E
Eric Hansen
Guest
The last article we overviewed what LXC is and how its useful, and now we will be covering how to create your own containers as well as stopping, starting, and freezing them. There’s still a few tools of the trade after that but that will be covered in part 3.
Intro to Creating a Container
Every tool used for a LXC container is prefixed with “lxc-” so, for example, when the “create” tool is mentioned its actually “lxc-create”. This just makes it easier in the end for me personally.
Now, one of the best parts about LXC is that creating a container is not as difficult as it is in OVZ (I could never get v-Server to work properly so I can’t testify on that). With LXC you just need to run the create command. Here’s the helpful information for you to digest (I have to run this as root when actually doing anything with a container so I just sudo’ed to root):
Few things to make note of here:
Backing store is basically telling LXC what filesystem to create the container with. While its usually fine to specify none (or just leave it blank), there are two other options: lvm and btrfs. LVM basically creates a LVM container/device for the container just like with a normal system, and BTRFS is automatically detected if /var/lib/lxc is found to be mounted on a BTRFS partition.
Normally the option of none is fine as it’ll just use the /var/lib/lxc’s directory Which, if it resides on a btrfs the containers will be automatically set to that, if its on a LVM container itself than I’m not quite sure from personal experience (I’m not a huge fan of LVM).
So for this guide we will do the bare minimum to create and manage a container, and if you want to do more advanced it will be your homework.
Templates
I’ll go more in-depth with templates in probably part 4, but this is what will provide you the base OS of your container. When you first use a template an ISO is downloaded of the distro and then some configurations are done. A template file is really nothing more than a shell script that runs when create is called. By default they reside in /usr/lib/lxc/templates/ on Ubuntu.
Once a template is used for the first time (which is the longest so if it takes a few minutes to create a container that’s normal), the ISO is cached/stored in a directory so future uses will not take nearly as long (roughly 3-400% decrease in wait time). For this guide we’ll be doing a bare-bones/minimalistic Ubuntu. You can find the template file itself most likely in /usr/lib/lxc/templates/lxc-ubuntu if you want to get a better feel for how templates work.
Creating A Container
Okay so now that we covered probably a lot more than we should’ve, we’ll get into creating a container. Remember that statement earlier that all LXC tools are actually prefixed with lxc-, but that’s omitted in this guide? The same can’t be said for templates. Here’s how you create the Ubuntu container with the name of “linux_org”:
I already had the Ubuntu template ready to go so your output might vary slightly but Everything below the first “##” should be the same if you didn’t modify the template. If you get an error about lxc-create or debootstrap make sure you installed the LXC userspace tools mentioned in part 1.
Possible Issue With Ubuntu Host
If you’re doing this on an Ubuntu host machine (the distro you’re running the commands on), please be aware of this: App Armor will hurt you.
App Armor is Ubuntu’s solution to SELinux (and I’m sure Debian also uses it but not sure), it will also cause your container to not start due to App Armor conflicts. Since I really dislike SELinux and App Armor I never looked into how to fix this from that standpoint. However, a simple new line to the container’s config file (in this case /var/lib/lxc/linux_org/config) makes this issue moot.
Just add this line somewhere within it:
Save and you’re ready to go!
Starting the Container
Since we created it and we have the name of the container, we’ll go ahead and start the container so we can begin making it useful! Just run the start command like so:
Once you do this you’ll be prompted with a login and asking for your username and password. This, by default, is ubuntu for both.
When you log in you’ll notice nothing is really different than a normal server log in, and that’s what its supposed to be! You created your first virtual machine basically without having to really install anything fancy, cool huh?!
Exiting the Container
Now this is a little tricky. If you ran the start command with the “-d” switch to daemonize the container (which we didn’t do so don’t worry), you can easily quit it by doing ctrl+a then q. However, since we didn’t do it this way, we have to shut down the container from within itself. So when you’re logged in just sudo su - so you can become root (again, password by default is “ubuntu”), then run shutdown -hP now. This will shut down the container (might take a few seconds) and drop you back to the host OS.
Connecting to the Container
I was going to talk about this in part 3 but since I mentioned the “-d” switch for the start command in the last section, may as well cover this now so people aren’t left in the dark.
To connect to a container that’s started in the background just run the console command like so:
From there you can return to the host’s shell without shutting down the container by pressing ctrl+a then q.
Intro to Creating a Container
Every tool used for a LXC container is prefixed with “lxc-” so, for example, when the “create” tool is mentioned its actually “lxc-create”. This just makes it easier in the end for me personally.
Now, one of the best parts about LXC is that creating a container is not as difficult as it is in OVZ (I could never get v-Server to work properly so I can’t testify on that). With LXC you just need to run the create command. Here’s the helpful information for you to digest (I have to run this as root when actually doing anything with a container so I just sudo’ed to root):
Code:
lxc-create -h
usage: lxc-create -n <name> [-f configuration] [-t template] [-h] -- [template_options]
usage: lxc-create -n <name> [-f configuration] [-t template] [-h] [fsopts] -- [template_options]
fsopts: -B none
fsopts: -B lvm [--lvname lvname] [--vgname vgname] [--fstype fstype] [--fssize fssize]
fsopts: -B btrfs
flag is not necessary, if possible btrfs support will be used
creates a lxc system object.
Options:
name : name of the container
configuration: lxc configuration
template : lxc-template is an accessible template script
The container backing store can be altered using '-B'. By default it
is 'none', which is a simple directory tree under /var/lib/lxc/<name>/rootfs
Otherwise, the following option values may be relevant:
lvname : [for -lvm] name of lv in which to create lv,
container-name by default
vgname : [for -lvm] name of vg in which to create lv, 'lxc' by default
fstype : name of filesystem to create, ext4 by default
fssize : size of filesystem to create, 1G by default
for template-specific help, specify a template, for instance:
lxc-create -t ubuntu -h- name - This is the name that you will reference the container by (basically the folder name). So if you name it linux_org, then you will start it by passing the name linux_org.
- configuration - If you are going to be making a lot of containers with similar features, you can pass a configuration template file that will be used in the creation of the container.
- template - This is how LXC knows what OS the container is. Templates will be covered shortly and in more detail later (this is a whole article in itself).
Backing store is basically telling LXC what filesystem to create the container with. While its usually fine to specify none (or just leave it blank), there are two other options: lvm and btrfs. LVM basically creates a LVM container/device for the container just like with a normal system, and BTRFS is automatically detected if /var/lib/lxc is found to be mounted on a BTRFS partition.
Normally the option of none is fine as it’ll just use the /var/lib/lxc’s directory Which, if it resides on a btrfs the containers will be automatically set to that, if its on a LVM container itself than I’m not quite sure from personal experience (I’m not a huge fan of LVM).
So for this guide we will do the bare minimum to create and manage a container, and if you want to do more advanced it will be your homework.
Templates
I’ll go more in-depth with templates in probably part 4, but this is what will provide you the base OS of your container. When you first use a template an ISO is downloaded of the distro and then some configurations are done. A template file is really nothing more than a shell script that runs when create is called. By default they reside in /usr/lib/lxc/templates/ on Ubuntu.
Once a template is used for the first time (which is the longest so if it takes a few minutes to create a container that’s normal), the ISO is cached/stored in a directory so future uses will not take nearly as long (roughly 3-400% decrease in wait time). For this guide we’ll be doing a bare-bones/minimalistic Ubuntu. You can find the template file itself most likely in /usr/lib/lxc/templates/lxc-ubuntu if you want to get a better feel for how templates work.
Creating A Container
Okay so now that we covered probably a lot more than we should’ve, we’ll get into creating a container. Remember that statement earlier that all LXC tools are actually prefixed with lxc-, but that’s omitted in this guide? The same can’t be said for templates. Here’s how you create the Ubuntu container with the name of “linux_org”:
Code:
lxc-create -n linux_org -t ubuntu
No config file specified, using the default config
debootstrap is /usr/sbin/debootstrap
Checking cache download in /var/cache/lxc/precise/rootfs-i386 ...
Copy /var/cache/lxc/precise/rootfs-i386 to /var/lib/lxc/linux_org/rootfs ...
Copying rootfs to /var/lib/lxc/linux_org/rootfs ...
##
# The default user is 'ubuntu' with password 'ubuntu'!
# Use the 'sudo' command to run tasks as root in the container.
##
'ubuntu' template installed
'linux_org' createdI already had the Ubuntu template ready to go so your output might vary slightly but Everything below the first “##” should be the same if you didn’t modify the template. If you get an error about lxc-create or debootstrap make sure you installed the LXC userspace tools mentioned in part 1.
Possible Issue With Ubuntu Host
If you’re doing this on an Ubuntu host machine (the distro you’re running the commands on), please be aware of this: App Armor will hurt you.
App Armor is Ubuntu’s solution to SELinux (and I’m sure Debian also uses it but not sure), it will also cause your container to not start due to App Armor conflicts. Since I really dislike SELinux and App Armor I never looked into how to fix this from that standpoint. However, a simple new line to the container’s config file (in this case /var/lib/lxc/linux_org/config) makes this issue moot.
Just add this line somewhere within it:
Code:
lxc.aa_profile = unconfinedStarting the Container
Since we created it and we have the name of the container, we’ll go ahead and start the container so we can begin making it useful! Just run the start command like so:
Code:
lxc-start -n linux_orgWhen you log in you’ll notice nothing is really different than a normal server log in, and that’s what its supposed to be! You created your first virtual machine basically without having to really install anything fancy, cool huh?!
Exiting the Container
Now this is a little tricky. If you ran the start command with the “-d” switch to daemonize the container (which we didn’t do so don’t worry), you can easily quit it by doing ctrl+a then q. However, since we didn’t do it this way, we have to shut down the container from within itself. So when you’re logged in just sudo su - so you can become root (again, password by default is “ubuntu”), then run shutdown -hP now. This will shut down the container (might take a few seconds) and drop you back to the host OS.
Connecting to the Container
I was going to talk about this in part 3 but since I mentioned the “-d” switch for the start command in the last section, may as well cover this now so people aren’t left in the dark.
To connect to a container that’s started in the background just run the console command like so:
Code:
lxc-console -n linux_orgAttachments
Last edited:
