Linux Containers

Linux Containers

Infrastructure for container projects. linuxcontainers.org is the umbrella project behind LXC, LXD and LXCFS. The goal is to offer a distro and vendor neutral environment for the development of Linux container technologies. Our main focus is system containers. That is, containers which offer an environment as close as possible as the one you'd get from a VM but without the overhead that comes with running a separate kernel and simulating all the hardware. Homepage

• The LXD 2.0: Blog post series [0/12]

• ArchLinux Linux Containers

• Layer 3 Networking Blog

• LXC 1.0: Blog post series [0/10]

• IBM LXC: Linux container tools

• LXD 2.0: Introduction to LXD [1/12]

1 2 3

user@workstation:~$ sudo apt update

user@workstation:~$ sudo apt install lxc lxc-templates wget bridge-utils

user@workstation:~$ sudo apt-get install zfsutils-linux
user@workstation:~$ sudo apt install lxd
user@workstation:~$ sudo apt install lxd-client

user@workstation:~$ sudo lxd init
Do you want to configure a new storage pool (yes/no) [default=yes]? 
Name of the storage backend to use (dir or zfs) [default=zfs]: 
Create a new ZFS pool (yes/no) [default=yes]? 
Name of the new ZFS pool or dataset [default=lxd]: 
Would you like to use an existing block device (yes/no) [default=no]? 
Size in GB of the new loop device (1GB minimum) [default=42]: 
Would you like LXD to be available over the network (yes/no) [default=no]? yes
Address to bind LXD to (not including port) [default=all]: 
Port to bind LXD to [default=8443]: 
Trust password for new clients: 
Again: 
Do you want to configure the LXD bridge (yes/no) [default=yes]? 
Warning: Stopping lxd.service, but it can still be activated by:
  lxd.socket
LXD has been successfully configured.
user@workstation:~$

user@workstation:~$ sudo adduser user lxd
The user `user' is already a member of `lxd'.
user@workstation:~$ newgrp lxd

user@workstation:~$ sudo lxc-checkconfig
Kernel configuration not found at /proc/config.gz; searching...
Kernel configuration found at /boot/config-4.13.0-36-generic
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Warning: newuidmap is not setuid-root
Warning: newgidmap is not setuid-root
Network namespace: enabled

--- Control groups ---
Cgroup: enabled
Cgroup clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
Bridges: enabled
Advanced netfilter: enabled
CONFIG_NF_NAT_IPV4: enabled
CONFIG_NF_NAT_IPV6: enabled
CONFIG_IP_NF_TARGET_MASQUERADE: enabled
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled
FUSE (for use with lxcfs): enabled

--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

user@workstation:~$

user@workstation:~$ lxc list
+------+-------+------+------+------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------+-------+------+------+------+-----------+
user@workstation:~$

user@workstation:~$ lxc image list images:

user@workstation:~$ lxc launch ubuntu:16.04
Creating the container
Container name is: causal-monitor           
Starting causal-monitor
user@workstation:~$

user@workstation:~$ lxc exec causal-monitor bash
root@causal-monitor:~# ls
root@causal-monitor:~# ls /
bin   dev  home  lib64  mnt  proc  run   snap  sys  usr
boot  etc  lib   media  opt  root  sbin  srv   tmp  var
root@causal-monitor:~#

user@workstation:~$ lxc launch images:alpine/edge
Creating the container
Container name is: prime-mole                 
Starting prime-mole
user@workstation:~$

user@workstation:~$ lxc exec prime-mole ash
~ # ls
~ # ls /
bin    etc    lib    mnt    root   sbin   sys    usr
dev    home   media  proc   run    srv    tmp    var
~ #

user@workstation:~$ lxc list
+----------------+---------+---------------------+------+------------+-----------+
|      NAME      |  STATE  |        IPV4         | IPV6 |    TYPE    | SNAPSHOTS |
+----------------+---------+---------------------+------+------------+-----------+
| causal-monitor | RUNNING | 10.27.70.225 (eth0) |      | PERSISTENT | 0         |
+----------------+---------+---------------------+------+------------+-----------+
| prime-mole     | RUNNING | 10.27.70.224 (eth0) |      | PERSISTENT | 0         |
+----------------+---------+---------------------+------+------------+-----------+
user@workstation:~$

user@workstation:~$ ls /var/lib/lxd/
containers  devlxd  lxd.db    server.crt  shmounts   unix.socket
devices     images  security  server.key  snapshots  zfs.img
user@workstation:~$

user@workstation:~$ sudo ls -l /var/lib/lxd/containers/
total 5
lrwxrwxrwx 1 root   root     42 mar 11 17:56 causal-monitor -> /var/lib/lxd/containers/causal-monitor.zfs
drwxr-xr-x 4 165536 165536    5 mar 11 17:55 causal-monitor.zfs
-rw-r--r-- 1 root   root   2148 mar 11 18:00 lxc-monitord.log
lrwxrwxrwx 1 root   root     38 mar 11 18:00 prime-mole -> /var/lib/lxd/containers/prime-mole.zfs
drwxr-xr-x 4 165536 165536    5 mar 11 18:00 prime-mole.zfs
user@workstation:~$ sudo ls -l /var/lib/lxd/containers/prime-mole
lrwxrwxrwx 1 root root 38 mar 11 18:00 /var/lib/lxd/containers/prime-mole -> /var/lib/lxd/containers/prime-mole.zfs
user@workstation:~$ sudo ls -l /var/lib/lxd/containers/causal-monitor
lrwxrwxrwx 1 root root 42 mar 11 17:56 /var/lib/lxd/containers/causal-monitor -> /var/lib/lxd/containers/causal-monitor.zfs
user@workstation:~$

Storage

Issues

• 1