search

erik78se / layer-collabora

Juju charm for collabora online to work with nextcloud
0 stars 0 forks source link

Many problems with a userspace install of LXD (snap) #2

Open Routhinator opened 4 years ago

Routhinator commented 4 years ago

Hi, there are many issues with this deployment on the snap (now the recommended install) version of LXD. This needs a lxd profile in the charm (like kubernetes-worker) to resolve the issues. Docker cannot launch this app inside the snap of LXD as it cannot mount /proc - I managed to get around that by setting:

security.nesting=true security.privileged=true

However I still cannot get the collabora conatiner to launch:

frk-00032-00032 2019-10-13 02:20:56.164527 [ forkit ] INF  Initializing frk. Local time: Sun 2019-10-13 02:20:56+0000. Log level is [8].| common/Log.cpp:191
frk-00032-00032 2019-10-13 02:20:56.164564 [ forkit ] INF  Setting log-level to [trace] and delaying setting to configured [warning] until after Forkit initialization.| kit/ForKit.cpp:390
frk-00032-00032 2019-10-13 02:20:56.164611 [ forkit ] INF  RLIMIT_AS is unlimited after setting it to unlimited.| common/Seccomp.cpp:250
frk-00032-00032 2019-10-13 02:20:56.164778 [ forkit ] INF  RLIMIT_STACK is 8192000 bytes after setting it to 8192000 bytes.| common/Seccomp.cpp:250
frk-00032-00032 2019-10-13 02:20:56.164848 [ forkit ] INF  Ignored setting RLIMIT_FSIZE to unlimited.| common/Seccomp.cpp:256
frk-00032-00032 2019-10-13 02:20:56.165022 [ forkit ] INF  Ignored setting RLIMIT_NOFILE to unlimited.| common/Seccomp.cpp:256
loolforkit version details: 4.0.6 - 79f3ef2
frk-00032-00032 2019-10-13 02:20:56.165143 [ forkit ] FTL  Capability cap_sys_chroot is not set for the loolforkit program.| kit/ForKit.cpp:170
frk-00032-00032 2019-10-13 02:20:56.165251 [ forkit ] FTL  Capability cap_mknod is not set for the loolforkit program.| kit/ForKit.cpp:170
frk-00032-00032 2019-10-13 02:20:56.165331 [ forkit ] FTL  Capability cap_fowner is not set for the loolforkit program.| kit/ForKit.cpp:170
FATAL: Capabilities are not set for the loolforkit program.
Please make sure that the current partition was *not* mounted with the 'nosuid' option.
If you are on SLES11, please set 'file_caps=1' as kernel boot option.

I'm not sure what the remaining settings are that are needed for this.

Also - I would recommend linking to this github has the Homepage for the charm, took me a while to find this repo.

Routhinator commented 4 years ago

Example of the lxd-profile from Kube worker https://github.com/charmed-kubernetes/charm-kubernetes-worker/blob/master/lxd-profile.yaml

Routhinator commented 4 years ago

I got this working finally by applying a profile that was based on the kubernetes worker charm and I had to also add

linux.kernel_modules "aufs"
erik78se commented 4 years ago

@Routhinator I could use some help improving on this charm.

I run currently on a MAAS cloud and would love to have the changes you proposed merged into this working with lxd.

Would you be able to submit a PR ?