ruanbekker/lxd-usage.txt

## lxd-usage.txt
Docs - LXD Helpful Docs:
https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/
https://www.flockport.com/flockport-first-look-at-lxd/
http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/

Docs - Installation:
http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/

Docs - API:
https://linuxcontainers.org/lxd/getting-started-cli/

Docs - Images:
https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/

Installation:
# apt install lxd -y
# newgrp lxd
# lxd init
# /etc/init.d/lxd restart

Images: Setting up Remote Repository for Images:
# lxc remote list
# lxc remote add <repo-name> <endpoint>
# lxc remote add images images.linuxcontainers.org

Images: Listing remote images from the repo that was created:
# lxc image list images:

Images: Listing images from Ubuntu repo:
# lxc image list ubuntu:

Images: you can have multiple lxd nodes, all pointing to one central lxd image repostiry
# lxc remote add 10.79.1.1 'lxd-node-1' --password='password'
# lxc list lxd-node-1:

Images: Importing image to your local image repository
# lxc image copy images:debian/jessie/amd64 local: --alias debian-jessie --auto-update

Launch: Launch a container without starting it:
# lxc init images:16.04 ubuntu-16
# lxc init local:<image-name> <your-container-name> (creating a container from your local repo)

Launch: Start a container:
# lxc launch images:16.04 ubuntu-16 (create container and launch)

Controlling: Controlling a Container
# lxc list (lists all containers)
# lxc list lxd-master-1: (lists containers on lxd-master-1 from a remote node)
# lxc start <container-name>
# lxc stop <container-name>
# lxc delete <container-name> --force (stops it for you, then delete)

Controlling: Access a container:
# lxc exec mycontainer /bin/bash

Controlling: Executing commands from the host:
# lxc exec mycontainer -- ifconfig

Copy: Making a exact copy of the container:
# lxc copy mycontainer mycontainer2

Storage: Add shared disk/paths
# --> https://www.stgraber.org/2016/04/25/lxd-2-0-live-migration-912/
# chown 100000:100000 /tmp/shared
# lxc config device add mycontainer sharedtmp disk \
                  path=/tmp/shared source=/tmp/shared

# --> http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/

Publish Images to your store from created containers:
# --> https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/
# lxc publish mycontainer --alias="myimage-mycontainer"

Published Images: Editing metadata
# lxc image edit myimage

autoupdate: false
properties:
  description: My Description of mycontainer
public: false


Export: Exporting Images
# lxc image export local:test1 .

Output is in .
root@lxd:/home/ubuntu/n# ls
767a2bafeaef7cc7d140bbde9a0d598f3aa561f8313cc6b01bc4e9c991f85f56.tar.xz
meta-767a2bafeaef7cc7d140bbde9a0d598f3aa561f8313cc6b01bc4e9c991f85f56.tar.xz


Export/Import:
# lxc image export mycontainer myc-2016-11-01
# lxc image import myc-2016-11-01


Import:
# lxc image list local:
# lxc image alias create local:test1 767a2bafeaef
# lxc image import <metadata tarball> <rootfs tarball> --alias some-name


Profiles:
# -- > https://www.flockport.com/flockport-first-look-at-lxd/

# lxc profile get default limits.cpu
# lxc profile show default
# lxc profile device get default eth0 nictype


Profiles: Create new profile
# lxc profile create myprofile1
# lxc profile device add myprofile1 eth0 nic nictype=bridged parent=lxcbr0
# lxc profile device add myprofile1 tuntap unix-char path=/dev/net/tun
# lxc config device add myprofile1 eth0 nic nictype=macvlan parent=eth0
# lxc init ubuntu my-container -p myprofile1

Controlling Resources:
# lxc config set myct limits.cpu 1
# lxc config set myct limits.memory 512MB
# lxc config set myct limits.memory.swap false
# --> https://www.stgraber.org/2016/03/26/lxd-2-0-resource-control-412/

Privileged Containers:
# lxc launch <image-name> <ctname>
# lxc stop ctname --force
# lxc config set ctname security.privileged true
# lxc config device add dokku-alt tun unix-char path=/dev/net/tun (Adding Tun/Tap)
# lxc start ctname


# debian issue:
apt-get install --reinstall -y systemd dbus

Snapshots: Create a snapshot
# lxc snapshot mycontainer mycontainer-backup1

Snapshots: Create container from snapshot
# lxc copy local:mycontainer/mycontainer-backup1 newcontainer


== Networking:
OpenVSwitch to have networking between hosts
https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/
https://www.flockport.com/lxc-networking-guide/ (DHCP)

== Docker in LXD:
https://insights.ubuntu.com/2016/04/15/docker-1-10-with-fan-networking-in-ubuntu-16-04-for-every-architecture/

== Overlay on LXD:
https://wiki.ubuntu.com/FanNetworking
https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/
https://www.flockport.com/lxc-networking-guide/
https://insights.ubuntu.com/2016/04/15/docker-1-10-with-fan-networking-in-ubuntu-16-04-for-every-architecture/
https://lxadm.com/Unicast_VXLAN:_overlay_network_for_multiple_servers_with_dozens_of_containers
https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/
https://lxadm.com/Unicast_VXLAN:_overlay_network_for_multiple_servers_with_dozens_of_containers
https://www.flockport.com/build-layer2-and-layer-3-overlay-networks-with-peervpn/

== Peer VPN
wget http://peervpn.net/files/peervpn-0-044.tar.gz
tar -xvf peervpn-0-044.tar.gz
apt-get install gcc make openssl libssl-dev -y
cd peervpn-0-044

#side a
cat > peervpn.conf << EOF
networkname lxdnet
psk random-secret-value
enabletunneling yes
interface peervpn0
ifconfig4 10.254.99.2/24
port 7000
initpeers 172.10.20.5 7000
EOF

# side b

cat > peervpn.conf << EOF
networkname lxdnet
psk random-secret-value
enabletunneling yes
interface peervpn0
ifconfig4 10.254.99.3/24
port 7000
initpeers 172.10.20.6 7000
EOF

make
make install
screen
./peervpn peervpn.conf

ip link set dev peervpn0 master lxdbr0
/etc/init.d/lxd restart
ip link show
	Docs - LXD Helpful Docs:
	https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/
	https://www.flockport.com/flockport-first-look-at-lxd/
	http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/

	Docs - Installation:
	http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/

	Docs - API:
	https://linuxcontainers.org/lxd/getting-started-cli/

	Docs - Images:
	https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/

	Installation:
	# apt install lxd -y
	# newgrp lxd
	# lxd init
	# /etc/init.d/lxd restart

	Images: Setting up Remote Repository for Images:
	# lxc remote list
	# lxc remote add <repo-name> <endpoint>
	# lxc remote add images images.linuxcontainers.org

	Images: Listing remote images from the repo that was created:
	# lxc image list images:

	Images: Listing images from Ubuntu repo:
	# lxc image list ubuntu:

	Images: you can have multiple lxd nodes, all pointing to one central lxd image repostiry
	# lxc remote add 10.79.1.1 'lxd-node-1' --password='password'
	# lxc list lxd-node-1:

	Images: Importing image to your local image repository
	# lxc image copy images:debian/jessie/amd64 local: --alias debian-jessie --auto-update

	Launch: Launch a container without starting it:
	# lxc init images:16.04 ubuntu-16
	# lxc init local:<image-name> <your-container-name> (creating a container from your local repo)

	Launch: Start a container:
	# lxc launch images:16.04 ubuntu-16 (create container and launch)

	Controlling: Controlling a Container
	# lxc list (lists all containers)
	# lxc list lxd-master-1: (lists containers on lxd-master-1 from a remote node)
	# lxc start <container-name>
	# lxc stop <container-name>
	# lxc delete <container-name> --force (stops it for you, then delete)

	Controlling: Access a container:
	# lxc exec mycontainer /bin/bash

	Controlling: Executing commands from the host:
	# lxc exec mycontainer -- ifconfig

	Copy: Making a exact copy of the container:
	# lxc copy mycontainer mycontainer2

	Storage: Add shared disk/paths
	# --> https://www.stgraber.org/2016/04/25/lxd-2-0-live-migration-912/
	# chown 100000:100000 /tmp/shared
	# lxc config device add mycontainer sharedtmp disk \
	path=/tmp/shared source=/tmp/shared

	# --> http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/

	Publish Images to your store from created containers:
	# --> https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/
	# lxc publish mycontainer --alias="myimage-mycontainer"

	Published Images: Editing metadata
	# lxc image edit myimage

	autoupdate: false
	properties:
	description: My Description of mycontainer
	public: false


	Export: Exporting Images
	# lxc image export local:test1 .

	Output is in .
	root@lxd:/home/ubuntu/n# ls
	767a2bafeaef7cc7d140bbde9a0d598f3aa561f8313cc6b01bc4e9c991f85f56.tar.xz
	meta-767a2bafeaef7cc7d140bbde9a0d598f3aa561f8313cc6b01bc4e9c991f85f56.tar.xz


	Export/Import:
	# lxc image export mycontainer myc-2016-11-01
	# lxc image import myc-2016-11-01


	Import:
	# lxc image list local:
	# lxc image alias create local:test1 767a2bafeaef
	# lxc image import <metadata tarball> <rootfs tarball> --alias some-name


	Profiles:
	# -- > https://www.flockport.com/flockport-first-look-at-lxd/

	# lxc profile get default limits.cpu
	# lxc profile show default
	# lxc profile device get default eth0 nictype


	Profiles: Create new profile
	# lxc profile create myprofile1
	# lxc profile device add myprofile1 eth0 nic nictype=bridged parent=lxcbr0
	# lxc profile device add myprofile1 tuntap unix-char path=/dev/net/tun
	# lxc config device add myprofile1 eth0 nic nictype=macvlan parent=eth0
	# lxc init ubuntu my-container -p myprofile1

	Controlling Resources:
	# lxc config set myct limits.cpu 1
	# lxc config set myct limits.memory 512MB
	# lxc config set myct limits.memory.swap false
	# --> https://www.stgraber.org/2016/03/26/lxd-2-0-resource-control-412/

	Privileged Containers:
	# lxc launch <image-name> <ctname>
	# lxc stop ctname --force
	# lxc config set ctname security.privileged true
	# lxc config device add dokku-alt tun unix-char path=/dev/net/tun (Adding Tun/Tap)
	# lxc start ctname


	# debian issue:
	apt-get install --reinstall -y systemd dbus

	Snapshots: Create a snapshot
	# lxc snapshot mycontainer mycontainer-backup1

	Snapshots: Create container from snapshot
	# lxc copy local:mycontainer/mycontainer-backup1 newcontainer


	== Networking:
	OpenVSwitch to have networking between hosts
	https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/
	https://www.flockport.com/lxc-networking-guide/ (DHCP)

	== Docker in LXD:
	https://insights.ubuntu.com/2016/04/15/docker-1-10-with-fan-networking-in-ubuntu-16-04-for-every-architecture/

	== Overlay on LXD:
	https://wiki.ubuntu.com/FanNetworking
	https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/
	https://www.flockport.com/lxc-networking-guide/
	https://insights.ubuntu.com/2016/04/15/docker-1-10-with-fan-networking-in-ubuntu-16-04-for-every-architecture/
	https://lxadm.com/Unicast_VXLAN:_overlay_network_for_multiple_servers_with_dozens_of_containers
	https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/
	https://lxadm.com/Unicast_VXLAN:_overlay_network_for_multiple_servers_with_dozens_of_containers
	https://www.flockport.com/build-layer2-and-layer-3-overlay-networks-with-peervpn/

	== Peer VPN
	wget http://peervpn.net/files/peervpn-0-044.tar.gz
	tar -xvf peervpn-0-044.tar.gz
	apt-get install gcc make openssl libssl-dev -y
	cd peervpn-0-044

	#side a
	cat > peervpn.conf << EOF
	networkname lxdnet
	psk random-secret-value
	enabletunneling yes
	interface peervpn0
	ifconfig4 10.254.99.2/24
	port 7000
	initpeers 172.10.20.5 7000
	EOF

	# side b

	cat > peervpn.conf << EOF
	networkname lxdnet
	psk random-secret-value
	enabletunneling yes
	interface peervpn0
	ifconfig4 10.254.99.3/24
	port 7000
	initpeers 172.10.20.6 7000
	EOF

	make
	make install
	screen
	./peervpn peervpn.conf

	ip link set dev peervpn0 master lxdbr0
	/etc/init.d/lxd restart
	ip link show