|
Size: 998
Comment: With bodhi.zazen
|
Size: 8357
Comment: typo: sceen -> screen
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 1: | Line 1: |
| ## BodhiZazen - I added external links to my blog. ## Sorry about that, but it is the best I can do at the moment ... ## stlsaint-making plans to transcribe blog instructions here! ## As I get a little more experience under my belt, ## and assuming the feedback goes well I plan to transcribe the blog pages here. ## ## If anyone with more experience would like to add to or comment on this information - feel free ## ## If anyone wishes to help transcribe / organize the information from my blog, again - feel free ## ## I am going to suggest breaking this documentation effort into 4 pages : ## 1. LXC Overview page. ## 2. LXC - Host configuration. ## 3. LXC - Container configuration. ## 4. LXC - Running a single process - This is more difficult then a container. ||<tablestyle="float:right; font-size: 0.9em; width:40%; background:#F1F1ED; margin: 0 0 1em 1em;" style="padding:0.5em;"><<TableOfContents(2)>>|| |
|
| Line 4: | Line 23: |
| ===== Notes ===== * Upstream libvirt support LXC. * KVM + LXC can function properly on same host. * LXC inside KVM works properly on same host. * LXC take advantage of KMS feature of new Kernels. * 64bit OS using a 32bit container. * LXC works well with btrfs. * No special hardware required. * No patch is required to the kernel, since LXC is already integrated into the Kernel. * OpenVZ Containers run on LXC, only Config modification required. |
|
| Line 6: | Line 37: |
| 1. Isolate single processes, (I.E. a webserver). 1. VPS 1. LTSP 1. Software build, testing, upgrading (think sandboxing) [[http://blog.bodhizazen.net/linux/lxc-configure-ubuntu-lucid-containers/|External link - How to Ubuntu 10.04 LXC containers]] |
|
| Line 8: | Line 46: |
| == kernel requiremetns == {{{ apt-get install lxc install lxc from git }}} |
[[http://blog.bodhizazen.net/linux/lxc-linux-containers/|External link - Ubuntu and Fedora Hosts]] == kernel requirements == The Linux container capabilities are part of the main stream linux kernel and require kernel version >= 2.6.27 (well working as of 2.6.31). There are no requirements to compile a kernel or apply patches. == User space tools (lxc) == The user space tools, or lxc, are a set of scripts that manage linux containers. You may install the lxc user space tools from the Ubuntu repositories. {{{ sudo apt-get install lxc vlan bridge-utils python-software-properties screen }}} Or download the latest stable package from sourceforge and compile them yourself. The lxc project maintains a git repository for a bleeding edge set of tools. == Networking == There are several networking options available, the consensus appears to be that bridging your network card is the best option. As such I will cover bridging your network card here, hopefully this information can be expanded. == init script == create /etc/init.d/lxc: {{{ [HW] # cat << EOF > /etc/init.d/lxc #! /bin/sh ### BEGIN INIT INFO # Provides: lxc # Required-Start: $local_fs $remote_fs $network $syslog # Required-Stop: $local_fs $remote_fs $network $syslog # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Starts/stops linux containers # Description: Provides linux container management: start, stop or # restart containers. ### END INIT INFO # Author: Nigel McNie <nigel@mcnie.name> # Author: Eduard Iskandarov <edikexp@gmail.com> #set -x PATH=/sbin:/usr/sbin:/bin:/usr/bin DESC="linux containers" NAME=lxc SCRIPTNAME=/etc/init.d/$NAME LXCPATH=/var/lib/lxc # Exit if the package is not installed [ -x /usr/bin/lxc-start ] || exit 0 . /lib/init/vars.sh . /lib/lsb/init-functions do_start() { for C in $(ls -1 $LXCPATH); do log_progress_msg "$C" if lxc-info -n $C | grep STOPPED > /dev/null 2>&1; then if [ -x /usr/bin/screen ]; then /usr/bin/screen -dmS init-${C} /usr/bin/lxc-start -n $C else lxc-start -n $C -d fi lxc-wait -n $C -s RUNNING if [ $? -gt 0 ]; then return 2 fi fi done } do_stop() { for C in $(ls -1 $LXCPATH); do log_progress_msg "$C" if lxc-info -n $C | grep RUNNING > /dev/null 2>&1; then /usr/bin/lxc-stop -n $C if [ $? -gt 0 ]; then return 2 fi fi done } do_status() { for C in $(ls -1 $LXCPATH); do log_progress_msg "$C" echo $(lxc-info -n $C) done } case "$1" in start) log_daemon_msg "Starting $DESC" #"$NAME" do_start case "$?" in 0|1) log_end_msg 0 ;; 2) log_end_msg 1 ;; esac ;; stop) log_daemon_msg "Stopping $DESC" #"$NAME" do_stop case "$?" in 0|1) log_end_msg 0 ;; 2) log_end_msg 1 ;; esac ;; status) log_daemon_msg "Status $DESC" #"$NAME" do_status ;; restart|force-reload) log_daemon_msg "Restarting $DESC" #"$NAME" do_stop case "$?" in 0|1) do_start case "$?" in 0) log_end_msg 0 ;; 1) log_end_msg 1 ;; # Old process is still running *) log_end_msg 1 ;; # Failed to start esac ;; *) # Failed to stop log_end_msg 1 ;; esac ;; *) #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2 echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2 exit 3 ;; esac : EOF }}} update rc.d: {{{ [HW] # update-rc.d lxc defaults }}} [[http://ugatu.net/wiki/LXC|source]] |
| Line 15: | Line 190: |
| options/examples for congig files | options/examples for config files |
| Line 24: | Line 199: |
| = Other = == Mini screen how-to == List screen sessions: {{{ [HW] # sudo screen -ls There are screens on: 1407.init-ubuntu (07/10/2010 02:23:42 PM) (Detached) 1364.init-test (07/10/2010 02:23:41 PM) (Detached) 1357.init-2www (07/10/2010 02:23:40 PM) (Detached) 3 Sockets in /var/run/screen/S-root. }}} Login screen session: {{{ [HW] # screen -r 1407.init-ubuntu Starting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok configuration file /etc/nginx/nginx.conf test is successful nginx. Ubuntu 10.04 LTS ubuntu /dev/console ubuntu login: }}} Detach screen: '''C-a d''' or '''C-a C-d''' [[http://ugatu.net/wiki/LXC|source]] == lxc.network.type=phys & kernel versions == The problem: {{{ [HW] # lxc-execute --name ubuntu -s lxc.network.type=phys bash Segmentation fault (core dumped) }}} or {{{ [HW] # lxc-execute --name net -s lxc.network.type=phys -s lxc.network.link=eth0 bash lxc-execute: failed to move 'eth0' to the container : Message too long }}} The kernel before 2.6.35 does not support physical interface moving across namespace. Maybe You can use Maverck 2.6.35 kernel in Lucid, see: [[https://launchpad.net/~kernel-ppa/+archive/ppa?field.series_filter=lucid|PPA for Ubuntu Kernel]] [[http://comments.gmane.org/gmane.linux.kernel.containers.lxc.devel/403|source1]] [[http://www.mail-archive.com/lxc-users@lists.sourceforge.net/msg00613.html|source2]] |
|
| Line 25: | Line 241: |
| * [[http://lxc.sourceforge.net/|LXC Home page (Sourceforge)]] * [[http://lxc.sourceforge.net/lxc.html|LXC overview (Sourceforge)]] * [[http://lxc.teegra.net/|How to LXC - this is one of the best documents available]] |
|
| Line 26: | Line 245: |
| * [[http://www.stgraber.org/category/lxc|Stéphane Graber's docummentation]] | * [[http://www.stgraber.org/category/lxc|Stéphane Graber's documentation]] |
| Line 28: | Line 247: |
| * [[http://www.mjmwired.net/kernel/Documentation/cgroups/|Kernel and configuration documentation]] |
Overview
LinuX Containers (LXC) provide lightweight virtualization that lets you isolate processes and resources without the need to provide instruction interpretation mechanisms and other complexities of full virtualization.
Notes
- Upstream libvirt support LXC.
- KVM + LXC can function properly on same host.
- LXC inside KVM works properly on same host.
- LXC take advantage of KMS feature of new Kernels.
- 64bit OS using a 32bit container.
- LXC works well with btrfs.
- No special hardware required.
- No patch is required to the kernel, since LXC is already integrated into the Kernel.
- OpenVZ Containers run on LXC, only Config modification required.
User case examples
- Isolate single processes, (I.E. a webserver).
- VPS
- LTSP
- Software build, testing, upgrading (think sandboxing)
External link - How to Ubuntu 10.04 LXC containers
Host configuration
External link - Ubuntu and Fedora Hosts
kernel requirements
The Linux container capabilities are part of the main stream linux kernel and require kernel version >= 2.6.27 (well working as of 2.6.31).
There are no requirements to compile a kernel or apply patches.
User space tools (lxc)
The user space tools, or lxc, are a set of scripts that manage linux containers.
You may install the lxc user space tools from the Ubuntu repositories.
sudo apt-get install lxc vlan bridge-utils python-software-properties screen
Or download the latest stable package from sourceforge and compile them yourself. The lxc project maintains a git repository for a bleeding edge set of tools.
Networking
There are several networking options available, the consensus appears to be that bridging your network card is the best option. As such I will cover bridging your network card here, hopefully this information can be expanded.
init script
create /etc/init.d/lxc:
[HW] # cat << EOF > /etc/init.d/lxc
#! /bin/sh
### BEGIN INIT INFO
# Provides: lxc
# Required-Start: $local_fs $remote_fs $network $syslog
# Required-Stop: $local_fs $remote_fs $network $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starts/stops linux containers
# Description: Provides linux container management: start, stop or
# restart containers.
### END INIT INFO
# Author: Nigel McNie <nigel@mcnie.name>
# Author: Eduard Iskandarov <edikexp@gmail.com>
#set -x
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="linux containers"
NAME=lxc
SCRIPTNAME=/etc/init.d/$NAME
LXCPATH=/var/lib/lxc
# Exit if the package is not installed
[ -x /usr/bin/lxc-start ] || exit 0
. /lib/init/vars.sh
. /lib/lsb/init-functions
do_start()
{
for C in $(ls -1 $LXCPATH); do
log_progress_msg "$C"
if lxc-info -n $C | grep STOPPED > /dev/null 2>&1; then
if [ -x /usr/bin/screen ]; then
/usr/bin/screen -dmS init-${C} /usr/bin/lxc-start -n $C
else
lxc-start -n $C -d
fi
lxc-wait -n $C -s RUNNING
if [ $? -gt 0 ]; then
return 2
fi
fi
done
}
do_stop()
{
for C in $(ls -1 $LXCPATH); do
log_progress_msg "$C"
if lxc-info -n $C | grep RUNNING > /dev/null 2>&1; then
/usr/bin/lxc-stop -n $C
if [ $? -gt 0 ]; then
return 2
fi
fi
done
}
do_status()
{
for C in $(ls -1 $LXCPATH); do
log_progress_msg "$C"
echo $(lxc-info -n $C)
done
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" #"$NAME"
do_start
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" #"$NAME"
do_stop
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
status)
log_daemon_msg "Status $DESC" #"$NAME"
do_status
;;
restart|force-reload)
log_daemon_msg "Restarting $DESC" #"$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:
EOFupdate rc.d:
[HW] # update-rc.d lxc defaults
Container configuration
options/examples for config files chroot/debootstrap/febootstrap lxc-debian / lxc-fedora lxc-console / ssh into containers
Migrate OpenVZ containers
Application configuration
Other
Mini screen how-to
List screen sessions:
[HW] # sudo screen -ls
There are screens on:
1407.init-ubuntu (07/10/2010 02:23:42 PM) (Detached)
1364.init-test (07/10/2010 02:23:41 PM) (Detached)
1357.init-2www (07/10/2010 02:23:40 PM) (Detached)
3 Sockets in /var/run/screen/S-root.Login screen session:
[HW] # screen -r 1407.init-ubuntu Starting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok configuration file /etc/nginx/nginx.conf test is successful nginx. Ubuntu 10.04 LTS ubuntu /dev/console ubuntu login:
Detach screen: C-a d or C-a C-d
lxc.network.type=phys & kernel versions
The problem:
[HW] # lxc-execute --name ubuntu -s lxc.network.type=phys bash Segmentation fault (core dumped)
or
[HW] # lxc-execute --name net -s lxc.network.type=phys -s lxc.network.link=eth0 bash lxc-execute: failed to move 'eth0' to the container : Message too long
The kernel before 2.6.35 does not support physical interface moving across namespace. Maybe You can use Maverck 2.6.35 kernel in Lucid, see: PPA for Ubuntu Kernel