Asking for suggestions regarding best way to shut down and start up containers automatically

williamblair · March 23, 2021, 8:39pm

distro: Debian Buster
lxc ver: 3.0.3-8
filesystem: btrfs on /opt
container path: /opt/containers/*

Hello. I have containers that are working smoothly. I have the following in each container’s config file:

lxc.start.auto = 1
lxc.start.delay = 5

I can’t seem to get

lxc-autostart --list

to show me anything though.

I was thinking of using a service to do shutdown / startup scripts instead. Any advice on best way to shut containers down before reboot and start them back up on restart is greatly appreciated.

Thanks for your time.

stgraber · March 23, 2021, 8:54pm

Does lxc-autostart have a -P argument? If so, try passing that with /opt/containers/ and see if they show up then.

williamblair · March 23, 2021, 9:02pm

Thank you. It does have -P option but sadly nothing returned.

lxc@wt-lxc-01:/var/lib/lxc/wt-relay-01$ lxc-autostart -P=/opt/containers/
lxc@wt-lxc-01:/var/lib/lxc/wt-relay-01$

and

lxc@wt-lxc-01:/var/lib/lxc/wt-relay-01$ lxc-autostart --lxcpath=/opt/containers/
lxc@wt-lxc-01:/var/lib/lxc/wt-relay-01$

I also created a soft symlink to /var/lib/lxc but also didn’t work.

stgraber · March 23, 2021, 9:14pm

Did you try without the trailing slash too?

I wouldn’t expect the symlink to work because of the way LXC communicates with the monitor process where an exact path match is required, but I was hoping you could convince it to see them with --lxcpath.

That said I haven’t played with lxc-autostart in a long time (well, pretty much since I wrote it ;)).

williamblair · March 23, 2021, 9:24pm

Thanks. I tried without trailing slash as well.

Do I need the container to be a member of “onboot” group? I’m looking for document to show me how to do that too.

https://linuxcontainers.org/lxc/manpages/man5/lxc.container.conf.5.html

stgraber · March 23, 2021, 9:33pm

What does lxc-autostart --list -a -P /opt/containers/ get you?

williamblair · March 24, 2021, 1:03am

It gave me the container I had in there.

lxc@wt-lxc-01:~$ lxc-autostart --list -a -P /opt/containers/
wt-relay-01 5
lxc@wt-lxc-01:~$

stgraber · March 24, 2021, 1:16am

Okay, so that should let you do lxc-autostart -s -a -P /opt/containers/ to shut them all down. And lxc-autostart -a -P /opt/containers/ to start them all up.

williamblair · March 24, 2021, 1:18am

Thank you for taking the time. What method do you suggest that someone employ to implement that? A systemctl .service?

stgraber · March 24, 2021, 1:22am

Yeah, you’d want something like our default lxc.service systemd unit which is supposed to be handling this kind of stuff when containers are in the usual location.

Looking at its code, it defaults to auto-starting and auto-stopping containers in the onboot group and uses a default shutdown delay of 5s per container (look at the lxc-containers script).

williamblair · March 24, 2021, 1:24am

I don’t know why but when I ran lxc-autostart --list -a -P /opt/containers/ again nothing returned. The container did not start with lxc-autostart -a -P /opt/containers/ but they did shutdown with lxc-autostart -s -a -P /opt/containers/

Hrm… the container won’t shutdown now either.

williamblair · March 24, 2021, 1:36am

lxc.group = onboot
lxc.start.auto = 1
lxc.start.delay = 5

lxc.include = /usr/share/lxc/config/common.conf
lxc.include = /usr/share/lxc/config/userns.conf

lxc.arch = linux64

lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536

lxc.rootfs.path = btrfs:/opt/containers/wt-relay-01/rootfs
lxc.uts.name = wt-relay-01

lxc.net.0.type = veth
lxc.net.0.link = br0

williamblair · March 24, 2021, 1:35am

Just trying stuff here:

lxc@wt-lxc-01:~$ lxc-autostart --list -a -P /opt/containers/
wt-relay-01 5
lxc@wt-lxc-01:~$ lxc-autostart -s -a -P /opt/containers/
lxc@wt-lxc-01:~$ lxc-autostart --list -a -P /opt/containers/
wt-relay-01 5
lxc@wt-lxc-01:~$ lxc-autostart -a -P /opt/containers/
lxc@wt-lxc-01:~$ lxc-ls -f
lxc@wt-lxc-01:~$ lxc-console -n wt-relay-01
lxc-console: wt-relay-01: tools/lxc_console.c: main: 152 wt-relay-01 is not running
lxc@wt-lxc-01:~$ lxc-attach -n wt-relay-01
lxc-attach: wt-relay-01: attach.c: lxc_attach: 1095 Failed to get init pid
lxc@wt-lxc-01:~$ lxc-autostart --list -a -P /opt/containers/
lxc@wt-lxc-01:~$
lxc@wt-lxc-01:~$ lxc-autostart -s -a -P /opt/containers/
lxc@wt-lxc-01:~$ lxc-autostart --list -a -P /opt/containers/
wt-relay-01 5

stgraber · March 24, 2021, 2:48am

All the other commands are also going to need the -P /opt/containers/ otherwise LXC will always look in the default path. As you’re running it as an unprivileged user, it will be looking at ~/.local/share/lxc.

williamblair · March 24, 2021, 11:10am

I sound dense and I apologize - what exactly should I put in ~/.local/share/lxc? According to your article below, I should put containers there? /var/lib/lxc => ~/.local/share/lxc

I get the feeling that if I point my storage to ‘/home’ set it to btrfs and then do everything default location, lxc-autostart will be able to start / stop the containers automatically?

https://stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers/

/etc/lxc/lxc.conf => ~/.config/lxc/lxc.conf
/etc/lxc/default.conf => ~/.config/lxc/default.conf
/var/lib/lxc => ~/.local/share/lxc
/var/lib/lxcsnaps => ~/.local/share/lxcsnaps
/var/cache/lxc => ~/.cache/lxc

stgraber · March 24, 2021, 12:44pm

As you’re running LXC as an unprivileged user, the paths within the user’s home directory will be used indeed and I would expect lxc-autostart and other tools to default to those saving you from having to always pass -P to them.

williamblair · March 24, 2021, 2:45pm

It behaves better now that way. I still can’t get the container I created to automatically startup on system host reboot though. I added

lxc.group = onboot

and

lxc.start.autostart = 1

(although I believe one cancels the other out).

Although

lxc-autostart -g onboot

does manually start the container now. I’ll go back over the man pages (clearly I can’t read them well).

Thanks for the time.

stgraber · March 24, 2021, 4:00pm

I think you’ll need to duplicate the systemd unit to run as your lxc user.
Out of the box, the unit that’s shipped with LXC runs as root and looks for containers in /var/lib/lxc as a result.

williamblair · March 24, 2021, 3:06pm

Thank you for the hand holding - I appreciate it.

williamblair · March 24, 2021, 4:00pm

Alright! In case anyone else stumbles on this thread:

cp /etc/systemd/system/multi-user.target.wants/lxc.service /home/lxc/.config/systemd/user/lxc-user.service

~/.config/systemd/user$ nano lxc-user.service

add User=username under [Service] section. It will look something like this where user is lxc:

[Unit]
Description=LXC Container Initialization and Autoboot Code
After=network.target lxc-net.service
Wants=lxc-net.service
Documentation=man:lxc-autostart man:lxc

[Service]
Type=oneshot
User=lxc
RemainAfterExit=yes
ExecStartPre=/usr/lib/x86_64-linux-gnu/lxc/lxc-apparmor-load
ExecStart=/usr/lib/x86_64-linux-gnu/lxc/lxc-containers start
ExecStop=/usr/lib/x86_64-linux-gnu/lxc/lxc-containers stop
Delegate=yes
StandardOutput=syslog
StandardError=syslog

[Install]
WantedBy=multi-user.target

Next, as root, run this:

systemctl enable lxc-user.service

And on reboot the containers in their default locations worked.

Thanks again.