Those who are familiar with BSD Jails or Solaris Zones might be quite familiar to the concept of OS-level virtualization. The Linux world have several options for this, such as the User Mode Linux (UML), OpenVZ, Linux Vserver, and most recently, Linux Container (LXC).
Unlike the other alternatives, which requires specially patched kernels to run it, LXC got fully functional in the upstream kernel since 2.6.29, which is a plus as it made it easier to deploy it in many prexisting distros which ship 2.6.29, including Fedora - without messing around with the distro packages.
In this HOWTO, I'll guide through the process of deploying your own LXC in Fedora 12, with NAT to libvirt's virbr0
Preparation
yum install libvirt lxc
(ping me if i forgot to add any packages)
start libvirt so that virbr0 is configured
/sbin/service libvirtd start
mount control group in /cgroup
echo "none /cgroup cgroup defaults 0 0" >> /etc/fstab
mkdir /cgroup
mount /cgroup
LXC Fedora Script
The
lxc rpm provides a script named lxc-fedora to aid creation of lxc container. However, when I tried it, it doesnt quite work. After some googling, I found this guide http://blog.bodhizazen.net/linux/lxc-configure-fedora-containers/, of which, based on it, I've updated the lxc-fedora script accordingly to make it work using febootstrap.You can grab the script in my FedoraPeople GIT repository here : lxc-febootstrap
Download the script and save it somewhere in you system path.
Creating the Container
lxc-febootstrap create
The script would install the container rootfs in /var/lib/lxc/rootfs/. So make sure you have enough free space to store it (around 400MB for the base bootstrap). You'll also need approximately 400MB in /var/cache/lxc for the reusable vanilla copy of the rootfs.
Answer the questions from the script, and wait until the process is done. At the end of the process, the script would ask for a password for root. Set it.
Controlling the LXC Container
You can start the container using:
lxc-start -n <containername>
You can start the container in background using:
lxc-start -d -n <containername>
Stop it using:
lxc-stop -n <containername>
Destroy it using:
lxc-febootstrap destroy
Connect to a console of the LXC using:
lxc-console -n <containername>
Networking
The
lxc-febootstrap script have been configured to make use of libvirt's virbr0. It is a virtual bridge, so treat it like any other networking bridge in Linux. The default configuration of virbr0 (if i'm not mistaken) is that it have dhcp and routing already configured for virtual machines that utilize it. So, networking should JustWorks (unless I missed certain steps in this guide, currently it worksforme).
Thats it .. Enjoy and Happy Hacking :D
6 comments:
6:21 AM
Very nice, I will take your script for a spin.
Thank your for referencing my Blog, glad it was helpful.
Have you considered submitting your modified script to the LXC project or Fedora? I would encourage you to do so.
4:10 PM
I tried your lxc-febootstrap and I've got following:
[root@fedora12vb ~]# lxc-febootstrap create
What is the name for the container ? [fedora] test
What hostname do you wish for this container ? [test]
What is the MTU size ? [1500]
Checking cache download ...not cached
Bootstrapping fedora-12
/usr/local/sbin/lxc-febootstrap: line 183: febootstrap: command not found
Failed to download the rootfs, aborting.
/usr/local/sbin/lxc-febootstrap: line 53: /var/lib/lxc/rootfs/test/etc/sysconfig/network: No such file or directory
/usr/local/sbin/lxc-febootstrap: line 31: /var/lib/lxc/rootfs/test//etc/fstab: No such file or directory
/usr/local/sbin/lxc-febootstrap: line 39: /var/lib/lxc/rootfs/test/etc/sysconfig/network-scripts/ifcfg-eth0: No such file or directory
sed: can't read /var/lib/lxc/rootfs/test/etc/rc.sysinit: No such file or directory
sed: can't read /var/lib/lxc/rootfs/test/etc/rc.d/rc.sysinit: No such file or directory
chroot: failed to run command `chkconfig': No such file or directory
chroot: failed to run command `chkconfig': No such file or directory
chroot: failed to run command `chkconfig': No such file or directory
chroot: failed to run command `passwd': No such file or directory
'test' created
Done.
You can run your container with the 'lxc-start -n test'
[root@fedora12vb ~]#
11:32 PM
@mparem
looks like you does not have febootstrap installed.
yum install febootstrap
11:38 AM
It looks a little better. However, still does not work:
[root@fedora12vb mparem]# lxc-febootstrap create
What is the name for the container ? [fedora] test
What hostname do you wish for this container ? [test]
What is the MTU size ? [1500]
/usr/local/sbin/lxc-febootstrap: line 53: /var/lib/lxc/rootfs/test/etc/sysconfig/network: No such file or directory
/usr/local/sbin/lxc-febootstrap: line 31: /var/lib/lxc/rootfs/test//etc/fstab: No such file or directory
/usr/local/sbin/lxc-febootstrap: line 39: /var/lib/lxc/rootfs/test/etc/sysconfig/network-scripts/ifcfg-eth0: No such file or directory
sed: can't read /var/lib/lxc/rootfs/test/etc/rc.sysinit: No such file or directory
sed: can't read /var/lib/lxc/rootfs/test/etc/rc.d/rc.sysinit: No such file or directory
chroot: failed to run command `chkconfig': No such file or directory
chroot: failed to run command `chkconfig': No such file or directory
chroot: failed to run command `chkconfig': No such file or directory
chroot: failed to run command `passwd': No such file or directory
'test' already exists
Failed to create 'test'
[root@fedora12vb mparem]# ls /var/lib/lxc/rootfs/test
dev selinux
[root@fedora12vb mparem]#
3:12 PM
Cleaned up previously created containers, fixed "sed" command changing "|" to "/" and removed "rm" command for "mount.conf" and "lxc.conf" files.
Now I was able to create container. However, when I start container, I see following:
[root@fedora12vb mparem]# lxc-start -n fedora
Welcome to Fedora
Press 'I' to enter interactive startup.
Setting hostname fedora: [ OK ]
Checking filesystems
[ OK ]
mount: can't find / in /etc/fstab or /etc/mtab
Mounting local filesystems: [ OK ]
No such file or directory
Enabling /etc/fstab swaps: [ OK ]
Entering non-interactive startup
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0.../sbin/dhclient-script: line 503: /dev/null: Permission denied
/sbin/dhclient-script: line 524: /dev/null: Permission denied
/sbin/dhclient-script: line 503: /dev/null: Permission denied
/sbin/dhclient-script: line 47: /dev/null: Permission denied
/etc/sysconfig/network-scripts/network-functions: line 358: /dev/null: Permission denied
/etc/sysconfig/network-scripts/network-functions: line 357: /dev/null: Permission denied
/sbin/dhclient-script: line 47: /dev/null: Permission denied
done.
[ OK ]
Starting system logger: [ OK ]
Starting system message bus: Could not get password database information for UID of current process: User "???" unknown or no memory to allocate password entry
Failed to start message bus: Could not get UID and GID for username "dbus"
[FAILED]
Mounting other filesystems: [ OK ]
Generating SSH1 RSA host key: [FAILED]
Starting sendmail: [ OK ]
Starting sm-client: No such file or directory
/etc/mail/submit.cf: line 432: readcf: option RunAsUser: unknown user smmsp: Permission denied
/etc/mail/submit.cf: line 451: readcf: option TrustedUser: unknown user smmsp: Permission denied
Mail submission program must have RunAsUser set to non root user
[FAILED]
Starting crond: [ OK ]
init: tty5 main process (316) terminated with status 1
init: tty5 main process ended, respawning
init: tty6 main process (320) terminated with status 1
9:19 AM
I tried these steps and got the following upon lxc-start.
Starting crond: [ OK ]
init: tty4 main process (332) terminated with status 1
init: tty4 main process ended, respawning
init: tty2 main process (334) terminated with status 1
init: tty2 main process ended, respawning
init: tty3 main process (335) terminated with status 1
init: tty3 main process ended, respawning
init: tty6 main process (337) terminated with status 1
init: tty6 main process ended, respawning
init: tty5 main process (333) terminated with status 1
init: tty5 main process ended, respawning
init: tty4 main process (338) terminated with status 1
init: tty4 main process ended, respawning
This has gone on a loop.
Post a Comment