Configuring LXC - Linux Containers

LXC (Linux Containers) is an operating system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host. LXC does not provide a virtual machine, but rather provides a virtual environment that has its own process and network space.

It is similar to other OS-level virtualization technologies on Linux such as OpenVZ and Linux-VServer, as well as those on other operating systems such as FreeBSD jails and Solaris Containers.

LXC relies on the Linux kernel cgroups functionality that became available in version 2.6.29, developed as part of LXC. It also relies on other kinds of namespace-isolation functionality, which were developed and integrated into the mainline Linux kernel.

The main benefit of this type of virtualization technology is the lack of hypervizor/guest overhead. This achieves close to bare-metal performance in most cases.

In this blog I'll show you how to configure LXC container and run Apache in it.

1. Prepare the host.

Install the main lxc package, bootstrap scrips and the bridge utility.

On Redhat/Fedora/Centos run:


On Debian/Ubuntu run:


Create the directory for the container:


2. Enable cgroup.

For more information on cgroups read my previous article - here


3. Configure bridging.

On Redhat like systems perform the following:


On Debian/Ubuntu:


4. Building the container.

There are several ways to do this:
  • Using the lxc tools like lxc-debian or lxc-fedora.
  • Using the debootstrap or febootstrap scirpts.
  • Converting an existing openvz containers.
  • Using libvirt as shown in this post.

To create the LXC container we need a directory containing the file system - rootfs, that we created in step 1  - /lxc - and a configuration file. To create the  config file for the container we can use a template file, adopted from the lxc.conf man page:


The most important lines are:


We also need the following fstab file to define our chroot like environment:


To install a minimum Ubuntu OS in the container we can use debootstrap or lxc-ubuntu as mentioned earlier:


or


5. Modify the container OS.

The basic Ubuntu installation needs to be cleaned some in order for it to execute correctly in the container. Things like modules, and start scripts needs to be removed/altered.


chroot into mycontainer and configure the container:


Exit the chroot and run:


6. Start the container.

To create and start the LXC run:


To list the containers and see their state:


You should now be able to access the container with either lxc-console or ssh:


or


To stop the container:


And to destroy the container run:


While in the container you can install and start services as usual.

Resources:
http://en.wikipedia.org/wiki/LXC https://help.ubuntu.com/community/LXC http://blog.bodhizazen.net/linux/lxc-configure-ubuntu-lucid-containers/ http://lxc.teegra.net

12 comments:

  1. yum install lxc does not work on redhat or centos. any ideas

    ReplyDelete
    Replies
    1. lxc is available on EPEL repository.

      Delete
  2. This comment has been removed by the author.

    ReplyDelete
    Replies
    1. Just want to make a note that the lxc package is now in the epel repository for those who are on redhat/centos.

      New to commenting system. Sorry, couldn't find the edit button.

      Delete
    2. Thank you for pointing that out David!

      Delete
  3. How do i assign core/CPU to each container? I've created 2 container on my dual core system. I wanted to lock each CPU/core to each container.. How do i do this??

    ReplyDelete
    Replies
    1. Not sure you can do this. You can however use the cgroups to allocate cpu time and memory per process.

      Delete
  4. How do I create small applications inside the container. Let's say I have a simple "Hello world" program that has to run without running another OS. What should the configuration file look like? Especially "rootfs" and "fstab"?

    ReplyDelete
    Replies
    1. Check this other post I have about LXC - http://kaivanov.blogspot.com/2013/01/configuring-lxc-using-libvirt.html - it shows how to run a process inside of the container using libvirt. You might also would like to check http://www.docker.com/

      Delete
  5. lxc on centos 7.0 -- and how to change ip - Please

    ReplyDelete
  6. when i do this command lxc-start -n -cont1
    I get this error on my ubunutu 10.04
    lxc-start: no configuration file for '/sbin/init' (may crash the host)

    Can some one please help me how to rectify. I am struck at this step from long back and don't know how to move further.

    ReplyDelete