This commit is contained in:
Marc Beninca 2017-12-05 22:14:15 +01:00
parent efcaaaa25a
commit 250cb9eab4
3 changed files with 261 additions and 0 deletions

View File

@ -1,3 +1,170 @@
*********
Container
*********
TODO
====
* look for creation through debootstrap
Create
======
.. code:: shell
lxc-create \
--name="container_name" \
--template="debian" \
-- \
--release="stretch" \
--mirror="file:/mirrors/debian/debian-stretch" \
--security-mirror="file:/mirrors/debian/debian-stretch-security" \
Configure
=========
In containers/directory/container_name :
* config
.. code:: ini
lxc.include = /usr/share/lxc/config/debian.common.conf
lxc.arch = amd64
lxc.autodev = 1
lxc.kmsg = 0
lxc.mount = /var/lib/lxc/container_name/fstab
lxc.rootfs = /var/lib/lxc/container_name/rootfs
lxc.rootfs.backend = dir
lxc.start.auto = 1
lxc.utsname = hostname
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.veth.pair = container_name
lxc.network.hwaddr = virtual_mac_address
Static addresses variant:
.. code:: ini
lxc.network.ipv4 = container_ip4/network_mask_bits
lxc.network.ipv6 = container_ip6
* fstab
.. warning::
| Do not forget to create the data directories
| otherwise the container start process will fail!
::
data/directory/container_name data none bind,create=dir
/mirrors mirrors none bind,create=dir
* rootfs/
* TODO Debian configuration
* rootfs/etc/network/interfaces.d/eth0
if the container uses DHCP:
::
auto eth0
iface eth0 inet dhcp
Start
=====
.. warning::
| Be patient, for it can take a container
| up to 1 minute to get its network stack up!
.. code:: shell
lxc-start -n "container_name"
.. code:: shell
lxc-start --name="container_name"
Run command
===========
.. code:: shell
lxc-attach -n "container_name" -- command
.. code:: shell
lxc-attach --name="container_name" -- command
Stop
====
.. code:: shell
lxc-stop -n "container_name"
.. code:: shell
lxc-stop --name="container_name"
Backup
======
system
------
.. code:: shell
cd containers/directory
tar --numeric-owner -cvaf container_name.backup_name.txz container_name
data
----
.. code:: shell
cd data/directory
tar --numeric-owner -cvaf container_name.backup_name.txz container_name
Destroy
=======
.. code:: shell
lxc-destroy -n "container_name"
.. code:: shell
lxc-destroy --name="container_name"
Restore
=======
system
------
.. code:: shell
cd containers/directory
rm --recursive container_name
tar --numeric-owner -xvf container_name.backup_name.txz
data
----
.. code:: shell
cd data/directory
rm --recursive container_name
tar --numeric-owner -xvf container_name.backup_name.txz

View File

@ -1,3 +1,78 @@
****
Host
****
Check
=====
.. code:: shell
lxc-checkconfig
List
====
.. code:: shell
lxc-ls -f
.. code:: shell
lxc-ls --fancy
Network bridge
==============
Create bridge br0 onto host's network interface eth0:
* /etc/network/interfaces.d/eth0
::
auto br0
iface br0 inet static
address host_ip/network_mask_bits
gateway gateway_ip
bridge_fd 0
bridge_maxwait 0
bridge_ports eth0
bridge_stp on
Service
=======
Default configuration for new containers:
* /etc/lxc/default.conf
.. code:: ini
lxc.include = /usr/share/lxc/config/debian.common.conf
lxc.arch = amd64
lxc.autodev = 1
lxc.kmsg = 0
lxc.rootfs.backend = dir
lxc.start.auto = 1
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
Directories
===========
* 1 for the containers
* 1 for their data
.. code:: shell
mkdir --parents "containers/directory"
rmdir "/var/lib/lxc"
ln --symbolic "containers/directory" "/var/lib/lxc"
.. code:: shell
mkdir --parents "data/directory"

View File

@ -6,3 +6,22 @@ LXC
host
container
***
ESX
***
.. warning::
| If the host is part of an ESX virtual network architecture,
| make sure to configure its virtual switch to avoid packet drops.
* Edit Settings / Policies / Security
=================== ======
Key Value
=================== ======
Promiscuous Mode Accept
MAC Address Changes Accept
Forged Transmits Accept
=================== ======