Sidebar
tips:lxd
**This is an old revision of the document!**
Table of Contents
LXD
install
sudo add-apt-repository --yes ppa:ubuntu-lxc/lxd-stable sudo apt update sudo apt install lxd # create zfs dataset on pool rpool zfs create rpool/lxd # create lxd storage called zfspool using previous defined dataset lxc storage create zfspool zfs source=rpool/lxd # define default storage pool lxc profile device add default root disk path=/ pool=zfspool # initialize network sudo lxd init
Because group membership is only applied at login, you then either need to close and re-open your user session or use the “newgrp lxd” command in the shell you're going to interact with lxd from
newgrp lxd
- lxc-prepare (chmod +x)
#!/bin/bash NAME=$1 ALIAS=$2 ALIAS=${ALIAS:=xenial} lxc image show $ALIAS >/dev/null 2>&1 if [ ! $? = 0 ]; then echo lxc image copy images:ubuntu/xenial/amd64 local: --alias xenial exit 0 fi if [ ! -f /etc/apt/apt.conf.d/proxy.conf ]; then sudo apt install apt-cacher-ng PROXY=$( lxc network show lxdbr0 | sed -n 's/\s\+ipv4.address: \([0-9\.]\+\).*/\1/p' ) echo "Acquire::http::Proxy \"http://$PROXY:3142\";" | sudo tee /etc/apt/apt.conf.d/proxy.conf echo "PfilePattern = .*" | sudo tee -a /etc/apt-cacher-ng/acng.conf echo "PassThroughPattern: .*" | sudo tee -a /etc/apt-cacher-ng/acng.conf systemctl restart apt-cacher-ng fi lxc info $NAME >/dev/null 2>&1 if [ ! $? = 0 ]; then lxc launch $ALIAS $NAME fi if [ -f /etc/apt/apt.conf.d/proxy.conf ]; then lxc file push /etc/apt/apt.conf.d/proxy.conf $NAME/etc/apt/apt.conf.d/ fi lxc file push /etc/inputrc $NAME/etc/
basic
list remote images
lxc image list images:
auto update remote images
lxc config set images.auto_update_cached true
import image
lxc image copy images:ubuntu/xenial/amd64 local: --alias xenial
create profile
lxc profile create juju-default cat profile.yaml | lxc profile edit juju-default
profile.yaml
name: juju-default
config:
boot.autostart: "true"
security.nesting: "true"
security.privileged: "true"
linux.kernel_modules: openvswitch,nbd,ip_tables,ip6_tables
devices:
eth0:
mtu: "9000"
name: eth0
nictype: bridged
parent: br-mng
type: nic
kvm:
path: /dev/kvm
type: unix-char
mem:
path: /dev/mem
type: unix-char
root:
path: /
type: disk
tun:
path: /dev/net/tun
type: unix-char
create container from local image
lxc image list lxc launch xenial test1 --profile juju-default
create container from remote image
lxc launch images:ubuntu/xenial/amd64 xenial1 lxc config set xenial1 boot.autostart false lxc list
bash inside
lxc exec trusty1 -- /bin/bash
stop and delete
lxc stop trusty1 lxc delete trusty1
autostart on host boot
lxc config set <name> boot.autostart true
show container configuration
lxc config show <name>
proxy
apt install apt-cacher-ng NAME=x11test lxc file push /etc/apt/apt.conf.d/proxy.conf $NAME/etc/apt/apt.conf.d/
- /etc/apt/apt.conf.d/proxy
Acquire::http::Proxy "http://10.106.191.1:3142";
servers
prepare lxd server
# bind to port 8443 lxc config set core.https_address "[::]" # password lxc config set core.trust_password some-password
from client add remote server
lxc remote add myserver <ip address or DNS>
run command
lxc exec myserver:trusty1 -- bash
xorg integration
container
create container
NAME=x11test lxc launch images:ubuntu/xenial/amd64 $NAME
install simpler X program
lxc exec $NAME -- apt install xterm
set DISPLAY env to xorg server on host
lxc config set x11test environment.DISPLAY <ip-of-host-lxdbr0-bridge>:0
on host
for gmd (ubuntu >= 17.10) or …
- /etc/gdm3/custom.conf
[security] DisallowTCP=false [xdmcp] Enable=true
… or for lightdm
- /etc/lightdm/lightdm.conf
xserver-allow-tcp=true xserver-command=X -listen tcp
add ip of container on /etc/X0.hosts
NAME=x11test lxc info $NAME | sed -n "s/\s*eth0:\s*inet\s\([0-9\.]*\).*/\1/p" >> /etc/X0.hosts
launch X application in container
xhost + lxc exec $NAME -- xterm
audio integration
misc devices
lxc config device add <name> rfxcom unix-char path=/dev/ttyACM0 lxc config device set <name> rfxcom mode 666
share folder
# only first time
echo "root:$UID:1" | sudo tee -a /etc/subuid
echo "root:${id -d}:1" | sudo tee -a /etc/subgid
# for every share
# lxc init stretch giano
lxc config set giano raw.idmap "both $UID $UID"
# source is on host, path is inside container
lxc config device add giano develop disk source=/mnt/giano path=/mnt/giano
migration
on host-destination
lxc config set core.https_address 0.0.0.0:8443 lxc config set core.trust_password PASSWORDhere
on host-origin
# add destination lxd lxc remote add other-server <ip-address> # take snap0 on gianocop container lxc snapshot gianocop snap0 lxc copy gianocop/snap0 other-server:gianocop --verbose lxc delete gianocop/snap0
on host-destination delete volatile in “lxc config”
volatile.base_image: 6adc9ca1a1124ebd954ba787e83dd9318866fd0b9ddce1cffc612559cfe3bc88
volatile.eth0.hwaddr: 00:16:3e:50:f6:e8
volatile.eth0.name: eth0
volatile.idmap.base: "0"
volatile.idmap.next: '[{"Isuid":true,"Isgid":false,"Hostid":165536,"Nsid":0,"Maprange":1000},{"Isuid":true,"Isgid":true,"Hostid":1000,"Nsid":1000,"Maprange":1},{"Isuid":true,"Isgid":false,"Hostid":166537,"Nsid":1001,"Maprange":64535},{"Isuid":false,"Isgid":true,"Hostid":165536,"Nsid":0,"Maprange":1000},{"Isuid":true,"Isgid":true,"Hostid":1000,"Nsid":1000,"Maprange":1},{"Isuid":false,"Isgid":true,"Hostid":166537,"Nsid":1001,"Maprange":64535}]'
volatile.last_state.idmap: '[{"Isuid":true,"Isgid":false,"Hostid":165536,"Nsid":0,"Maprange":1000},{"Isuid":true,"Isgid":true,"Hostid":1000,"Nsid":1000,"Maprange":1},{"Isuid":true,"Isgid":false,"Hostid":166537,"Nsid":1001,"Maprange":64535},{"Isuid":false,"Isgid":true,"Hostid":165536,"Nsid":0,"Maprange":1000},{"Isuid":true,"Isgid":true,"Hostid":1000,"Nsid":1000,"Maprange":1},{"Isuid":false,"Isgid":true,"Hostid":166537,"Nsid":1001,"Maprange":64535}]'
volatile.last_state.power: STOPPED
tips/lxd.1511259258.txt.gz · Last modified: by scipio
