LXC: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Keine Bearbeitungszusammenfassung |
Vater (Diskussion | Beiträge) |
||
Zeile 184: | Zeile 184: | ||
== LXC on ZFS (flatbert) == | == LXC on ZFS (flatbert) == | ||
Container erstellen: | ; Container erstellen: | ||
<source lang="bash"> | debian lxc bootstrap | ||
: <source lang="bash">lxc-create -n example -t debian</source> | |||
lxc-create -n example -t debian | |||
neues dataset | |||
zfs create -o checksum=sha256 -o compression=lz4 -o mountpoint=/rpool/disk33 rpool/disk33 | : <source lang="bash">zfs create -o checksum=sha256 -o compression=lz4 -o mountpoint=/rpool/disk33 rpool/disk33</source> | ||
lxc Container verschieben | |||
rsync -aAX --progress /var/lib/lxc/example/rootfs/ /rpool/disk33/ | : <source lang="bash">rsync -aAX --progress /var/lib/lxc/example/rootfs/ /rpool/disk33/</source> | ||
rm -rfv /var/lib/lxc/example/rootfs | : <source lang="bash">rm -rfv /var/lib/lxc/example/rootfs</source> | ||
lxc Container Config kopieren | |||
cp /var/lib/lxc/pentabot/config /var/lib/lxc/example/config | : <source lang="bash">cp /var/lib/lxc/pentabot/config /var/lib/lxc/example/config</source> | ||
lxc Container Config anpassen | |||
: <source lang="bash">vi /var/lib/lxc/example/config</source> | |||
<pre> | |||
### | ### | ||
### namen, pfade, mac adresse, cap, rootfs pfad | ### namen, pfade, mac adresse, cap, rootfs pfad | ||
### | ### | ||
</pre> | |||
lxc autostart (reboot safe) | |||
: <source lang="bash">cd /etc/lxc/auto</source> | |||
: <source lang="bash">ln -s ../../../var/lib/lxc/example/config 310_example.conf</source> | |||
lxc link zum rpool dataset | |||
: <source lang="bash">cd /lxc-container</source> | |||
: <source lang="bash">ln -s /rpool/disk33 example</source> | |||
cd /lxc-container | |||
ln -s /rpool/disk33 example | |||
lxc / debian jessie upgrade sources.list | |||
cp /lxc-container/pentabot/etc/apt/sources.list /lxc-container/example/etc/apt/sources.list | : <source lang="bash">cp /lxc-container/pentabot/etc/apt/sources.list /lxc-container/example/etc/apt/sources.list</source> | ||
lxc starten | |||
lxc-start -n example | : <source lang="bash">lxc-start -n example</source> | ||
lxc wheezy auf jessie upgraden (ohne systemd) | |||
apt-get update; apt-get upgrade | : <source lang="bash">apt-get update; apt-get upgrade</source> | ||
</source> |
Version vom 5. März 2015, 05:13 Uhr
create
- mit lvm
lxc-create -n<container-name> -t <template> -B lvm --lvname <container-name> --vgname <volumen-gruppen-name> --fstype <filesystem-type> --fssize <filesystem-größe>
- ohne lvm
lxc-create -n<container-name> -t <template>
start
- start
lxc-start -n<container-name> -f</path/to/config/file> -d
stop
- stop
lxc-stop -n<container-name>
config
## network lxc.network.type = veth lxc.network.link = br0 lxc.network.name = eth0 lxc.network.hwaddr = 00:00:c3:d2:00:23 lxc.network.veth.pair = br0_<container-name> lxc.network.flags = up lxc.network.type = veth lxc.network.link = br1 lxc.network.name = eth1 lxc.network.hwaddr = 00:00:c3:d2:01:23 lxc.network.veth.pair = br1_<container-name> lxc.network.flags = up ## Container lxc.utsname = <container-name> lxc.rootfs = /var/lib/lxc/<container-name>/rootfs lxc.arch = x86_64 #lxc.console = /var/log/lxc/<container-name>.console lxc.tty = 2 lxc.pts = 1024 ## Capabilities lxc.cap.drop = audit_control lxc.cap.drop = audit_write lxc.cap.drop = linux_immutable lxc.cap.drop = mac_admin lxc.cap.drop = mac_override lxc.cap.drop = setpcap lxc.cap.drop = sys_admin lxc.cap.drop = sys_boot lxc.cap.drop = sys_module lxc.cap.drop = sys_pacct lxc.cap.drop = sys_rawio lxc.cap.drop = sys_time ## Devices # Allow all devices #lxc.cgroup.devices.allow = a # Deny all devices lxc.cgroup.devices.deny = a # Allow to mknod all devices (but not using them) lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m # /dev/console lxc.cgroup.devices.allow = c 5:1 rwm # /dev/null lxc.cgroup.devices.allow = c 1:3 rwm # /dev/ptmx lxc.cgroup.devices.allow = c 5:2 rwm # /dev/pts/* lxc.cgroup.devices.allow = c 136:* rwm # /dev/random lxc.cgroup.devices.allow = c 1:8 rwm # /dev/rtc lxc.cgroup.devices.allow = c 254:0 rwm # /dev/tty lxc.cgroup.devices.allow = c 5:0 rwm # tty0 lxc.cgroup.devices.allow = c 4:0 rwm # tty1 lxc.cgroup.devices.allow = c 4:1 rwm # /dev/urandom lxc.cgroup.devices.allow = c 1:9 rwm # /dev/zero lxc.cgroup.devices.allow = c 1:5 rwm # tun lxc.cgroup.devices.allow = c 10:200 rwm ## Limits lxc.cgroup.cpu.shares = 1024 lxc.cgroup.cpuset.cpus = 0 lxc.cgroup.memory.limit_in_bytes = 256M lxc.cgroup.memory.memsw.limit_in_bytes = 1G ## Filesystem lxc.mount.entry = proc proc proc ro,nodev,noexec,nosuid 0 0 lxc.mount.entry = sysfs sys sysfs ro 0 0
console
</path/to/conatiner/rootfs>/etc/inittab
# /sbin/getty invocations for the runlevels. # # The "id" field MUST be the same as the last # characters of the device (after "tty"). # # Format: # <id>:<runlevels>:<action>:<process> # # Note that on most Debian systems tty7 is used by the X Window System, # so if you want to add more getty's go ahead but skip tty7 if you run X. # c1:2345:respawn:/sbin/getty 38400 tty1 #1:2345:respawn:/sbin/getty 38400 tty1 #2:23:respawn:/sbin/getty 38400 tty2 #3:23:respawn:/sbin/getty 38400 tty3 #4:23:respawn:/sbin/getty 38400 tty4 #5:23:respawn:/sbin/getty 38400 tty5 #6:23:respawn:/sbin/getty 38400 tty6 # console 1:12345:respawn:/sbin/agetty --noclear 115200 console linux
lxc-console
- VMs auflisten:
lxc-list
- an VM attachen:
lxc-console -n<container-name>
- Von Konsole detachen:
- im screen:
- Ctrl+aaq
- ohne screen:
- Ctrl+aq
- im screen:
debian 8 (jessie/systemd lxc)
z.b wheezy container upgrade auf jessie
lxc - config
lxc.autodev = 1
lxc.kmsg = 0
im rootfs container:
apt-get install dbus (sofern vergessen)
# udev fuu deaktivieren:
ln -s /dev/null /etc/systemd/system/systemd-udevd.service
ln -s /dev/null /etc/systemd/system/systemd-udevd-control.socket
ln -s /dev/null /etc/systemd/system/systemd-udevd-kernel.socket
ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount
# tty fuu deaktivieren: /var/lib/lxc/{container}/rootfs/lib/systemd/system/getty@.service
ConditionPathExists=/dev/tty0
# permission fuu
ln -s -f /bin/true /usr/bin/chfn
https://wiki.archlinux.org/index.php/Lxc-systemd
https://github.com/lxc/lxc/commit/a9bf60bab547013a9873a3fb9efe61155e8694b8
https://wiki.debian.org/LXC#Debian_8_.22Jessie.22.2Ftesting
frickeln
https://gist.github.com/peo3/1142202
LXC on ZFS (flatbert)
- Container erstellen
debian lxc bootstrap
lxc-create -n example -t debian
neues dataset
zfs create -o checksum=sha256 -o compression=lz4 -o mountpoint=/rpool/disk33 rpool/disk33
lxc Container verschieben
rsync -aAX --progress /var/lib/lxc/example/rootfs/ /rpool/disk33/
rm -rfv /var/lib/lxc/example/rootfs
lxc Container Config kopieren
cp /var/lib/lxc/pentabot/config /var/lib/lxc/example/config
lxc Container Config anpassen
vi /var/lib/lxc/example/config
### ### namen, pfade, mac adresse, cap, rootfs pfad ###
lxc autostart (reboot safe)
cd /etc/lxc/auto
ln -s ../../../var/lib/lxc/example/config 310_example.conf
lxc link zum rpool dataset
cd /lxc-container
ln -s /rpool/disk33 example
lxc / debian jessie upgrade sources.list
cp /lxc-container/pentabot/etc/apt/sources.list /lxc-container/example/etc/apt/sources.list
lxc starten
lxc-start -n example
lxc wheezy auf jessie upgraden (ohne systemd)
apt-get update; apt-get upgrade