Differences between revisions 9 and 10

Contents

Overview
1. User case examples
Host configuration
Container configuration
1. Migrate OpenVZ containers
Application configuration
Other
1. Mini screen how-to
2. lxc.network.type=phys & kernel versions
See also

Overview

LinuX Containers (LXC) provide lightweight virtualization that lets you isolate processes and resources without the need to provide instruction interpretation mechanisms and other complexities of full virtualization.

Notes

Upstream libvirt support LXC.
KVM + LXC can function properly on same host.
LXC inside KVM works properly on same host.
LXC take advantage of KMS feature of new Kernels.
64bit OS using a 32bit container.
LXC works well with btrfs.
No special hardware required.
No patch is required to the kernel, since LXC is already integrated into the Kernel.
OpenVZ Containers run on LXC, only Config modification required.

User case examples

Isolate single processes, (I.E. a webserver).
VPS
LTSP
Software build, testing, upgrading (think sandboxing)

External link - How to Ubuntu 10.04 LXC containers

Host configuration

External link - Ubuntu and Fedora Hosts

kernel requirements

The Linux container capabilities are part of the main stream linux kernel and require kernel version >= 2.6.27 (well working as of 2.6.31).

There are no requirements to compile a kernel or apply patches.

User space tools (lxc)

The user space tools, or lxc, are a set of scripts that manage linux containers.

You may install the lxc user space tools from the Ubuntu repositories.

sudo apt-get install lxc vlan bridge-utils python-software-properties sceen

Or download the latest stable package from sourceforge and compile them yourself. The lxc project maintains a git repository for a bleeding edge set of tools.

Networking

There are several networking options available, the consensus appears to be that bridging your network card is the best option. As such I will cover bridging your network card here, hopefully this information can be expanded.

init script

create /etc/init.d/lxc:

[HW] # cat << EOF > /etc/init.d/lxc
#! /bin/sh
### BEGIN INIT INFO
# Provides:          lxc
# Required-Start:    $local_fs $remote_fs $network $syslog
# Required-Stop:     $local_fs $remote_fs $network $syslog
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Starts/stops linux containers
# Description:       Provides linux container management: start, stop or
#                    restart containers.
### END INIT INFO
# Author: Nigel McNie <nigel@mcnie.name>
# Author: Eduard Iskandarov <edikexp@gmail.com>
#set -x
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="linux containers"
NAME=lxc
SCRIPTNAME=/etc/init.d/$NAME
LXCPATH=/var/lib/lxc
# Exit if the package is not installed
[ -x /usr/bin/lxc-start ] || exit 0
. /lib/init/vars.sh
. /lib/lsb/init-functions
 do_start()
{
    for C in $(ls -1 $LXCPATH); do
        log_progress_msg "$C"
        if lxc-info -n $C | grep STOPPED > /dev/null 2>&1; then
            if [ -x /usr/bin/screen ]; then
                /usr/bin/screen -dmS init-${C} /usr/bin/lxc-start -n $C
            else
                lxc-start -n $C -d
            fi
            lxc-wait -n $C -s RUNNING
            if [ $? -gt 0 ]; then
                return 2
            fi
        fi
    done
}
do_stop()
{
    for C in $(ls -1 $LXCPATH); do
        log_progress_msg "$C"
        if lxc-info -n $C | grep RUNNING > /dev/null 2>&1; then
            /usr/bin/lxc-stop -n $C
            if [ $? -gt 0 ]; then
                return 2
            fi
        fi
    done
}
do_status()
{
    for C in $(ls -1 $LXCPATH); do
        log_progress_msg "$C"
        echo $(lxc-info -n $C)
    done
}
case "$1" in
    start)
    log_daemon_msg "Starting $DESC" #"$NAME"
    do_start
    case "$?" in
        0|1) log_end_msg 0 ;;
        2) log_end_msg 1 ;;
    esac
    ;;
stop)
    log_daemon_msg "Stopping $DESC" #"$NAME"
    do_stop
    case "$?" in
        0|1) log_end_msg 0 ;;
        2) log_end_msg 1 ;;
    esac
    ;;
status)
    log_daemon_msg "Status $DESC" #"$NAME"
    do_status
    ;;
restart|force-reload)
    log_daemon_msg "Restarting $DESC" #"$NAME"
    do_stop
    case "$?" in
        0|1)
            do_start
            case "$?" in
                0) log_end_msg 0 ;;
                1) log_end_msg 1 ;; # Old process is still running
                *) log_end_msg 1 ;; # Failed to start
            esac
            ;;
        *)
            # Failed to stop
            log_end_msg 1
            ;;
        esac
        ;;
*)
    #echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
    echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
    exit 3
    ;;
esac
:
EOF

update rc.d:

[HW] # update-rc.d lxc defaults

source

Container configuration

options/examples for config files chroot/debootstrap/febootstrap lxc-debian / lxc-fedora lxc-console / ssh into containers

Migrate OpenVZ containers

Application configuration

Other

Mini screen how-to

List screen sessions:

[HW] # sudo screen -ls
There are screens on:
        1407.init-ubuntu        (07/10/2010 02:23:42 PM)        (Detached)
        1364.init-test  (07/10/2010 02:23:41 PM)        (Detached)
        1357.init-2www  (07/10/2010 02:23:40 PM)        (Detached)
3 Sockets in /var/run/screen/S-root.

[HW] # screen -r 1407.init-ubuntu
Starting nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
configuration file /etc/nginx/nginx.conf test is successful
nginx.

Ubuntu 10.04 LTS ubuntu /dev/console

ubuntu login:

Detach screen: C-a d or C-a C-d

source

lxc.network.type=phys & kernel versions

The problem:

[HW] # lxc-execute --name ubuntu -s lxc.network.type=phys bash
Segmentation fault (core dumped)

# lxc-execute --name net -s lxc.network.type=phys -s lxc.network.link=eth0 bash
lxc-execute: failed to move 'eth0' to the container : Message too long

The kernel before 2.6.35 does not support physical interface moving across namespace. Maybe You can use Maverck 2.6.35 kernel in Lucid, see: PPA for Ubuntu Kernel

source1 source2

Ubuntu Documentation

Diff for "LXC"