|
Size: 5988
Comment:
|
Size: 5989
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 35: | Line 35: |
| == User case examples == | == Use case examples == |
| Line 37: | Line 37: |
| 1. Isolate single processes, (I.E. a webserver). | 1. Isolate individual processes (e.g. a webserver) |
Overview
LinuX Containers (LXC) provide lightweight virtualization that lets you isolate processes and resources without the need to provide instruction interpretation mechanisms and other complexities of full virtualization.
Notes
- Upstream libvirt support LXC.
- KVM + LXC can function properly on same host.
- LXC inside KVM works properly on same host.
- LXC take advantage of KMS feature of new Kernels.
- 64bit OS using a 32bit container.
- LXC works well with btrfs.
- No special hardware required.
- No patch is required to the kernel, since LXC is already integrated into the Kernel.
- OpenVZ Containers run on LXC, only Config modification required.
Use case examples
- Isolate individual processes (e.g. a webserver)
- VPS
- LTSP
- Software build, testing, upgrading (think sandboxing)
Host configuration
External link - lxc-tools collection of utility scripts which include:
- lxc-ubuntu - installs ubuntu container
- init - init.d script
- lxc-status - lxc-info on all the containers
- lxc-halt - stop a linux container SAFELY
External link - How to Ubuntu 10.04 LXC containers
External link - Ubuntu and Fedora Hosts
kernel requirements
The Linux container capabilities are part of the main stream linux kernel and require kernel version >= 2.6.27 (well working as of 2.6.31).
There are no requirements to compile a kernel or apply patches.
User space tools (lxc)
The user space tools, or lxc, are a set of scripts that manage linux containers.
You may install the lxc user space tools from the Ubuntu repositories.
sudo apt-get install lxc vlan bridge-utils python-software-properties screen
Or download the latest stable package from sourceforge and compile them yourself. The lxc project maintains a git repository for a bleeding edge set of tools.
Networking
There are several networking options available, the consensus appears to be that bridging your network card is the best option. As such I will cover bridging your network card here, hopefully this information can be expanded.
Container configuration
options/examples for config files chroot/debootstrap/febootstrap lxc-debian / lxc-fedora lxc-console / ssh into containers
Migrate OpenVZ containers
Application configuration
Issues
“mknod: `/lib/udev/devices/ppp’: Operation not permitted” when updating Ubuntu 10.04 on virtual LXC machine http://www.emanuelis.eu/2010/09/15/mknod-lib-udev-devices-ppp-operation-not-permitted-when-updating-ubuntu-10-04-on-virtual-lxc-machine/
Other
Mini screen how-to
List screen sessions:
[HW] # sudo screen -ls
There are screens on:
1407.init-ubuntu (07/10/2010 02:23:42 PM) (Detached)
1364.init-test (07/10/2010 02:23:41 PM) (Detached)
1357.init-2www (07/10/2010 02:23:40 PM) (Detached)
3 Sockets in /var/run/screen/S-root.Login screen session:
[HW] # screen -r 1407.init-ubuntu Starting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok configuration file /etc/nginx/nginx.conf test is successful nginx. Ubuntu 10.04 LTS ubuntu /dev/console ubuntu login:
Detach screen: C-a d or C-a C-d
lxc.network.type=phys & kernel versions
The problem:
[HW] # lxc-execute --name ubuntu -s lxc.network.type=phys bash Segmentation fault (core dumped)
or
[HW] # lxc-execute --name net -s lxc.network.type=phys -s lxc.network.link=eth0 bash lxc-execute: failed to move 'eth0' to the container : Message too long
The kernel before 2.6.35 does not support physical interface moving across namespace. Maybe You can use Maverck 2.6.35 kernel in Lucid, see: PPA for Ubuntu Kernel