Introduction

A lot of people have been asking us how to run LXD on Centos/RHEL 7 in the past.

Up until now, our answer has usually been to use some of the Fedora packages for liblxc, combined with a hand built version of LXD that you then have to manually integrate with your system. So certainly doable but not exactly clean or easy.

But now there is finally a cleaner, much more supportable way for you to get LXD on those systems as there is now a build of snapd that works with Centos/RHEL, letting you use the official LXD snap on those systems.

Note that the state of snapd on Centos/RHEL is still considered early days, so some features may be missing or broken. We did add automatic testing on our side as we do for all the other distributions and so far everything looks good.

Setting things up

The instructions below are based on a clean Centos 7.4 installation.

# Install snapd
yum install yum-plugin-copr epel-release
yum copr enable ngompa/snapcore-el7
yum install snapd
systemctl enable --now snapd.socket

# Install ZFS (skip if you don't want it)
yum install http://download.zfsonlinux.org/epel/zfs-release.el7_4.noarch.rpm
yum-config-manager --disable zfs
yum-config-manager --enable zfs-kmod
yum install zfs

# Configure the kernel
grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
grubby --args="namespace.unpriv_enable=1" --update-kernel="$(grubby --default-kernel)"
echo "user.max_user_namespaces=3883" > /etc/sysctl.d/99-userns.conf
reboot

# Install the LXD snap
snap install lxd

# Configure LXD
lxd init

# Launch containers
lxc launch ubuntu:16.04 c1

Screenshot from 2018-02-20 00-52-59.png996×490 47.2 KB

Let us know if you notice anything missing/broken!

Rather than applying the new kernel params to only the current kernel, it’s safer to add them to the GRUB_CMDLINE_LINUX variable in /etc/default/grub and then generate the new grub conf with grub2-mkconfig >/boot/grub2/grub.cfg so they apply to all kernels.

Hey all,
anyone having troubles with adding this repo on step two?
I don’t see a way to install snapd in centos7.

Does anyone have a way get this working in Centos 7 with a modern kernel?

yum copr enable ngompa/snapcore-el7


    sudo yum copr enable ngompa/snapcore-el7
Loaded plugins: copr, fastestmirror, ovl

You are about to enable a Copr repository. Please note that this
repository is not part of the main Fedora distribution, and quality
may vary.

The Fedora Project does not exercise any power over the contents of
this repository beyond the rules outlined in the Copr FAQ at
<https://fedorahosted.org/copr/wiki/UserDocs#WhatIcanbuildinCopr>, and
packages are not held to any quality or securty level.

Please do not file bug reports about these packages in Fedora
Bugzilla. In case of problems, contact the owner of this repository.

Do you want to continue? [y/N]: y
Error: [Errno 14] HTTPS Error 404 - Not Found

What architecture are you doing this on?

I reinstalled a Centos7 system last week and the instructions still worked fine.

Hey Steven,
x86-64

uname -a
Linux intrellica-02-a 3.10.0-693.21.1.el7.x86_64 #1 SMP Wed Mar 7 19:03:37 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)

Perhaps I am wrong , but I don’t think this is an arch issue, but an access to repo one.

sudo yum copr enable ngompa/snapcore-el7

Is returning a 404. I wonder if there is a workaround for getting snapd installed on centos . Once this is installed, then the rest might work.

Correct me if I am wrong.

Thanks

I was thinking it could be an architecture problem since the repo is only available for x86_64, but that’s what you’re running.

Looks like it might have to do with the release of the latest RHEL/CentOS point release with COPR not yet finding the repo for it?

Anyway, the following worked here:

• wget https://copr.fedorainfracloud.org/coprs/ngompa/snapcore-el7/repo/epel-7/ngompa-snapcore-el7-epel-7.repo -O /etc/yum.repos.d/snapd.repo
• yum update

As a temporary replacement for yum copr enable ngompa/snapcore-el7

Thanks , this seems to be going forward. I will let you know if something breaks.

Perhaps not the person to ask, but just out of curiosity , utilizing the snapd method, will I be able to continue updating my kernel and having LXD work with it?

EDIT:
It looks like it’s still struggling with name spaces.

Name: c1
Remote: unix://
Architecture: x86_64
Created: 2018/05/24 18:04 UTC
Status: Stopped
Type: persistent
Profiles: default

Log:

lxc 20180524180431.776 ERROR    lxc_start - start.c:lxc_spawn:1607 - Invalid argument - Failed to clone a new set of namespaces
lxc 20180524180431.818 WARN     lxc_network - network.c:lxc_delete_network_priv:2591 - Failed to remove interface "veth2HCR66" from "lxdbr0": Invalid argument
lxc 20180524180431.819 ERROR    lxc_start - start.c:__lxc_start:1866 - Failed to spawn container "c1"
lxc 20180524180431.819 ERROR    lxc_conf - conf.c:userns_exec_1:4116 - Failed to clone process in new user namespace
lxc 20180524180431.819 WARN     lxc_cgfsng - cgroups/cgfsng.c:cgfsng_destroy:1651 - Failed to destroy cgroups
lxc 20180524180431.819 ERROR    lxc_container - lxccontainer.c:wait_on_daemonized_start:824 - Received container state "ABORTING" instead of "RUNNING"
lxc 20180524180431.819 WARN     lxc_commands - commands.c:lxc_cmd_rsp_recv:130 - Connection reset by peer - Failed to receive response for command "get_cgroup"

Did you run the gruby commands above and rebooted your system afterwards?

Without those, you won’t be able to setup namespaces which would explain the error.

Can you show cat /proc/cmdline ?

hey I am sorry I didn’t see the message for the reply on this but here is the command you requested.

cat /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-3.10.0-862.3.2.el7.x86_64 root=PARTUUID=eb3e2c88-901e-4843-a847-def87272fe6b ro console=tty0 crashkernel=auto console=ttyS0,9600 LANG=en_US.UTF-8 user_namespace.enable=1 namespace.unpriv_enable=1

And you’re still running into that same error?
I just checked and my system matches your kernel version and command line.

Hi

Any ideas?

[alex@node-1 ~]$ cat /etc/redhat-release
CentOS Linux release 7.5.1804 (Core)

[alex@node-1 ~]$ cat /proc/cmdline
BOOT_IMAGE=/vmlinuz-3.10.0-862.6.3.el7.x86_64 root=UUID=e77db026-3d8b-4263-9832-fd729d349ec8 ro crashkernel=128M user_namespace.enable=1 namespace.unpriv_enable=1 rhgb quiet

[oneadmin@node-1 ~]$ lxc config show
cannot create user data directory: /var/lib/one/snap/lxd/7650: Permission denied
[alex@node-1 one]$ lxc config show
If this is your first time running LXD on this machine, you should also run: lxd init
To start your first container, try: lxc launch ubuntu:16.04

Error: Get http://unix.socket/1.0: dial unix /var/snap/lxd/common/lxd/unix.socket: connect: permission denied
[alex@node-1 one]$ lxd init
Error: Failed to connect to local LXD: Get http://unix.socket/1.0: dial unix /var/snap/lxd/common/lxd/unix.socket: connect: permission denied

Is your user in the lxd group?

I figured out some settings incorrectly. Helped your tests with jenkins.

In case anyone else is using Amazon Linux and gets this error at the first command:

$ sudo yum install yum-plugin-copr epel-release
...
No package epel-release available.
Nothing to do

See these Amazon docs on enabling the EPEL repository (epel-release), and rerun the install command.

And if you get this error as well:

$ sudo yum copr enable ngompa/snapcore-el7
...
Do you want to continue? [y/N]: y
Error: [Errno 14] HTTPS Error 404 - Not Found

then try adding epel-7 at the end of the command like so:

$ sudo yum copr enable ngompa/snapcore-el7 epel-7

Got instructions at the top of this post to work by running the yum install snapd command as root!

Hi,
Following the instructions to set up LXD on Centos 7.5 here, everything is ok until:

$ sudo echo “user.max_user_namespaces=3883” > /etc/sysctl.d/99-userns.conf
bash: /etc/sysctl.d/99-userns.conf: Permission denied
$ ls
?

The instructions never say sudo echo, they say to run those commands as root.

Running sudo echo abc > def will have echo run as root, but the writing to def part running as your normal user through the shell, which is why you’re getting permission denied.

Run sudo -i and then run the full command as root and it’ll work fine.

if anyone runs into the yum-config-manager : command not found .

Do this…

# yum --enablerepo="base" -y install yum-utils

Thanks, I ran sudo -i and the echo worked this time.
But after rebooting, I’m getting another error:
[root@localhost ~]# snap install lxd
snap “lxd” is already installed, see “snap refresh --help”
[root@localhost ~]# lxd init
-bash: lxd: command not found

Checked - there is a lxd folder in snap.