[Plugin] LXC Plugin


Recommended Posts

@ich777 great job on adding this plugin! Currently i'm running some LXC containers and I love it. 

 

If have one suggestion/feature request and that is to add an option to add/edit descriptions related to a LXC container in the GUI.

 

In that way it is easier to manage different (also template/copy) LXC containers.

 

Cheers and keep up the good work!

Edited by Joost
  • Like 1
Link to comment
4 minutes ago, Joost said:

If have one suggestion/feature request and that is to add an option to add/edit descriptions related to an LXC container in the GUI.

Thank you for the request, will look into this but I have a pretty big queue in terms of other things before even looking into this.

 

I first also have to go through a Pull Request which is basically a complete overhaul from the plugin, thanks to @jmztaylor, before I even can look into this, the last two months where pretty hard lifting for me... :/

But that's sometimes how life is going... :)

  • Like 1
Link to comment

Just to let you guys know, you can now fully run Distributions which are using systemd (Ubuntu, Debian Bookworm+,...) on Unraid since v6.11.0-rc4:

 

cgroup v2: Distributions which use systemd (Ubuntu, Debian Bookworm+,...) will not work unless you upgrade to Unraid v6.11.0-rc4+ and append this to your syslinux.conf:

unraidcgroup2

(Unraid supports cgroup2 since version v6.11.0-rc4 and you have to upgrade if you want to use this feature)

 

Please be aware that of time of writing this is still an experimental feature but I run this without any issues on my main server now for about 2 months, with this you will be now also be able to run Docker with all features in for example Debian based LXC containers.

 

Simply append this:

grafik.png.260d5a612499231e32f29dfe5e4a7f5c.png

  • Like 1
Link to comment
  • 4 weeks later...

+==============================================================================
| Installing new package /boot/config/plugins/lxc/lxc-2022.09.01.txz
+==============================================================================

Verifying package lxc-2022.09.01.txz.
Installing package lxc-2022.09.01.txz:
PACKAGE DESCRIPTION:
Package lxc-2022.09.01.txz installed.
---Something went horribly wrong, can't get latest version from LXC and no local version found!---
Removing package: lxc-2022.09.01
Removing files:
--> Deleting /usr/local/emhttp/plugins/lxc/LXC.page
--> Deleting /usr/local/emhttp/plugins/lxc/LXCAddContainer.page
--> Deleting /usr/local/emhttp/plugins/lxc/LXCCopyContainer.page
--> Deleting /usr/local/emhttp/plugins/lxc/LXCGuide.page
--> Deleting /usr/local/emhttp/plugins/lxc/LXCRestoreSnapshot.page
--> Deleting /usr/local/emhttp/plugins/lxc/LXCSettings.page
--> Deleting /usr/local/emhttp/plugins/lxc/LXCSnapshots.page
--> Deleting /usr/local/emhttp/plugins/lxc/css/lxc.css
--> Deleting /usr/local/emhttp/plugins/lxc/event/disks_mounted
--> Deleting /usr/local/emhttp/plugins/lxc/event/unmounting_disks
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/almalinux.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/alpine.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/alt.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/amazonlinux.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/apertis.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/archlinux.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/busybox.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/centos.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/debian.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/devuan.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/fedora.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/funtoo.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/gentoo.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/kali.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/mint.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/opensuse.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/opnwrt.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/oracle.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/plamo.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/pld.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/rockylinux.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/springdalelinux.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/ubuntu.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/distributions/voidlinux.png
--> Deleting /usr/local/emhttp/plugins/lxc/images/lxc.png
--> Deleting /usr/local/emhttp/plugins/lxc/include/Container.php
--> Deleting /usr/local/emhttp/plugins/lxc/include/Settings.php
--> Deleting /usr/local/emhttp/plugins/lxc/include/Snapshot.php
--> Deleting /usr/local/emhttp/plugins/lxc/include/ajax.php
--> Deleting /usr/local/emhttp/plugins/lxc/include/create_vnc_container.sh
--> Deleting /usr/local/emhttp/plugins/lxc/include/functions.php
--> Deleting /usr/local/emhttp/plugins/lxc/js/lxc.js
--> Deleting empty directory /usr/local/emhttp/plugins/lxc/js/
--> Deleting empty directory /usr/local/emhttp/plugins/lxc/include/
--> Deleting empty directory /usr/local/emhttp/plugins/lxc/images/distributions/
--> Deleting empty directory /usr/local/emhttp/plugins/lxc/images/
--> Deleting empty directory /usr/local/emhttp/plugins/lxc/event/
--> Deleting empty directory /usr/local/emhttp/plugins/lxc/css/
WARNING: Unique directory /usr/local/emhttp/plugins/lxc/ contains new files
plugin: run failed: /bin/bash retval: 1

Link to comment
1 hour ago, Alex1989 said:

---Something went horribly wrong, can't get latest version from LXC and no local version found!---

Can you give me a bit more context please?

 

I see that the installation fails, can you reach GitHub from you network? Do you have any AdBlocking software installed in your network? Where are you located in the world? Can you open this page, if yes, please post a screenshot from the output: Click

If you can open the page from above, please open up a console from Unraid and paste this command and post the output:

wget -qO- https://api.github.com/repos/ich777/unraid-lxc-plugin/releases/latest | jq -r '.tag_name'

 

Link to comment
17 hours ago, ich777 said:

Can you give me a bit more context please?

 

I see that the installation fails, can you reach GitHub from you network? Do you have any AdBlocking software installed in your network? Where are you located in the world? Can you open this page, if yes, please post a screenshot from the output: Click

If you can open the page from above, please open up a console from Unraid and paste this command and post the output:

wget -qO- https://api.github.com/repos/ich777/unraid-lxc-plugin/releases/latest | jq -r '.tag_name'

 

1663637364255.thumb.png.b87f022b4e067b989280e9c6e3ccd2cd.png

 

 

from china , but network is ok

image is the out put;

  • Like 1
Link to comment
Just now, Alex1989 said:

1663637364255.thumb.png.b87f022b4e067b989280e9c6e3ccd2cd.png

 

 

from china , but network is ok

image is the out put;

{"message":"API rate limit exceeded for 220.246.254.11. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}

 

this is the out put from click

Link to comment
2 hours ago, Alex1989 said:

this is the out put from click

How often did you issue this command from the terminal?

 

You should have 50 GitHub API requests per hour IIRC, so you should be basically able to install the plugin 50 times in an hour.

Do you use the GitHub API for something else? Maybe that‘s the issue

 

However both of the outputs seem fine and they pulled the version numbers correctly, if you run in a rate limit where you exceed the 50 API requests and it can‘t pull the version number such an issue happens that you posted above.

Link to comment
3 hours ago, ich777 said:

How often did you issue this command from the terminal?

 

You should have 50 GitHub API requests per hour IIRC, so you should be basically able to install the plugin 50 times in an hour.

Do you use the GitHub API for something else? Maybe that‘s the issue

 

However both of the outputs seem fine and they pulled the version numbers correctly, if you run in a rate limit where you exceed the 50 API requests and it can‘t pull the version number such an issue happens that you posted above.

nothing i have done about GitHub API,shoud i try another time?

Link to comment
Just now, Alex1989 said:

nothing i have done about GitHub API

Usually when you do nothing with the GitHub API your rate limit shouldn't exceed...

 

1 minute ago, Alex1989 said:

shoud i try another time?

Yes please, try it multiple times daily once in a hour or so...

This is the first time that I see such an issue...

Link to comment
13 hours ago, Alex1989 said:

{"message":"API rate limit exceeded for 220.246.254.11. (But here's the good news: Authenticated requests get a higher rate limit. Check out the documentation for more details.)","documentation_url":"https://docs.github.com/rest/overview/resources-in-the-rest-api#rate-limiting"}

 

this is the out put from click

 

Is this a public facing server?  Do you have issues with other plugins updating or installing?

 

I ask this because that IP returns a hostname and visting that IP in the browser returns a NGINX page.  You mentioned china.  I am not completely sure how they handle NAT and proxying but is it possible you are sharing that IP with multiple households and that might be why you are getting that error.

 

But if both those questions are no then that assumption is wrong.

  • Like 1
Link to comment
On 9/20/2022 at 10:51 PM, jmztaylor said:

 

Is this a public facing server?  Do you have issues with other plugins updating or installing?

 

I ask this because that IP returns a hostname and visting that IP in the browser returns a NGINX page.  You mentioned china.  I am not completely sure how they handle NAT and proxying but is it possible you are sharing that IP with multiple households and that might be why you are getting that error.

 

But if both those questions are no then that assumption is wrong.

with other plugins updating or installing is all okay, I have the proxy access ,and with the communacation plugin and wegt access with proxy;

Link to comment
On 9/20/2022 at 3:22 PM, ich777 said:

Maybe try to restart your Unraid machine and then try it again.

Done, with reboot, result is the network issue ,

plugin: installing: https://github.com/ich777/unraid-lxc-plugin/raw/master/lxc.plg
plugin: downloading https://github.com/ich777/unraid-lxc-plugin/raw/master/lxc.plg
plugin: downloading: https://github.com/ich777/unraid-lxc-plugin/raw/master/lxc.plg ... done
plugin: downloading: https://github.com/ich777/unraid-lxc-plugin/raw/master/packages/lxc-2022.09.01.txz ... done

+==============================================================================
| Installing new package /boot/config/plugins/lxc/lxc-2022.09.01.txz
+==============================================================================

Verifying package lxc-2022.09.01.txz.
Installing package lxc-2022.09.01.txz:
PACKAGE DESCRIPTION:
Package lxc-2022.09.01.txz installed.

---------------Downloading LXC Package!-----------------
------------Please don't close this window!-------------

---Successfully downloaded LXC Package, installing...---
---------------LXC installation complete!---------------
plugin: lxc.plg installed

Link to comment
5 hours ago, Alex1989 said:

with other plugins updating or installing is all okay

The plugin itself installs just fine, but it's pulling LXC from GitHub Releases and uses the GitHub API.

 

5 hours ago, Alex1989 said:

Done, with reboot, result is the network issue ,

Now the plugin seems to be installed or am I wrong? I think it's like @jmztaylor said that you share one public IP where some users are making use of the GitHub API and exceed the rate limit.

Link to comment
On 9/23/2022 at 1:41 PM, ich777 said:

The plugin itself installs just fine, but it's pulling LXC from GitHub Releases and uses the GitHub API.

 

Now the plugin seems to be installed or am I wrong? I think it's like @jmztaylor said that you share one public IP where some users are making use of the GitHub API and exceed the rate limit.

no, i dont have public ip,just the network problems. but, i think the unraid have some other problems also, because my docker can updated ,but the icon always cant download.

Link to comment
7 minutes ago, Alex1989 said:

no, i dont have public ip

No, not a public IP, but I think you are behind some kind of CG-NAT and someone insider your CG-NAT is using up all the GitHub API calls.

 

9 minutes ago, Alex1989 said:

because my docker can updated ,but the icon always cant download.

I would recommend that you create a thread for that in the General Support Forums.

Link to comment
  • 4 weeks later...

Thanks ich777 for this wonderful plugin, but I'm having issues mounting loop devices inside the container.

 

I tried binding `mapper` `fuse` `loop-control` and `loop$i` devices, but losetup would always return `Operation not permitted`.

 

Here are the additional lines I added to the config, using ubuntu/focal image:

lxc.cgroup.devices.allow = c 10:237 rwm
lxc.cgroup.devices.allow = b 7:* rwm
lxc.cgroup.devices.allow = b 10:236 rwm
lxc.cgroup.devices.allow = b 10:229 rwm
lxc.mount.entry = /dev/loop-control dev/loop-control none bind,create=file 0 0
lxc.mount.entry = /dev/loop0 dev/loop0 none bind,create=file 0 0
lxc.mount.entry = /dev/loop1 dev/loop1 none bind,create=file 0 0
lxc.mount.entry = /dev/loop2 dev/loop2 none bind,create=file 0 0
lxc.mount.entry = /dev/loop3 dev/loop3 none bind,create=file 0 0
lxc.mount.entry = /dev/loop4 dev/loop4 none bind,create=file 0 0
lxc.mount.entry = /dev/loop5 dev/loop5 none bind,create=file 0 0
lxc.mount.entry = /dev/loop6 dev/loop6 none bind,create=file 0 0
lxc.mount.entry = /dev/loop7 dev/loop7 none bind,create=file 0 0
lxc.mount.entry = /dev/mapper dev/mapper none bind,create=dir 0 0
lxc.mount.entry = /dev/fuse dev/fuse none bind,create=file 0 0

 

(I know mounting loop0-3 is dangerous, that's why I'm looking for a solution.)

 

My goal is running a script inside the lxc (and it requires mounting some block files), I do not want to mount those images on host then bind them (as the script will mount, modify, unmount and save the modification, package as a zip, remove the original file).

 

I've seen people saying that I need to run it as privileged, but I'm not sure about that. For testing, I made a simple 1GB img file with GPT format and one partition inside, and I try to mount it (the script linked bellow breaks at the mounting part).

 

Script in question: https://github.com/LSPosed/MagiskOnWSALocal

Edited by midi
Link to comment
9 hours ago, midi said:

I tried binding `mapper` `fuse` `loop-control` and `loop$i` devices, but losetup would always return `Operation not permitted`.

Can you post the full error and/or a screenshot?

 

Do you have cgroup v2 enabled on Unraid? On which Unraid version are you? Can you also post the output of:

dmesg

after trying to start/mount the loop devices?

Link to comment
4 hours ago, ich777 said:

Can you post the full error and/or a screenshot?

 

root@focal:~# mount 1G.img /mnt/
mount: /mnt/: failed to setup loop device for /root/1G.img.
root@focal:~# losetup -fP 1G.img
losetup: 1G.img: failed to set up loop device: Operation not permitted

 

4 hours ago, ich777 said:

Do you have cgroup v2 enabled on Unraid? On which Unraid version are you? Can you also post the output of:

dmesg

after trying to start/mount the loop devices?

 

Yes, I added `unraidcgroup2` to the boot entry, on Unraid 6.11.1.

dmesg/journalctl does not show anything, it just errors out in the console, nothing in the logs.

`losetup` does show that the next free loop device just fine:

 

root@focal:~# losetup -a
/dev/loop1: []: (/boot/bzmodules)
/dev/loop2: []: (/mnt/cache/system/docker/docker-xfs.img)
/dev/loop0: []: (/boot/bzfirmware)
/dev/loop3: []: (/mnt/cache/system/libvirt/libvirt.img)
root@focal:~# losetup -la
NAME SIZELIMIT OFFSET AUTOCLEAR RO BACK-FILE              DIO LOG-SEC
/dev/loop1
             0      0         1  1 /boot/bzmodules          0     512
/dev/loop2
             0      0         1  0 /mnt/cache/system/docker/docker-xfs.img
                                                            1     512
/dev/loop0
             0      0         1  1 /boot/bzfirmware         0     512
/dev/loop3
             0      0         1  0 /mnt/cache/system/libvirt/libvirt.img
                                                            1     512
root@focal:~# losetup -f
/dev/loop4

 

loop devices inside the lxc and of the host:

LXC:

root@focal:~# ls /dev/loop* -la
crw-rw---- 1 root disk 10, 237 Oct 18 18:08 /dev/loop-control
brw-rw---- 1 root disk  7,   0 Oct 18 18:08 /dev/loop0
brw-rw---- 1 root disk  7,   1 Oct 18 18:08 /dev/loop1
brw-rw---- 1 root disk  7,   2 Oct 18 18:10 /dev/loop2
brw-rw---- 1 root disk  7,   3 Oct 18 18:10 /dev/loop3
brw-rw---- 1 root disk  7,   4 Oct 18 18:08 /dev/loop4
brw-rw---- 1 root disk  7,   5 Oct 18 18:08 /dev/loop5
brw-rw---- 1 root disk  7,   6 Oct 18 18:08 /dev/loop6
brw-rw---- 1 root disk  7,   7 Oct 18 18:08 /dev/loop7

Host:

root@X99U:~# ls /dev/loop* -la
crw-rw---- 1 root disk 10, 237 Oct 18 19:08 /dev/loop-control
brw-rw---- 1 root disk  7,   0 Oct 18 19:08 /dev/loop0
brw-rw---- 1 root disk  7,   1 Oct 18 19:08 /dev/loop1
brw-rw---- 1 root disk  7,   2 Oct 18 19:10 /dev/loop2
brw-rw---- 1 root disk  7,   3 Oct 18 19:10 /dev/loop3
brw-rw---- 1 root disk  7,   4 Oct 18 19:08 /dev/loop4
brw-rw---- 1 root disk  7,   5 Oct 18 19:08 /dev/loop5
brw-rw---- 1 root disk  7,   6 Oct 18 19:08 /dev/loop6
brw-rw---- 1 root disk  7,   7 Oct 18 19:08 /dev/loop7

 

 

Link to comment

I found the issue! I changed "lxc.cgroup.devices.allow" to "lxc.cgroup2.devices.allow" and now it's working!

 

lxc.cgroup2.devices.allow = c 10:237 rwm
lxc.cgroup2.devices.allow = b 7:* rwm
lxc.mount.entry = /dev/loop-control dev/loop-control none bind,create=file 0 0
lxc.mount.entry = /dev/loop4 dev/loop4 none bind,create=file 0 0
lxc.mount.entry = /dev/loop5 dev/loop5 none bind,create=file 0 0
lxc.mount.entry = /dev/loop6 dev/loop6 none bind,create=file 0 0
lxc.mount.entry = /dev/loop7 dev/loop7 none bind,create=file 0 0

 

Here is the final setup, I could make it even more limited by setting `b 7:4` `b7:5` and so on to limit access to just those loop devices. There is no need to add mapper or fuse.

 

Found the fix here: https://forum.proxmox.com/threads/lxc-dev-loop-mounting-broken-after-upgrade-to-pve-7-0.97415/post-421499

Edited by midi
  • Like 1
Link to comment
  • 3 weeks later...

@m00nman these are all planed features that I want to integrate but will take some time since I'm currently really busy in real life.

 

 

However you can limit the CPU resources already by adding this to the config (of course without a GUI but it should work just fine):

lxc.cgroup2.cpuset.cpus: 0-12

or something like this:

lxc.cgroup2.cpuset.cpus: 0,2,4,6,8

(please also note that you must enable cgroupv2 like described in the first post of this thread)

 

If I remember correctly it's almost the same for the RAM if you add this to the config:

lxc.cgroup2.memory.limit_in_bytes = 4096M

but I'm not to sure about the memory since I've never done this on my own.

  • Like 2
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.