31, 2022, 3:59pm

On ubuntu 20.04 LTS updated and all.

Here’s the terminal

Librem-13-v4:~$ systemd-run --unit=my-unit --user --scope -p "Delegate=yes" -- lxc-create -t download -n firstContainer
Running scope as unit: my-unit.scope
Setting up the GPG keyring
ERROR: Unable to fetch GPG key from keyserver
lxc-create: firstContainer: lxccontainer.c: create_run_template: 1616 Failed to create container from template
lxc-create: firstContainer: tools/lxc_create.c: main: 319 Failed to create container firstContainer

What am I doing wring?

This has helped to get the list of distros and to create a container.
Librem-13-v4:~$ export DOWNLOAD_KEYSERVER="hkp://keyserver.ubuntu.com"

I still get a number of other issues

lxc-start: firstContainer: network.c: lxc_create_network_unpriv_exec: 2629 lxc-user-nic failed to configure requested network: cmd/lxc_user_nic.c: 1209: main: Quota reached
            lxc-start: firstContainer: start.c: lxc_spawn: 1786 Failed to create the network
            lxc-start: firstContainer: start.c: __lxc_start: 1999 Failed to spawn container "firstContainer"
                            lxc-start: firstContainer: tools/lxc_start.c: main: 308 The container failed to start
lxc-start: firstContainer: tools/lxc_start.c: main: 313 Additional information can be obtained by setting the --logfile and --logpriority options

And also

CONFIG_NF_NAT_IPV4: missing
CONFIG_NF_NAT_IPV6: missing

stgraber · January 31, 2022, 7:09pm

It’s just the GPG key network being a bit crap. We’re removing GPG entirely in LXC 5.0 to avoid this kind of stuff.

You can try setting DOWNLOAD_KEYSERVER to keyserver.ubuntu.com in your environment, this may help.

wisdomlight · January 31, 2022, 7:20pm

thank
I have some other issues that i’ve posted just now

Cgroup v2 mount points: 
/sys/fs/cgroup/unified

Cgroup v1 clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled, not loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, loaded
Advanced netfilter: enabled, not loaded
CONFIG_NF_NAT_IPV4: missing
CONFIG_NF_NAT_IPV6: missing
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, not loaded

stgraber · January 31, 2022, 7:23pm

The error indicates that your user isn’t allowed to use that bridge or has exceeded the allocation to use that bridge. You’ll need to edit the usernet file (I think that’s what it’s called) in /etc/lxc/ to allow a sufficient number of containers for your user on the bridge of your choice.

wisdomlight · January 31, 2022, 7:28pm

This is how my /etc/lxc/lxc-usernet looks like

USERNAME TYPE BRIDGE COUNT

echo “$(id -un) veth lxcbr0 20” | sudo tee -a /etc/lxc/lxc-usernet

i changed it from 10 to 20
any suggestions

this helped a lot
lsmod|grep veth
great article here