The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.

2.2.20 Linux Containers

  • The Linux Containers package (lxc) is available for the x86-64 architecture with UEK R3 but not i386.

  • The correct operation of containers might require that you completely disable SELinux on the host system. For example, SELinux can interfere with container operation under the following conditions:

    • Running the halt or shutdown command from inside the container hangs the container or results in a permission denied error. (An alternate workaround is to use the init 0 command from inside the container to shut it down.)

    • Setting a password inside the container results in a permission denied error, even when run as root.

    • You want to allow ssh logins to the container. ssh logins are possible with SELinux enabled if you install the lxc-0.9.0-2.0.5 package (or later version of this package).

    To disable SELinux on the host:

    1. Edit the configuration file for SELinux, /etc/selinux/config and set the value of the SELINUX directive to disabled.

    2. Shut down and reboot the host system.

  • The default location for a container's configuration has changed from /etc/lxc/name to /container/name in lxc 0.8.0 onward.

    To start a container that you created with a previous update of Oracle Linux, specify the -f option to lxc-start, for example: 

    # lxc-start -n ol6u3 -f /etc/lxc/ol6u3/config

    To convert an existing container to use the new location:

    1. Move the container's configuration directory to /container/name: 

      # mv /etc/lxc/name /container

    2. Edit the /container/name/config file and change the values of any lxc.rootfs and lxc.mount parameters to refer to /container instead of /etc/lxc.

      For example, the config file might contain the following entries: 

      lxc.rootfs = /etc/lxc/example/rootfs
lxc.mount.entry=/lib /etc/lxc/example/rootfs/lib none ro,bind 0 0
lxc.mount.entry=/usr/lib /etc/lxc/example/rootfs/usr/lib none ro,bind 0 0
lxc.mount.entry=/lib64 /etc/lxc/example/rootfs/lib64 none ro,bind 0 0
lxc.mount.entry=/usr/lib64 /etc/lxc/example/rootfs/usr/lib64 none ro,bind 0 0

      You would change these entries to read: 

      lxc.rootfs = /container/example/rootfs
lxc.mount.entry=/lib /container/example/rootfs/lib none ro,bind 0 0
lxc.mount.entry=/usr/lib /container/example/rootfs/usr/lib none ro,bind 0 0
lxc.mount.entry=/lib64 /container/example/rootfs/lib64 none ro,bind 0 0
lxc.mount.entry=/usr/lib64 /container/example/rootfs/usr/lib64 none ro,bind 0 0

    After converting the container, you do not need to specify the -f option to lxc-start. (Bug ID 15967411)

  • Attempting to create an lxc-oracle container on a remote file system mounted using NFS v4 fails. In addition, attempting to mount a remote file system using NFS v4 from within an lxc-oracle container also fails. The workaround is to use NFS v3 instead. (Bug ID 16316266)

Copyright © 2014, 2021, Oracle and/or its affiliates. Legal Notices