forked from andonome/lk
remove duff lxc
This commit is contained in:
@@ -1,112 +0,0 @@
|
||||
---
|
||||
title: "lxc"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
---
|
||||
# Distro Specifics
|
||||
|
||||
Arch dependencies: `arch-install-scripts` `dnsmasq`
|
||||
|
||||
# Basic Setup
|
||||
|
||||
Make and start a linux container called 'playtime':
|
||||
|
||||
> # lxc-create -n playtime -t download
|
||||
|
||||
> # lxc-ls --fancy
|
||||
|
||||
> # lxc-start playtime
|
||||
|
||||
Attach it:
|
||||
|
||||
> # lxc-attach playtime
|
||||
|
||||
# Networking
|
||||
|
||||
Place the following in /etc/default/lxc-net to configure the network:
|
||||
|
||||
---
|
||||
|
||||
# Leave USE_LXC_BRIDGE as "true" if you want to use lx
|
||||
cbr0 for your
|
||||
# containers. Set to "false" if you'll use virbr0 or
|
||||
another existing
|
||||
# bridge, or mavlan to your host's NIC.
|
||||
USE_LXC_BRIDGE="true"
|
||||
|
||||
# If you change the LXC_BRIDGE to something other than
|
||||
lxcbr0, then
|
||||
# you will also need to update your /etc/lxc/default.c
|
||||
onf as well as the
|
||||
# configuration (/var/lib/lxc/<container>/config) for
|
||||
any containers
|
||||
# already created using the default config to reflect
|
||||
the new bridge
|
||||
# name.
|
||||
# If you have the dnsmasq daemon installed, you'll als
|
||||
o have to update
|
||||
# /etc/dnsmasq.d/lxc and restart the system wide dnsma
|
||||
sq daemon.
|
||||
LXC_BRIDGE="lxcbr0"
|
||||
LXC_ADDR="10.0.3.1"
|
||||
LXC_NETMASK="255.255.255.0"
|
||||
LXC_NETWORK="10.0.3.0/24"
|
||||
LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
|
||||
LXC_DHCP_MAX="253"
|
||||
# Uncomment the next line if you'd like to use a conf-
|
||||
file for the lxcbr0
|
||||
# dnsmasq. For instance, you can use 'dhcp-host=mail1
|
||||
,10.0.3.100' to have
|
||||
# container 'mail1' always get ip address 10.0.3.100.
|
||||
#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf
|
||||
|
||||
# Uncomment the next line if you want lxcbr0's dnsmasq
|
||||
to resolve the .lxc
|
||||
# domain. You can then add "server=/lxc/10.0.3.1' (or
|
||||
your actual $LXC_ADDR)
|
||||
# to your system dnsmasq configuration file (normally
|
||||
/etc/dnsmasq.conf,
|
||||
# or /etc/NetworkManager/dnsmasq.d/lxc.conf on systems
|
||||
that use NetworkManager).
|
||||
# Once these changes are made, restart the lxc-net and
|
||||
network-manager services.
|
||||
# 'container1.lxc' will then resolve on your host.
|
||||
#LXC_DOMAIN="lxc"
|
||||
|
||||
---
|
||||
|
||||
Then start the lxc NAT:
|
||||
|
||||
> sudo systemctl restart lxc-net
|
||||
|
||||
> sudo systemctl restart NetworkManager
|
||||
|
||||
... and make sure the bridge's ip-range doesn't intefere withe local network.
|
||||
|
||||
> sudo arp-scan -I lxcbr0 -l
|
||||
|
||||
The lxc template is in /etc/lxc/default.conf. You need to modify it so that it uses lxcbr0.
|
||||
|
||||
---
|
||||
|
||||
/etc/lxc/default.conf
|
||||
lxc.net.0.type = veth
|
||||
lxc.net.0.link = lxcbr0
|
||||
lxc.net.0.flags = up
|
||||
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
|
||||
|
||||
---
|
||||
|
||||
# Making machines
|
||||
|
||||
> sudo lxc-create -n roach -t download -- --dist archlinux --release current --arch amd64
|
||||
|
||||
Arch linux containers take up about 600 Megs.
|
||||
|
||||
To speed up the startup process, one can install haveged and start the haveged.service. Haveged stops the wait-time for system entropy creation.
|
||||
|
||||
Machines are stored in /var/lib/lxc.
|
||||
|
||||
# Starting
|
||||
|
||||
> lxc-attach -n roach
|
||||
|
||||
@@ -1,66 +0,0 @@
|
||||
---
|
||||
title: "lxc"
|
||||
tags: [ "Documentation", "distros" ]
|
||||
---
|
||||
# Intro
|
||||
|
||||
Taken from [this](https://r4nd0m6uy.ch/unpriviledged-containers-in-void-linux.html)
|
||||
Void linux requires additional steps to set up, as Systemd is no present to automatically take care of everything.
|
||||
|
||||
> sudo xbps-install cgmanager dbus bridge-utils lxc
|
||||
|
||||
Next, startup services:
|
||||
|
||||
> sudo ln -s /etc/sv/dbus/ /var/service/
|
||||
|
||||
> sudo ln -s /etc/sv/cgmanager/ /var/service/
|
||||
|
||||
> sudo sv start dbus
|
||||
|
||||
> sudo sv start cgmanager
|
||||
|
||||
> sudo sv start dbus
|
||||
|
||||
> sudo sv start cgmanager
|
||||
|
||||
Maps your user account to the lxc g/u ids:
|
||||
|
||||
> sudo usermod --add-subuids 100000-165536 $USER
|
||||
|
||||
> sudo usermod --add-subgids 100000-165536 $USER
|
||||
|
||||
Then add a bridge interface to connect the container.
|
||||
|
||||
> sudo brctl addbr lxbr0
|
||||
|
||||
Then add an interface. I have no idea how this is done or what it means, so I tried my wifi 'wlp3s0', and that was refused. I tried the guide's one, which obviously didn't work as I didn't have the same interface as in the guide. Finally, I tried `ip addr show` and noticed other devices 'lo' and 'wwp0s20u4i6'. This gave me:
|
||||
|
||||
> sudo brctl addif lxbr0 wwp0s20u4i6
|
||||
|
||||
... which worked.
|
||||
|
||||
If you don't want to redo this each boot, you can make a runit service for it apparently - more research is required for this. For now, I'm just copy-pasting the guide (almost) and sticking this in ~/.config/lxc/default.conf:
|
||||
|
||||
`lxc.network.type = veth`
|
||||
|
||||
`lxc.network.link = wwp0s20u4i6`
|
||||
|
||||
`lxc.network.flags = up`
|
||||
|
||||
`lxc.network.hwaddr = 00:16:3e:BB:CC:DD`
|
||||
|
||||
`lxc.id_map = u 0 100000 65536`
|
||||
|
||||
`lxc.id_map = g 0 100000 65536`
|
||||
|
||||
You can now configure a different bridge each boot to connect with the lxc containers, or ....
|
||||
|
||||
Next, do this at *every boot* (or script it):
|
||||
|
||||
> sudo cgm create all $USER
|
||||
|
||||
> sudo cgm chown all $USER $(id -u) $(id -g)
|
||||
|
||||
> cgm movepid all $USER $$
|
||||
|
||||
|
||||
@@ -1,72 +0,0 @@
|
||||
---
|
||||
title: "lxc"
|
||||
tags: [ "Documentation", "Distros" ]
|
||||
---
|
||||
|
||||
LXC creates miniature virtual machines to play with.
|
||||
|
||||
# Configuration
|
||||
|
||||
## Templates
|
||||
|
||||
On Void you can install this with:
|
||||
|
||||
> # xbps-install -S jq skopeo umoci
|
||||
|
||||
After you've installed a whopping 46 Megabytes, you can configure it in /etc/lxc/default.conf if you want to change global configs, otherwhise, it's the usual ~/.config/lxc/dfault.conf.
|
||||
|
||||
## Networking
|
||||
|
||||
Make a virtual network:
|
||||
|
||||
> # ip link add dev BRIDGE type bridge
|
||||
> # ip link set dev BRIDGE up
|
||||
> # ip link set dev NIC master BRIDGE
|
||||
|
||||
Things in caps can be renamed.
|
||||
|
||||
#Create a machine
|
||||
|
||||
> lxc-create -n roach-1
|
||||
|
||||
This makes a machine with the name 'roach-1'. We can also apply a preconfigured theme with '-t', such as 'ubuntu'.
|
||||
|
||||
> lxc-create -n roach-2 -t ubuntu
|
||||
|
||||
Additionally, there we can examine, destroy and freeze containers.
|
||||
|
||||
> lxc-ls -n roach-1
|
||||
|
||||
> lxc-destroy -n roach-1
|
||||
* Add '-k' to kill a process without mercy.
|
||||
|
||||
> lxc-freeze -n roach-2
|
||||
|
||||
> lxc-unfreeze -n roach-1
|
||||
|
||||
#Example
|
||||
|
||||
> for r in $(lxc-ls -1); do
|
||||
|
||||
> lxc-info -n $r
|
||||
|
||||
> done
|
||||
|
||||
# Monitor
|
||||
|
||||
You can monitor a set of containeers.
|
||||
|
||||
> lxc-monitor -n "roach-1|roach-2"
|
||||
|
||||
Or monitor all containers.
|
||||
|
||||
> lxc-monitor -n ".*"
|
||||
|
||||
# LXD
|
||||
|
||||
Setup by starting the lxd service, and adding your user to the group "lxd", then:
|
||||
|
||||
> sudo lxd init
|
||||
|
||||
Default port is 8443.
|
||||
|
||||
Reference in New Issue
Block a user