lxc

Linux Containers

LXC (Linux Containers) is an operating system–level virtualization method for running multiple isolated Linux systems (containers) on a single control host.

LXC provides operating system-level virtualization through a virtual environment that has its own process and network space, instead of creating a full-fledged virtual machine.

Ubuntu precise i386 container on Slackware 14.2

   1 lxc-create -t download -n containerx -- -d ubuntu  -r precise -a i386
   2 #Setting up the GPG keyring
   3 #Downloading the image index
   4 #Downloading the rootfs
   5 #Downloading the metadata
   6 #The image cache is now ready
   7 #Unpacking the rootfs
   8 #
   9 #---
  10 #You just created an Ubuntu container (release=precise, arch=i386, variant=default)
  11 #
  12 #To enable sshd, run: apt-get install openssh-server
  13 #
  14 #For security reason, container images ship without user accounts
  15 #and without a root password.
  16 #
  17 #Use lxc-attach or chroot directly into the rootfs to set a root password
  18 #or create user accounts.
  19 # start a container
  20 lxc-start -n containerx -d
  21 # list containers
  22 lxc-ls --fancy
  23 # spawn a new shell running inside an existing container
  24 lxc-attach -n containerx
  25 
  26 # session in containerx 
  27 cat /etc/os-release 
  28 #NAME="Ubuntu"
  29 #VERSION="12.04.5 LTS, Precise Pangolin"
  30 #ID=ubuntu
  31 #ID_LIKE=debian
  32 #PRETTY_NAME="Ubuntu precise (12.04.5 LTS)"
  33 #VERSION_ID="12.04"
  34 
  35 # run several commands in the container
  36 lxc-attach -n containerx -- sh -c 'TESTFILE=/tmp/asd;cat $TESTFILE; echo $TESTFILE'
  37 lxc-attach -n containerx -- sh -c 'cat /etc/os-release; dpkg -l;'
  38 # containers are stored under  /var/lib/lxc/
  39

Containers in Slackware64 15.0

   1 su
   2 # list available templates and distros
   3 lxc-create -t download -n NAME
   4 #Setting up the GPG keyring
   5 #Downloading the image index
   6 #
   7 #---
   8 #DIST   RELEASE ARCH    VARIANT BUILD
   9 #---
  10 #almalinux      8       amd64   default 20220224_23:09
  11 #almalinux      8       arm64   default 20220224_23:09
  12 #alpine 3.12    amd64   default 20220225_13:00
  13 #alpine 3.12    arm64   default 20220225_13:01
  14 #alpine 3.12    armhf   default 20220225_13:00
  15 #alpine 3.12    i386    default 20220225_13:01
  16 # press ctrl+c to exit
  17 lxc-create -t download -n containery -- -d ubuntu  -r bionic -a i386
  18 lxc-start -n containery -d
  19 lxc-ls --fancy
  20 lxc-attach -n containery
  21 # in the container
  22 lsb_release -a

/etc/cgconfig.conf

group qwerty {
    perm {
        task {
            uid = vitor;
            gid = users;
        }
    admin {
          uid = vitor;
          gid = users;
      }
  }

  cpuset {
      cgroup.clone_children = 1;
      cpuset.mems = 0;
  }
  cpu {}
  cpuacct {}
  blkio {}
  memory { memory.use_hierarchy = 1; }
  devices {}
  freezer {}
  net_cls {}
  perf_event {}
  net_prio {}
  pids {}
}

/etc/cgrules.conf

vitor           *               qwerty/

/etc/subgid

vitor:100000:65537

/etc/subuid

vitor:100000:65537

/etc/default/lxc-net

   1 USE_LXC_BRIDGE="true"

/etc/lxc/default.conf

lxc.net.0.type = empty

~/.config/lxc/default.conf

lxc.idmap = u 0 100000 65536
lxc.idmap = g 0 100000 65536

lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.link = lxcbr0

/etc/rc.d/rc.inet1.conf

   1 USE_DHCP[0]="yes"

/etc/rc.d/rc.local

   1 echo 1 > /proc/sys/net/ipv4/ip_forward
   2 /sbin/brctl addbr lxcbr0
   3 /sbin/brctl setfd lxcbr0 0
   4 /sbin/ifconfig lxcbr0 192.168.100.1 netmask 255.255.255.0 promisc up
   5 #/usr/sbin/iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
   6 /usr/sbin/iptables -t nat -A POSTROUTING -o wlan1 -j MASQUERADE
   7 /usr/libexec/lxc/lxc-net start

Test steps

   1 lxc-create -t download -n containery -- -d alpine  -r 3.16 -a i386
   2 lxc-start -n containery -d
   3 lxc-ls --fancy
   4 lxc-attach -n containery
   5 # commands inside container
   6 ping 8.8.8.8
   7 exit
   8 # show containers filesystems locations
   9 lxc-config lxc.lxcpath
  10 /home/vitor/.local/share/lxc
  11 #
  12 lxc-stop containery
  13 lxc-destroy containery

setup_ssh_container.sh

   1 CONTAINER=ssh-container
   2 lxc-stop $CONTAINER
   3 lxc-destroy $CONTAINER
   4 lxc-create -t download -n $CONTAINER -- -d alpine  -r 3.16 -a i386
   5 lxc-execute -n $CONTAINER -- ash -c "echo 'assd' > /t1.txt"
   6 lxc-start -n $CONTAINER -d
   7 lxc-attach -n $CONTAINER -- ash -c "/sbin/apk update"
   8 lxc-attach -n $CONTAINER -- ash -c "/sbin/apk add --update curl wget nano vim shadow openssh"
   9 lxc-attach -n $CONTAINER -- ash -c "mkdir /app"
  10 lxc-attach -n $CONTAINER -- ash -c "echo 'root:screencast' | /usr/sbin/chpasswd"
  11 lxc-attach -n $CONTAINER -- ash -c "echo 'PasswordAuthentication yes' >> /etc/ssh/sshd_config"
  12 lxc-attach -n $CONTAINER -- ash -c "echo 'PermitRootLogin yes' >> /etc/ssh/sshd_config"
  13 lxc-attach -n $CONTAINER -- ash -c "/sbin/rc-update add sshd"
  14 lxc-attach -n $CONTAINER -- ash -c "/sbin/service sshd start"
  15 sleep 5
  16 lxc-ls --fancy | grep $CONTAINER

lxc (last edited 2023-05-29 09:57:59 by 127)