Show pageBacklinksBack to top This page is read only. You can view the source, but not change it. Ask your administrator if you think this is wrong. ====== LXD ====== ===== Usage ===== $ lxc start ${containername} $ lxc restart ${containername} $ lxc stop ${containername} # open shell $ lxc exec ${containername} -- /bin/bash # -- with sudo permissions # $ lxc exec ${containername} -- sudo --login --user ${username} # -- execute command # $ lxc exec ${containername} -- ${command} ===== Installation ===== $ sudo apt update $ sudo apt upgrade $ sudo apt policy lxd # optional: wipe disk and use for zfs # $ sudo mkfs.ext4 -F /dev/disk/by-id/scsi-000_Volume_volume-fra1-01 $ sudo apt-get install lxd $ sudo apt-get install zfsutils-linux ===== Configuration ===== # create an unprivileged lxc user and add to "lxd" group $ sudo add user ${username} $ sudo usermod -aG lxd See [[linux:misc|Common Linux Commands]] for more information. $ sudo lxd init ==== Networking ==== # create lbr0 $ lxc network create lbr0 $ lxc network set lbr0 ipv4.address ${lbr0ipv4} $ lxc network set lbr0 ipv4.nat true $ lxc network show lbr0 config: ipv4.address: ${lbr0ipv4}/24 ipv4.nat: "true" ipv6.address: fd42:27e1:6a22:790c::1/64 ipv6.nat: "true" name: lbr0 type: bridge used_by: - /1.0/containers/${containername} managed: true # attach lbr0 to eth0 $ lxc stop ${containername} $ lxc network attach lbr0 ${containername} eth0 $ lxc start ${containername} # change network address $ lxc config device set ${containername} eth0 ipv4.address ${lbr0ipv4} # show bridges $ brctl show # bridge name bridge id STP enabled interfaces # lxcbr0 8000.00163e000000 no vethAAX55F # vethD5E4UB # vethAAX55F # lxdbr0 8000.000000000000 no # delete bridges $ ip link set lxdbr0 down $ brctl delbr lxdbr0 # stop bridges See: < Notes/Server/misc.notes > services: servicename: lxd-bridge # edit bridges # stop $ vi /etc/default/lxd-bridge LXD_IPV4_NAT="true" LXD_IPV6_NAT="false" # restart services: servicename: lxd # optional_conversion_from_eth0_to_br0: # use br0 instead of lxc-br0 (lxc creates its own device lxc-br0 which is managed by the lxc-net service) $ netstat -r # Kernel IP routing table # Destination Gateway Genmask Flags MSS Window irtt Iface # default gateway 0.0.0.0 UG 0 0 0 eth0 # 10.13.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 # xx.xx.xx.xxx 0.0.0.0 255.255.255.0 U 0 0 0 eth0 $ vi /etc/network/interfaces < /etc/network/interfaces > auto br0 iface br0 inet dhcp bridge-ifaces eth0 bridge-ports eth0 up ifconfig eth0 up iface eth0 inet manual $ sudo ifup br0 $ netstat -r # Kernel IP routing table # Destination Gateway Genmask Flags MSS Window irtt Iface # default xx.xx.xx.1 0.0.0.0 UG 0 0 0 br0 # xx.xx.xx.xxx * 255.255.255.0 U 0 0 0 br0 # xx.xx.xx.xxx * 255.255.255.0 U 0 0 0 eth0 # disable USE_LXC_BRIDGE $ vi /etc/default/lxc-net < /etc/default/lxc-net > USE_LXC_BRIDGE=0 # set lxc network link as br0 $ vi ~/.config/lxc/default.conf < ~/.config/lxc/default.conf > lxc.network.link=br0 $ vi /etc/lxc/default.conf < /etc/lxc/default.conf > lxc.network.link=br0 $ vi /etc/dnsmasq.d/lxc < /etc/dnsmasq.d/lxc > except-interface=br0 $/etc/init.d/dnsmasq restart $ vi /var/lib/lxc/<container_name>/config < /var/lib/lxc/${containername}/config > lxc.network.link=br0 # configure iptables # -- forward source source: xx.xx.xx.xxx/24 interface: eth0 $ sudo iptables -A FORWARD -s ${source} -o ${interface} -j ACCEPT # -- forward destination destination: 10.0.3.0/24 interface: lxcbr0 $ sudo iptables -A FORWARD -d ${destination} -o ${interface} -j ACCEPT # -- forward DNAT ports chain: PREROUTING protocol: TCP localaddress: xx.xx.xx.xxx port: 25565 address: 10.0.3.116:25565 $ sudo iptables -t nat -I ${chain} -p ${protocol} -d ${localaddress} --dport ${port} -j DNAT --to ${address} # -- forward ports chain: PREROUTING protocol: TCP localaddress: 10.0.3.116 port: 25565 $ sudo iptables -A ${chain} -p ${protocol} -d ${localaddress} --dport ${port} -j ACCEPT See [[linux:networking|Networking]] for more information. # allow nesting $ lxc config set ${containername} security.nesting true # reconfigure lxd # $ sudo dpkg-reconfigure -p medium lxd ==== More commands ==== # create lxd container $ lxc launch ubuntu:x ${containername} # list containers $ lxc list # delete containers # stop container $ lxc delete ${containername} # get container info $ lxc info ${containername} # show container configuration $ lxc config show ${containername} # file locations /var/lib/lxd/containers/${containername} > /var/lib/lxd/storage-pools/lxd-pool/containers/${containername} < /var/lib/lxd/containers/${containername}/rootfs > # when copying, change file ownership to 100000 # copying files into container $ lxc file push ${filepath} ${containername} # show images $ lxc image list # +-------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+ # | ALIAS | FINGERPRINT | PUBLIC | DESCRIPTION | ARCH | SIZE | UPLOAD DATE | # +-------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+ # | | 8fa08537ae51 | no | ubuntu 16.04 LTS amd64 (release) (20170516) | x86_64 | 120.85MB | May 17, 2017 at 6:51pm (UTC) | # +-------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+ # delete images $ lxc image delete 8fa08537ae51 # profiles $ lxc profile edit default $ lxc profile show default ==== ZPool ==== # file locations /var/lib/lxd/containers/${containername} > /var/lib/lxd/containers/${containername}.zfs # tree /var/lib/lxd/containers/${containername}.zfs ├── metadata.yaml ├── rootfs └── templates zpools: pool: lxd-pool # show zpools $ sudo zpool list # NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT # ${pool} 2.98G 85K 2.98G - 0% 0% 1.00x ONLINE - # // -- if empty # no pools available # show config $ lxc config show # config: # storage.zfs_pool_name: ${pool} # destroy zpool $ sudo zpool destroy ${pool} # show status $ sudo zpool status # pool: ${pool} # state: ONLINE # scan: scrub repaired 0 in 0h0m with 0 errors on Sun May 14 00:24:28 2017 # config: # NAME STATE READ WRITE CKSUM # ${pool} ONLINE 0 0 0 # /var/lib/lxd/zfs.img ONLINE 0 0 0 # errors: No known data errors # // -- status if in block device: i.e. /dev/sda8 # pool: ${pool} # state: ONLINE # scan: none requested # config: # NAME STATE READ WRITE CKSUM # ${pool} ONLINE 0 0 0 # /sda8 ONLINE 0 0 0 # errors: No known data errors config: # increase size by adding a vdev $ sudo zpool add test-tao /dev/<disk-name> $ sudo zpool add test-tao mirror /dev/<disk-0-name> /dev/<disk-1-name> zfs: # show zfs $ sudo zfs list # NAME USED AVAIL REFER MOUNTPOINT # ${pool} 982M 1.93G 19K none # ${pool}/containers 681M 1.93G 19K none # ${pool}/containers/c1 681M 1.93G 964M /var/lib/lxd/storage-pools/${pool}/containers/c1 # ${pool}/custom 19K 1.93G 19K none # ${pool}/deleted 19K 1.93G 19K none # ${pool}/images 300M 1.93G 19K none # ${pool}/images/8fa08537ae51c880966626561987153e72d073cbe19dfe5abc062713d929254d 300M 1.93G 300M none # // -- if empty # no datasets available # mount $ mount | grep c1.zfs # ${pool}/containers/c1 on /var/lib/lxd/containers/c1.zfs type zfs (rw,relatime,xattr,noacl) # unset container $ lxc config unset storage.zfs_${pool} References: <https://bobcares.com/blog/building-an-nginx-web-application-gateway-for-an-lxc-lxd-server-virtualization-infrastructure/> <https://blog.simos.info/trying-out-lxd-containers-on-ubuntu-on-digitalocean/> <https://insights.ubuntu.com/2015/11/10/converting-eth0-to-br0-and-getting-all-your-lxc-or-lxd-onto-your-lan/> <https://www.digitalocean.com/community/tutorials/how-to-host-multiple-web-sites-with-nginx-and-haproxy-using-lxd-on-ubuntu-16-04> virtualization/lxd.txt Last modified: 2023/07/12 03:49by hli