LXC Linux Containers

This is a brief how-to and notes on a first setup of lxc containers, which will likely be a preferred replacement (in debian, at the least) for vservers.

Introduction

Materials, Process overview

Hardware:

The old server I had at the colo, a SuperMicro 5010 with a hyperthreaded p4 3 GHz, 3 GB memory, and two 320 GB sata disks

OS etc

Debian squeeze weekly build 10 jan 2010
also installed libvirt xen kvm lxc lvm virt-manager system-config-lvm and misc tools.

Details

Using basics and information obtained on these sites,

www.ibm.com/developerworks/linux/librar...

lxc.teegra.net

jim.studt.net/depository/index.php/usin...

libvirt.org/drvlxc.html

source of modified lxc-debian script:

nigel.mcnie.name/blog/a-five-minute-gui...

The following was done:

  1. made a large LVM volume group, and one lv inside that for the lxc systems. ext4 filesystem created
  2. mounted that on /var/lib/lxc – why? because lxc-debian setup script uses that as the default “root” for containers
  3. mkdir /var/lib/cgroup and mount -t cgroup cgroup /var/lib/cgroup needed for lxc control and monitoring
  4. lxc-debian create -n system-name to build a minimal lenny container with ssh
#  /etc/fstab  entries 
/dev/mapper/vg0-lxc     /var/lib/lxc    ext4    defaults        0       2
cgroup                  /var/lib/cgroup cgroup  defaults        0       0

Useful tools

To “enter” the lxc container, type lxc-console -n system-name (I have not discovered an effective way to exit from the tty obtained; it is claimed that -a-q works, but not for me).

lxc-netstat

lxc-info

lxc-ps

lxc-cgroup provides details (numbers) and is probably the only way that a munin plugin could get information about the containers

Mounts

Use of the lxc-debian script to build a base system is preferred, as it gets the initial fstab and tty (getty) settings right.

Additional mount points can be added. NFS can be done, but it was found that in addition to the lxc container, the nfs server should also export to the lxc host, even if the host does not nfs mount the filesystems.

The file /var/lib/lxc/{container-name}/fstab ?is? a list of mount points that should not be accessible from the host.

libvirt and virsh

Following recommendations, an attempt was made to use libvirt to manage the containers.

An xml file was created, and then

virsh --connect lxc:/// define  blah.xml

successfully got libvirt to take the xml file, assign a uuid to the vm. However,
virsh list --all

did not list the vm, and even though
virsh --connect lxc:/// start  blah

claimed the vm was started,
lxc-status

reports it stopped, and that is the case.

NB that upon reboot, libvirtd complained about non-existence of an lxc socket. Need to find out if this is what is leading to the failures above.

Migration to lxc: vserver, xen, physical

It is possible to migrate vservers and xen vm’s to lxc. One has to take care not to munge certain files and filesystems:

  • /dev
  • /srv
  • /sys
  • /etc:
    • fstab