I am just installed fresh debian 11.1 (bullseye) with lxc 4.0.6 and find out i can’t start any container. I mean, i can ofc, but it will not work at all. Let’s see:
# DOWNLOAD_KEYSERVER="pgp.mit.edu" lxc-create -t download -n c7-1 -B loop --fssize 3G --fstype ext4 -- -d centos -r 7 -a amd64
btw the default download server don’t work too.
# cat /var/lib/lxc/c7-1/config
# Template used to create this container: /usr/share/lxc/templates/lxc-download
# Parameters passed to the template: -d centos -r 7 -a amd64
# For additional config options, please look at lxc.container.conf(5)
# Uncomment the following line to support nesting containers:
#lxc.include = /usr/share/lxc/config/nesting.conf
# (Be aware this has security implications)
# Distribution configuration
lxc.include = /usr/share/lxc/config/centos.common.conf
lxc.arch = x86_64
# Apparmor section
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 0
lxc.apparmor.raw = deny mount -> /proc/,
lxc.apparmor.raw = deny mount -> /sys/,
# Container specific configuration
lxc.rootfs.path = loop:/var/lib/lxc/c7-1/rootdev
lxc.uts.name = c7-1
# Network configuration
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
# lxc-start c7-1 -F
Failed to mount cgroup at /sys/fs/cgroup/systemd: Operation not permitted
systemd 219 running in system mode. (+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 -SECCOMP +BLKID +ELFUTILS +KMOD +IDN)
Detected virtualization lxc.
Detected architecture x86-64.
Welcome to CentOS Linux 7 (Core)!
Cannot determine cgroup we are running in: No such file or directory
Failed to allocate manager object: No such file or directory
[!!!!!!] Failed to allocate manager object, freezing.
Yes, ofc i don’t have /sys/fs/cgroup/systemd cuz, as i find out, debian haven’t cgroups v1
# mount | grep cgroup
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime)
# lxc-checkconfig
...
--- Control groups ---
Cgroups: enabled
Cgroup v1 mount points:
Cgroup v2 mount points:
/sys/fs/cgroup
Cgroup v1 systemd controller: missing
Cgroup v1 freezer controller: missing
Cgroup namespace: required
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
...
So there are 2 ways how to ‘fix’ it:
- Just create what it wants by hands LOL
mkdir -p /sys/fs/cgroup/systemd
mount -t cgroup -o none,name=systemd systemd /sys/fs/cgroup/systemd
chown 100000:100000 -R /sys/fs/cgroup/systemd/
- Turn on cgroups v1, just add
systemd.unified_cgroup_hierarchy=false systemd.legacy_systemd_cgroup_controller=falseto the kernel cmdline.
But i believe these 2 ways are wrong, cuz i want to try cgroups v2 into debian 11, so could you plz answer to me, - is it possible? And if it yes - how to? 
