-
-
Notifications
You must be signed in to change notification settings - Fork 642
Make Drupal VM work with vagrant-lxc #649
Comments
In the docs we have a section on extending Drupal VM with custom providers, and an example using the
Hm why did you have to remove the firewall rules? Maybe that's something we can improve. Are there any error messages?
Yes you can use the Note: if you're reading the docs about pre- and post provision scripts. The section on ansible task files is for the upcoming Drupal VM 3.0.0, and they're not available in 2.5.1 |
Also, for |
Thanks for the reply!
I had to remove it because it says that it can't find ufw service. I wrote that I was able to force it to work, but actually it doesn't work.
But eventually I can't load http://drupalvm.dev/. I see white screen and unceasing loading. Do you have any thoughts why this is happening? |
@nortmas - Maybe a networking issue, or a different firewall is in place? Can you ping the IP set in config.yml and get a response from your host? Also, inside the VM, can you curl drupalvm.dev and get a response? Finally, can you check |
I've had a similar experience with needing to remove the ufw task when using fgrehm/trusty64-lxc. IIRC I also have modified part of the network configuration or setup a bridge. Most of my use of vagrant-lxc has been ci type tests inside the vagrant. |
Interesting... sounds like I need to boot a couple flavors of Linux on my Lenovo and get to testing! |
Sorry for the delay.
No. It doesn't work.
It doesn't work.
Here is what I see: http://screencloud.net/v/b8E5
Great Idea :) Have you been able to make it work? |
@geerlingguy @joestewart @oxyc |
Got it to work but the set up is different, using Had to hack the Vagrantfile to add Other than that got an issue with the firewall role and centos7 (removed it altogether from |
@theodoreb - Awesome, glad you could get it working and thanks for posting the details! Did you try with the 3.5.0 version/master of Drupal VM, or 3.4.0? The firewall role just got updated with a systemd unit file that affects how the service is started/managed, and that might fix the issue (depending on what it was). |
Pretty sure it's 3.5.0, will double check monday. Made it all work on friday so it's all pretty recent |
Install stuff: # Install vagrant
wget https://releases.hashicorp.com/vagrant/1.9.0/vagrant_1.9.0_x86_64.deb
sudo dpkg -i vagrant_1.9.0_x86_64.deb
# Install ansible
sudo apt-get install software-properties-common
sudo apt-add-repository ppa:ansible/ansible
sudo apt-get update
sudo apt-get install ansible
# Install LXC stuff
sudo apt-get install lxc bridge-utils
vagrant plugin install vagrant-lxc Create config.vm.networks[0][1][:lxc__bridge_name] = 'vlxcbr1'
config.vm.provider :lxc do |lxc|
lxc.customize 'cgroup.memory.limit_in_bytes', "#{vconfig['vagrant_memory']}M"
end Create vagrant_box: fgrehm/trusty64-lxc
drupalvm_disable_ufw_firewall: false Provision vagrant up --provider=lxc This fails because of:
Anyone knows why this happens or how I can debug it further? Happens on Ubuntu 15.04 host, and Vagrant 1.8.6 as well as 1.9.0. Outdated LXC boxes maybe? vagrant@vagrant:~/drupal-vm$ ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:ca:1e:4d
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:feca:1e4d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:6720 errors:0 dropped:0 overruns:0 frame:0
TX packets:3654 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8054759 (8.0 MB) TX bytes:276629 (276.6 KB)
eth1 Link encap:Ethernet HWaddr 08:00:27:6b:e0:53
inet addr:192.168.1.105 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe6b:e053/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:48 errors:0 dropped:0 overruns:0 frame:0
TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4358 (4.3 KB) TX bytes:1930 (1.9 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:300 (300.0 B) TX bytes:300 (300.0 B)
lxcbr0 Link encap:Ethernet HWaddr 00:16:3e:00:00:00
inet addr:10.0.3.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe00:0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4058 errors:0 dropped:0 overruns:0 frame:0
TX packets:6186 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:280794 (280.7 KB) TX bytes:8059408 (8.0 MB)
veth1pl7451 Link encap:Ethernet HWaddr c2:e1:a9:a6:94:c8
inet6 addr: fe80::c0e1:a9ff:fea6:94c8/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:15 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:828 (828.0 B) TX bytes:1206 (1.2 KB)
veth8FS072 Link encap:Ethernet HWaddr fe:ca:94:9e:cc:37
inet6 addr: fe80::fcca:94ff:fe9e:cc37/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1902 errors:0 dropped:0 overruns:0 frame:0
TX packets:2997 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:152637 (152.6 KB) TX bytes:4016466 (4.0 MB)
vlxcbr1 Link encap:Ethernet HWaddr c2:e1:a9:a6:94:c8
inet addr:192.168.88.254 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::10b1:a9ff:feac:92f4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:688 (688.0 B) TX bytes:648 (648.0 B) This happens on both If I switch to rsync instead of NFS I can continue my testing. Provision works! We could improve the UX by defaulting drupalvm_disable_ufw_firewall to true on docker and lxc. - name: Define drupalvm_disable_ufw_firewall.
set_fact:
drupalvm_disable_ufw_firewall: (ansible_virtualization_type != 'docker') and (ansible_virtualization_type != 'lxc')
when: drupalvm_disable_ufw_firewall is undefined We could also automatically configure the provisioner, but we might not want to commit to supporting LXC? In my opinion docs are enough no? |
I just tested with The firewall role fails when the service module tries to start it:
|
So I think the main issue is finding bare-bones boxes that were built recently. |
https://vagrantcloud.com/developerinlondon/boxes/ubuntu_lxc_xenial_x64 fails on firewall service as well.
|
I would not be opposed to building/maintaining an LXC box alongside my other ones (at least for ubuntu 16.04 and centos 7)... but it's not a priority for me at this time :P |
A hack to get passed the firewall issue is to remove executable flag from the pre_provision_scripts:
- ../disable_ip6tables.sh #!/bin/bash
ip6tables_bin="$(which ip6tables 2>/dev/null)"
if [ -x "$ip6tables_bin" ]; then
chmod -x $ip6tables_bin
fi Now on to the next issue.... The next issue is a bit worse. It's during the composer install step (happens both with composer project, and composer.json), and it basically crashes my entire laptop. It says something about read only file system, and with composer project, there seemed to have been a loop with Patching is disabled. Skipping. Once vagrant crashes (somehow it crashes in a way that With
If I try and <tab> complete in my shell it now says:
Rebooting and checking |
Install dependencies sudo apt-get install lxc bridge-utils
vagrant plugin install vagrant-lxc Create config.vm.networks[0][1][:lxc__bridge_name] = 'vlxcbr1'
config.vm.provider :lxc do |lxc|
lxc.customize 'cgroup.memory.limit_in_bytes', "#{vconfig['vagrant_memory']}M"
end Create vagrant_box: fgrehm/trusty64-lxc
drupalvm_disable_ufw_firewall: false Provision vagrant up --provider=lxc |
Running Centos7 in a VM within a VM (Ubuntu 14.04 lxc on Ubuntu 16.04 virtualbox) works. Before it was failing on a thinkpad with Ubuntu 15.04 (this could be a very messed up system to be honest). |
So the issue is that Running inside Virtualbox: $ lsmod | grep filter
iptable_filter 16384 2
ip_tables 28672 3 iptable_filter,iptable_mangle,iptable_nat
x_tables 36864 7 xt_CHECKSUM,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_conntrack,iptable_filter,iptable_mangle
$ ip6tables -L
modprobe: ERROR: could not insert 'ip6_tables': Operation not permitted
ip6tables v1.6.0: can't initialize ip6tables table `filter': Table does not exist (do you need to insmod?)
Perhaps ip6tables or your kernel needs to be upgraded.
$ sudo !!
sudo ip6tables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
$ lsmod | grep filter
ip6table_filter 16384 0
ip6_tables 28672 1 ip6table_filter
iptable_filter 16384 2
ip_tables 28672 3 iptable_filter,iptable_mangle,iptable_nat
x_tables 36864 9 ip6table_filter,xt_CHECKSUM,ip_tables,xt_tcpudp,ipt_MASQUERADE,xt_conntrack,iptable_filter,iptable_mangle,ip6_tables Unlike VirtualBox, running this within LXC wont load the BUT. Kernel modules are shared from the host. So now that it exists in VirtualBox, it automatically appears in the lxc container:
Now that |
Would be great if someone on a proper linux system could confirm if this works. @nortmas @theodoreb Install dependencies sudo apt-get install lxc bridge-utils
vagrant plugin install vagrant-lxc Load the required kernel modules. sudo modprobe iptable_filter
sudo modprobe ip6table_filter Create config.vm.networks[0][1][:lxc__bridge_name] = 'vlxcbr1'
config.vm.provider :lxc do |lxc|
lxc.customize 'cgroup.memory.limit_in_bytes', "#{vconfig['vagrant_memory']}M"
end Create # Centos7
vagrant_box: frensjan/centos-7-64-lxc
# Ubuntu 16.04
vagrant_box: nhinds/xenial64
drupalvm_disable_ufw_firewall: false Provision vagrant up --provider=lxc |
…rant-lxc" This reverts commit 2438177.
Might give this a shot on my linux install, have some other lxc containers running already. Though I have to say I look at threads like this and wonder if it wouldn't be better to drop vagrant and just use ansible's lxc support...wouldn't be drupalvm then of course... vagrant-lxc has errors with sudo...the command 'vagrant lxc sudoers' has syntax errors. I gave up after that :/ |
Issue #649: Add docs on how to use vagrant-lxc
@adrinux using lxc directly might be a better solution yes. You could use the production docs for guidance (or @geerlingguy should we keep this open or close it in favour of smaller more specific follow-ups? Afaik the Drupal VM side of it works... probably just box/platform/vagrant issues. |
@oxyc - Let's close and deal with any other issues in follow-ups. |
Hi! First of all, Nice Job! Very helpful Project!
I have two suggestions:
I forced it to work, but I faced with number of challenges.
What I did:
a) Added lines to Vagrantfile.
b) config.yml
vagrant_box: fgrehm/trusty64-lxc
c) provisioning/tasks/init-debian.yml removed lines.
It would be great if linux users have such ability from the box.
Thanks!
The text was updated successfully, but these errors were encountered: