Skip to content

Instantly share code, notes, and snippets.

@gipi

gipi/README.md

Last active May 25, 2019 21:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save gipi/10575066 to your computer and use it in GitHub Desktop.
Save gipi/10575066 to your computer and use it in GitHub Desktop.
Download ZIP
#lxc #container #linux
Raw
README.md

Setup

Install the package lxc lxc-stuffs, and configure the cgroup mount entry in /etc/fstab

cgroup    /sys/fs/cgroup    cgroup    defaults    0    0

If is the first time mount it (# mount /sys/fs/cgroup). The final check can be done with lxc-checkconfig.

Create containers

It's possible to create a linux container using lxc-create: in order to chose the OS to use for it you can use the --template option: it takes as argument one of the scripts in /usr/share/lxc/templates/.

When created the configuration files are in /var/lib/lxc/<container name>/

It exists also command like below that presents you with a menu to choose from.

$ lxc-create -n $NAME -t download
 ...
Distribution:
debian
Release: 
stretch
Architecture: 
amd64

Downloading the image index
Downloading the rootfs
Downloading the metadata
The image cache is now ready
Unpacking the rootfs

---
You just created a Debian stretch amd64 (20190525_05:24) container.

To enable SSH, run: apt install openssh-server
No default root or user password are set by LXC.

Start a container

lxc-start -n $NAME

this starts but does not present you with a console, you instead need to use lxc-console:

$ lxc-console -n test

Connected to tty 1
Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself

Debian GNU/Linux 9 test pts/0

test login:

NETWORKING

As default the networking is "empty", in order to be able to connect you have to use the veth device

# Network configuration
lxc.network.type=veth
lxc.network.link=lxcbr0
lxc.network.ipv4=10.0.0.100
lxc.network.ipv4.gateway=10.0.0.1
lxc.network.flags=up
lxc.network.name=eth0
lxc.network.mtu=1500

using a bridge named lxcbr0 that can be created and activated with the following commands

# brctl addbr lxcbr0

configured with the gateway address

# ifconfig lxcbr0 10.0.0.1/24 up

Remeber to allow forwarding from the host computer

# sysctl net.ipv4.ip_forward=1
# iptables -t nat -A POSTROUTING -s 10.0.0.100 -o eth0 -j MASQUERADE

The following I don't understand if are useful to the namespace programmed case # ifconfig lxcbr0 up # brctl setfd lxcbr0 0 # brctl addif lxcbr0 eth0

Vagrant

Exists a plugin that allows to use lxc with vagrant

https://github.com/fgrehm/vagrant-lxc

This plugin can be installed with

$ vagrant plugin install vagrant-lxc
$ vagrant init fgrehm/wheezy64-lxc
$ vagrant up --provider=lxc

Links

Raw
config
# Distribution configuration
lxc.include = /usr/share/lxc/config/common.conf
lxc.arch = linux64
# Container specific configuration
lxc.apparmor.profile = generated
lxc.apparmor.allow_nesting = 1
lxc.rootfs.path = dir:/var/lib/lxc/test/rootfs
lxc.uts.name = test
# network
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:c1:61:b7
lxc.mount.entry=/hack hack none bind,create=dir 0 0
#lxc.idmap = u 1000 1000 1
#lxc.idmap = g 1000 1000 1
#lxc.idmap = u 0 100000 65536
#lxc.idmap = g 0 100000 65536
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment