|
Size: 8356
Comment:
|
Size: 8357
Comment: typo: sceen -> screen
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 62: | Line 62: |
| sudo apt-get install lxc vlan bridge-utils python-software-properties sceen | sudo apt-get install lxc vlan bridge-utils python-software-properties screen |
Overview
LinuX Containers (LXC) provide lightweight virtualization that lets you isolate processes and resources without the need to provide instruction interpretation mechanisms and other complexities of full virtualization.
Notes
- Upstream libvirt support LXC.
- KVM + LXC can function properly on same host.
- LXC inside KVM works properly on same host.
- LXC take advantage of KMS feature of new Kernels.
- 64bit OS using a 32bit container.
- LXC works well with btrfs.
- No special hardware required.
- No patch is required to the kernel, since LXC is already integrated into the Kernel.
- OpenVZ Containers run on LXC, only Config modification required.
User case examples
- Isolate single processes, (I.E. a webserver).
- VPS
- LTSP
- Software build, testing, upgrading (think sandboxing)
External link - How to Ubuntu 10.04 LXC containers
Host configuration
External link - Ubuntu and Fedora Hosts
kernel requirements
The Linux container capabilities are part of the main stream linux kernel and require kernel version >= 2.6.27 (well working as of 2.6.31).
There are no requirements to compile a kernel or apply patches.
User space tools (lxc)
The user space tools, or lxc, are a set of scripts that manage linux containers.
You may install the lxc user space tools from the Ubuntu repositories.
sudo apt-get install lxc vlan bridge-utils python-software-properties screen
Or download the latest stable package from sourceforge and compile them yourself. The lxc project maintains a git repository for a bleeding edge set of tools.
Networking
There are several networking options available, the consensus appears to be that bridging your network card is the best option. As such I will cover bridging your network card here, hopefully this information can be expanded.
init script
create /etc/init.d/lxc:
[HW] # cat << EOF > /etc/init.d/lxc
#! /bin/sh
### BEGIN INIT INFO
# Provides: lxc
# Required-Start: $local_fs $remote_fs $network $syslog
# Required-Stop: $local_fs $remote_fs $network $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Starts/stops linux containers
# Description: Provides linux container management: start, stop or
# restart containers.
### END INIT INFO
# Author: Nigel McNie <nigel@mcnie.name>
# Author: Eduard Iskandarov <edikexp@gmail.com>
#set -x
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="linux containers"
NAME=lxc
SCRIPTNAME=/etc/init.d/$NAME
LXCPATH=/var/lib/lxc
# Exit if the package is not installed
[ -x /usr/bin/lxc-start ] || exit 0
. /lib/init/vars.sh
. /lib/lsb/init-functions
do_start()
{
for C in $(ls -1 $LXCPATH); do
log_progress_msg "$C"
if lxc-info -n $C | grep STOPPED > /dev/null 2>&1; then
if [ -x /usr/bin/screen ]; then
/usr/bin/screen -dmS init-${C} /usr/bin/lxc-start -n $C
else
lxc-start -n $C -d
fi
lxc-wait -n $C -s RUNNING
if [ $? -gt 0 ]; then
return 2
fi
fi
done
}
do_stop()
{
for C in $(ls -1 $LXCPATH); do
log_progress_msg "$C"
if lxc-info -n $C | grep RUNNING > /dev/null 2>&1; then
/usr/bin/lxc-stop -n $C
if [ $? -gt 0 ]; then
return 2
fi
fi
done
}
do_status()
{
for C in $(ls -1 $LXCPATH); do
log_progress_msg "$C"
echo $(lxc-info -n $C)
done
}
case "$1" in
start)
log_daemon_msg "Starting $DESC" #"$NAME"
do_start
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
stop)
log_daemon_msg "Stopping $DESC" #"$NAME"
do_stop
case "$?" in
0|1) log_end_msg 0 ;;
2) log_end_msg 1 ;;
esac
;;
status)
log_daemon_msg "Status $DESC" #"$NAME"
do_status
;;
restart|force-reload)
log_daemon_msg "Restarting $DESC" #"$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:
EOFupdate rc.d:
[HW] # update-rc.d lxc defaults
Container configuration
options/examples for config files chroot/debootstrap/febootstrap lxc-debian / lxc-fedora lxc-console / ssh into containers
Migrate OpenVZ containers
Application configuration
Other
Mini screen how-to
List screen sessions:
[HW] # sudo screen -ls
There are screens on:
1407.init-ubuntu (07/10/2010 02:23:42 PM) (Detached)
1364.init-test (07/10/2010 02:23:41 PM) (Detached)
1357.init-2www (07/10/2010 02:23:40 PM) (Detached)
3 Sockets in /var/run/screen/S-root.Login screen session:
[HW] # screen -r 1407.init-ubuntu Starting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok configuration file /etc/nginx/nginx.conf test is successful nginx. Ubuntu 10.04 LTS ubuntu /dev/console ubuntu login:
Detach screen: C-a d or C-a C-d
lxc.network.type=phys & kernel versions
The problem:
[HW] # lxc-execute --name ubuntu -s lxc.network.type=phys bash Segmentation fault (core dumped)
or
[HW] # lxc-execute --name net -s lxc.network.type=phys -s lxc.network.link=eth0 bash lxc-execute: failed to move 'eth0' to the container : Message too long
The kernel before 2.6.35 does not support physical interface moving across namespace. Maybe You can use Maverck 2.6.35 kernel in Lucid, see: PPA for Ubuntu Kernel