This is an old revision of the document!
LXD
install
sudo add-apt-repository --yes ppa:ubuntu-lxc/lxd-stable sudo apt update sudo apt install lxd # create zfs dataset on pool rpool zfs create rpool/lxd # create lxd storage called zfspool using previous defined dataset lxc storage create zfspool zfs source=rpool/lxd # define default storage pool lxc profile device add default root disk path=/ pool=zfspool # initialize network sudo lxd init
Because group membership is only applied at login, you then either need to close and re-open your user session or use the “newgrp lxd” command in the shell you're going to interact with lxd from
newgrp lxd
- lxc-prepare (chmod +x)
#!/bin/bash NAME=$1 ALIAS=$2 ALIAS=${ALIAS:=xenial} lxc image show $ALIAS >/dev/null 2>&1 if [ ! $? = 0 ]; then echo lxc image copy images:ubuntu/xenial/amd64 local: --alias xenial exit 0 fi if [ ! -f /etc/apt/apt.conf.d/proxy.conf ]; then sudo apt install apt-cacher-ng PROXY=$( lxc network show lxdbr0 | sed -n 's/\s\+ipv4.address: \([0-9\.]\+\).*/\1/p' ) echo "Acquire::http::Proxy \"http://$PROXY:3142\";" | sudo tee /etc/apt/apt.conf.d/proxy.conf echo "PfilePattern = .*" | sudo tee -a /etc/apt-cacher-ng/acng.conf echo "PassThroughPattern: .*" | sudo tee -a /etc/apt-cacher-ng/acng.conf systemctl restart apt-cacher-ng fi lxc info $NAME >/dev/null 2>&1 if [ ! $? = 0 ]; then lxc launch $ALIAS $NAME fi if [ -f /etc/apt/apt.conf.d/proxy.conf ]; then lxc file push /etc/apt/apt.conf.d/proxy.conf $NAME/etc/apt/apt.conf.d/ fi lxc file push /etc/inputrc $NAME/etc/
basic
list remote images
lxc image list images:
auto update remote images
lxc config set images.auto_update_cached true
import image
lxc image copy images:ubuntu/xenial/amd64 local: --alias xenial
create profile
lxc profile create juju-default cat profile.yaml | lxc profile edit juju-default
profile.yaml
name: juju-default config: boot.autostart: "true" security.nesting: "true" security.privileged: "true" linux.kernel_modules: openvswitch,nbd,ip_tables,ip6_tables devices: eth0: mtu: "9000" name: eth0 nictype: bridged parent: br-mng type: nic kvm: path: /dev/kvm type: unix-char mem: path: /dev/mem type: unix-char root: path: / type: disk tun: path: /dev/net/tun type: unix-char
create container from local image
lxc image list lxc launch xenial test1 --profile juju-default
create container from remote image
lxc launch images:ubuntu/xenial/amd64 xenial1 lxc config set xenial1 boot.autostart false lxc list
bash inside
lxc exec trusty1 -- /bin/bash
stop and delete
lxc stop trusty1 lxc delete trusty1
autostart on host boot
lxc config set <name> boot.autostart true
show container configuration
lxc config show <name>
proxy
apt install apt-cacher-ng NAME=x11test lxc file push /etc/apt/apt.conf.d/proxy.conf $NAME/etc/apt/apt.conf.d/
- /etc/apt/apt.conf.d/proxy
Acquire::http::Proxy "http://10.106.191.1:3142";
servers
prepare lxd server
# bind to port 8443 lxc config set core.https_address "[::]" # password lxc config set core.trust_password some-password
from client add remote server
lxc remote add myserver <ip address or DNS>
run command
lxc exec myserver:trusty1 -- bash
xorg integration
container
create container
NAME=x11test lxc launch images:ubuntu/xenial/amd64 $NAME
install simpler X program
lxc exec $NAME -- apt install xterm
set DISPLAY env to xorg server on host
lxc config set x11test environment.DISPLAY <ip-of-host-lxdbr0-bridge>:0
on host
for gmd (ubuntu >= 17.10) or …
- /etc/gdm3/custom.conf
[security] DisallowTCP=false [xdmcp] Enable=true
… or for lightdm
- /etc/lightdm/lightdm.conf
xserver-allow-tcp=true xserver-command=X -listen tcp
add ip of container on /etc/X0.hosts
NAME=x11test lxc info $NAME | sed -n "s/\s*eth0:\s*inet\s\([0-9\.]*\).*/\1/p" >> /etc/X0.hosts
launch X application in container
xhost + lxc exec $NAME -- xterm
audio integration
misc devices
lxc config device add <name> rfxcom unix-char path=/dev/ttyACM0 lxc config device set <name> rfxcom mode 666
share folder
echo "root:$UID:1" | sudo tee -a /etc/subuid echo "root:$GID:1" | sudo tee -a /etc/subgid # lxc init stretch giano lxc config set giano raw.idmap "both $UID $UID" # source is on host, path is inside container lxc config device add giano develop disk source=/mnt/giano path=/mnt/giano
migration
on host-destination
lxc config set core.https_address 0.0.0.0:8443 lxc config set core.trust_password PASSWORDhere
on host-origin
# add destination lxd lxc remote add other-server <ip-address> # take snap0 on gianocop container lxc snapshot gianocop snap0 lxc copy gianocop/snap0 other-server:gianocop --verbose lxc delete gianocop/snap0