The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Proxmox v4.1 and cPanel on Centos 7 (lxc)

Discussion in 'General Discussion' started by Karateka, Dec 14, 2015.

  1. Karateka

    Karateka Active Member

    Joined:
    Apr 14, 2003
    Messages:
    32
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Austin, Texas
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    I have installed cPanel on Proxmox 4.1 (the host node is running Jessie) with a Centos 7 lxc.

    However, some services are marked as failed in the system monitor, when they are actually up.
    So whilst troubleshooting this, I came across the following regarding required changes to Centos 7:
    Linux Containers and cPanel & WHM - Documentation - cPanel Documentation


    I added the following lines to /etc/pve/lxc/VMID.conf

    lxc.include = /usr/share/lxc/config/fedora.common.conf
    lxc.aa_profile = unconfined
    lxc.cap.drop = setpcap
    lxc.cap.drop = setfcap

    I understand this is the cPanel forum, but the problem appears to be somewhere between cPanel and Proxmox, so I am seeking support in both worlds. Maybe someone came across the issue?

    However, adding the aforementioned lines doesn't seem to make a difference, so I am wondering:
    Where is the proper place to add the required lines?
    Am I using the proper syntax?
    What am I missing to get cPanel's instructions to work with Proxmox 4.1?
     
  2. Karateka

    Karateka Active Member

    Joined:
    Apr 14, 2003
    Messages:
    32
    Likes Received:
    1
    Trophy Points:
    8
    Location:
    Austin, Texas
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello,

    One of the things I noticed is that directories such as "/proc/sys", "/proc/sysrq-trigger", and "/sys" are all marked as read-only in the lxc container. I believe this is intentionally on Proxmox 4.1 “lxc" servers due to their apparmor requirement.
    The strace output from the restart scripts (which use the same mechanism to as chkservd to check a process' status) does seem to touch these directories briefly, and I think removing the read-only status from the directories might help, mainly because cPanel suggests the unconfined setting for a reason and the mounts look quite different compared to what is going on with Proxmox v3.

    In addition to this, the new Proxmox VM currently appears to be operating in RunLevel "5", rather than in RunLevel "3". I suspect that this may also have something to do with chkservd's problems on CentOS 7. I have opened a new support ticket with Proxmox on correcting the read-only mounts on "/proc" and "/sys" and having the lxc server booted in RunLevel 3 to see if this alleviates any issues.

    I am currently running a new and fresh install of cPanel and will follow up on the exact failed services in a bit.
     
Loading...

Share This Page