Attach storage device to a container error

LXD
1

Hello.

I am trying to attach a device from host OS over a container but I get the following error:

error: Invalid block device: udev

Info about my configuration:

Linux dppascual-test2 4.13.0-25-generic #29-Ubuntu SMP Mon Jan 8 21:14:41 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

driver: lxc
driver_version: 2.1.0
kernel: Linux
kernel_architecture: x86_64
kernel_version: 4.13.0-25-generic
server: lxd
server_pid: 7107
server_version: “2.18”
storage: zfs
storage_version: 0.6.5.11-1ubuntu3

$ lxc list
±------±--------±-----±-----±-----------±----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
±------±--------±-----±-----±-----------±----------+
| cont1 | RUNNING | | | PERSISTENT | 0 |
±------±--------±-----±-----±-----------±----------+

In order to attach a device to a container, I run the below command:

lxc config device add cont1 data disk source=/dev/sdb path=/mnt limits.read=4MB

$ lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 10G 0 disk
├─sda1 8:1 0 9.9G 0 part /
├─sda14 8:14 0 4M 0 part
└─sda15 8:15 0 106M 0 part /boot/efi
sdb 8:16 0 100G 0 disk

If I remove the parameter limits.read, it works. As I could read in this website (incus/doc/storage.md at main · lxc/incus · GitHub), I/O limits can be set on storage devices when attached to a container.

Could you let me know why I’m getting that error?

There is not info related to this problem inside of logs.

Thanks, Regards.

2

Hmm, any chance you can upgrade to LXD 2.21 (apt install -t artful-backports lxd lxd-client), that should get you a number of bugfixes and if not one for this particular case, it’ll at least make it easier for us to debug what’s going on.

3

with lxd2.21 from snap on ubuntu 16.04.4 LTS

I am trying to add a block device to the container (to use docker 1.12 on centos7 for openshift)
$ lsblk /dev/sdm
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sdm 8:192 1 119,3G 0 disk
└─sdm1 8:193 1 119,3G 0 part
$ lxc list => | centos7 | RUNNING | 10.46.99.40 (eth0) | | PERSISTENT | 0

I found the new unix-block device so I try:

$ lxc config device add centos7 myblockdevice unix-block source=/dev/sdm

which creates
$ ll /var/snap/lxd/common/lxd/devices/centos7/unix.myblockdevice.dev-sdm
brw-rw---- 1 root root 8, 192 Feb 27 00:23 /var/snap/lxd/common/lxd/devices/centos7/unix.myblockdevice.dev-sdm
(this looks like the right block device)

4

So the missing part seems to be that:

Its a major permission drama!

The selinux/apparmor config seems to be the issue… OMG

Although I can see all devices in a privileged container using lsblk ?!?, they will only show up in /dev when I configure them using e.g.
lxc config device add centos7 mydockerdisk unix-block source=/dev/sdm
lxc config device add centos7 mydockerpartition unix-block source=/dev/sdm1

centos7$ mount | grep /dev/sdm /dev/nvme0n1p1 on /dev/sdm type ext4 (rw,relatime,errors=remount-ro,data=ordered)

this is a bit confusing… but seems to work.

I can mount the disk device and create partitions.
However, this doesnt create the device nodes in the container (I suppose this is a security feature)
Those only show when I configure the devices in the config of the container!
now things start to look better.

Just dont look at the mount table as its confusing!

5

Probably a user guide would also be needed here.

7

So this works for simple block devices…
But now the minishift installation requires device mapper…

This fails with kernel modules vs libdevmapper mismatch…

I am now getting tempted to go back to kvm.
LXD seems not be able yet to deal with the complex issues coming from running nested but different linux systems and nested virtualization …

I did get the latest docker17.12 to work though
inside centos 7.4
inside LXD on ubuntu 16.04
using btrfs…