LXD quick start (linux containers)

Feb 3, 2021 · 4 min read · linux · lxd · containers ·

Overview

Linux containers often considered as something in the middle between a chroot and a full fledged virtual machine. The goal of LXC is to create an environment as close as possible to a standard Linux installation but without the need for a separate kernel.
LXD is a system container and virtual machine manager. It offers a unified user experience around full Linux systems running inside containers or virtual machines.

Before start, use lxd init to configure LXD settings such as network, storage, clustering and other. All of them can be changed later.

Get Info:

 1lxc profile show default
 2lxc info container_name
 3lxc config show container_name -e  #all configurations
 4lxc storage list
 5
 6lxc ls #List instances
 7lxc list -c ns4mDSb
 8
 9All available column options:
10    4 - IPv4 address
11    6 - IPv6 address
12    a - Architecture
13    b - Storage pool
14    c - Creation date
15    d - Description
16    D - disk usage
17    l - Last used date
18    m - Memory usage
19    M - Memory usage (%)
20    n - Name
21    N - Number of Processes
22    p - PID of the instances init process
23    P - Profiles
24    s - State
25    S - Number of snapshots
26    t - Type (persistent or ephemeral)
27    u - CPU usage (in seconds)
28    L - Location of the instance (e.g. its cluster member)
29    f - Base Image Fingerprint (short)
30    F - Base Image Fingerprint (long)

Launch new container

1lxc launch images:centos/7/amd64 container_name
2lxc launch ubuntu:20.04 container_name
3lxc launch -p profile_name ubuntu:20.04 container_name   #-p for applying a profile

Configuration

Apply specific settings to a container:

1lxc config set container_name limits.memory 512MB
2lxc config set container_name limits.cpu 2
3lxc config device set container_name root size 10GB
4lxc config device set container_name eth0 limits.ingress 1Mbit

Run commands within container

1lxc exec container_name -- /bin/bash #Get a shell inside a container as a root
2lxc exec container_name bash
3lxc exec container_name -- su --login username
4lxc console container_name  # terminal inside container, use ```ctrl+a-q``` for detach.

Profile

Profile helps create container preconfiguration. Can be apply in launch moment. Uses cloud-init initialization.

 1lxc profile create profilename
 2lxc profile edit profilename
 3
 4# example
 5oleg@t600:~$ lxc profile show dev1 
 6config:
 7  limits.cpu: "1"
 8  limits.memory: 1024MB
 9  user.user-data: |
10    #cloud-config
11    package_upgrade: true
12    timezone: America/Los_Angeles
13    # User setup
14    users:
15     - name: oleg
16       ssh-authorized-keys:
17         - ssh-rsa AAAA......== oleg@t800
18       sudo: ['ALL=(ALL) NOPASSWD:ALL']
19       groups: sudo
20       shell: /bin/bash
21description: dev environment for tests
22devices:
23  eth0:
24    nictype: bridged
25    parent: br0
26    type: nic
27  root:
28    path: /
29    pool: zfs-pool
30    type: disk
31name: dev1
32used_by:
33...

Network

 1#Create bridge:
 2lxc network create testbr0 ipv6.address=none ipv4.address=none
 3lxc network create dev1br0 ipv6.address=none ipv4.address=172.20.5.10/24 ipv4.nat=true
 4
 5#containers get IP from your LAN using a bridge. Profile:
 6devices:
 7  eth0:
 8    nictype: bridged
 9    parent: br0
10    type: nic
11https://blog.simos.info/how-to-make-your-lxd-containers-get-ip-addresses-from-your-lan-using-a-bridge/
12
13#containers get IP from your LAN using macvlan
14lxc profile device add dev1 eth0 nic nictype=macvlan parent=br0
15https://blog.simos.info/how-to-make-your-lxd-container-get-ip-addresses-from-your-lan/
16
17#Set static ip (stop container before):
18lxc network attach lxdbr0 container_name eth0 eth0
19lxc config device set container_name eth0 ipv4.address 192.168.10.5

Snapshots

1lxc snapshot container_name snapshot_name # reate the snapshot
2lxc restore container_name snapshot_name # restore the snapshot
3lxc delete container_name/snapshot_name  # delete a snapshot

Files

1lxc file pull container_name/path-in-container path-on-host  #from an instance to host
2lxc file pull -r container_name/path-in-container path-on-host  # Pull a folder
3lxc file push path-on-host container_name/path-in-container   #  from host to instance
4lxc file push -r path-on-host container_name/path-in-container  # folder

Storage

1lxc storage create NAME type source=/some/empty/directory
2lxc storage create zfs-pool zfs source=/dev/mapper/vg_lxd-lv_lxd_zfs
3lxc storage list  
4lxc storage show zfs-pool
5https://linuxcontainers.org/lxd/docs/master/storage

Export & import(or backups), publish

 1lxc export container_name /tmp/container_name_date.tar.gz
 2lxc import container_name_date.tar.gz 
 3
 4#Publish - turns a container or snapshot into an image in the local LXD image store
 5lxc publish container_name/snapshot --alias new_local_image
 6lxc publish container_name --alias image_name
 7
 8lxc image import container_name.tar.gz  --alias custom-imagename
 9lxc image export imagename [target folder] [flags]
10
11#https://discuss.linuxcontainers.org/t/backup-the-container-and-install-it-on-another-server/463

Privileges

Set special privileges for container, this example is for NFS:

1lxc config set container_name security.privileged true
2lxc config set container_name raw.apparmor "mount fstype=nfs,"

Recommendations

Use this alias to prevent accidental deletion of an container.
lxc alias add delete "delete -i"

Gui

LXDUI - https://github.com/AdaptiveScale/lxdui
LXD Mosaic - https://github.com/turtle0x1/LxdMosaic