在 Ubuntu 16.0.4LTS 32 位上创建 lxc 容器时出错

tag-icon tag-icon 16.04 lxc
在 Ubuntu 16.0.4LTS 32 位上创建 lxc 容器时出错

我正在运行 Ubuntu 32 位 16.0.4。

> cat /etc/os-release
NAME="Ubuntu"
VERSION="16.04.1 LTS (Xenial Xerus)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 16.04.1 LTS"
VERSION_ID="16.04"
HOME_URL="http://www.ubuntu.com/"
SUPPORT_URL="http://help.ubuntu.com/"
BUG_REPORT_URL="http://bugs.launchpad.net/ubuntu/"
UBUNTU_CODENAME=xenial

> uname -a
Linux manik 4.4.0-36-generic #55 SMP Tue Sep 13 15:51:05 PDT 2016 i686 i686 i686 GNU/Linux

lxc通过以下方式安装了包:

sudo apt-get install lxc

之后,我创建了一个配置unprivileged container文件~/.config/lxc/default.conf

lxc.id_map = u 0 100000 65536
lxc.id_map = g 0 100000 65536
lxc.network.type = veth
lxc.network.link = lxcbr0

我尝试创建非特权容器但出现错误:

lxc-create -t download -n game_container -l DEBUG -o /tmp/lxc-create -- --no-validate -d ubuntu -r xenial -a i386
Downloading the image index
ERROR: Failed to download http://images.linuxcontainers.org//meta/1.0/index-user
lxc-create: lxccontainer.c: create_run_template: 1290 container creation template for game_container failed
lxc-create: tools/lxc_create.c: main: 318 Error creating container game_container

我查看了日志文件/tmp/lxc-create,其中有以下条目:

     lxc-create 20160914131038.765 INFO     lxc_confile - confile.c:config_idmap:1500 - read uid map: type u nsid 0 hostid 100000 range 65536
     lxc-create 20160914131038.765 INFO     lxc_confile - confile.c:config_idmap:1500 - read uid map: type g nsid 0 hostid 100000 range 65536
     lxc-create 20160914131038.876 INFO     lxc_confile - confile.c:config_idmap:1500 - read uid map: type u nsid 0 hostid 100000 range 65536
     lxc-create 20160914131038.876 INFO     lxc_confile - confile.c:config_idmap:1500 - read uid map: type g nsid 0 hostid 100000 range 65536
     lxc-create 20160914131052.728 ERROR    lxc_container - lxccontainer.c:create_run_template:1290 - container creation template for game_container failed
     lxc-create 20160914131052.732 INFO     lxc_container - lxccontainer.c:container_destroy:2387 - Destroyed rootfs for game_container
     lxc-create 20160914131052.735 INFO     lxc_container - lxccontainer.c:container_destroy:2403 - Destroyed directory for game_container
     lxc-create 20160914131052.735 ERROR    lxc_create_ui - tools/lxc_create.c:main:318 - Error creating container game_container

知道这里发生了什么吗?我做错了什么吗?

答案1

我能够修复此问题。问题出在openssl我的发行版上的安装上。几天前,我摆弄了 openssl 及其 ca 证书。这似乎弄乱了我的系统范围的 openssl。我重新安装了 openssl,一切正常。

不过,找出原因并不难。lxc-download模板脚本没有抛出任何有用的错误,所以我不得不四处查看。最终发现,ca 证书验证失败了。

相关内容