A while ago I posted about LXC and how to use it on Ubuntu 9.10, I think it’s time to update these instructions to the current state of LXC in Ubuntu 11.04.
As a quick reminder LXC stands for Linux Containers and uses the relatively recent cgroup and namespace features of the Linux kernel to offer something that’s between a chroot and a virtual machine. That’s, basically a chroot but with fine grained resource allocation, its own network stack and its own pid namespace.
LXC is very similar to OpenVZ and Linux-Vserver but doesn’t depend on kernel patches to work.
So here’s now how to get it working on Ubuntu 11.04 in a much easier way than back in Ubuntu 9.10, thanks to all the work done upstream.
To get LXC working on Ubuntu 11.04, you’ll need to do the following:
- Install a few packages: lxc, debootstrap and bridge-utils
- Create a bridge interface with masquerading and a local IP address
- Create a mountpoint for the cgroup filesystem and make sure it’s mounted
- Write a network configuration file for your container
- Create your container (the template gets generated with the first container)
To make it even easier, I wrote the following script that you can start as root to do all the above.
It’ll add a “br-lxc” interface using the 192.168.254.0/24 network and configure masquerading.
The cgroup filesystem will be mounted at boot time in /cgroup.
A first container called natty01 will be created and started with IP 192.168.254.2 and default root password “root”.
The script is (I think) well commented and I’ve clearly indicated what’s to be run once (to setup LXC) and what’s to be run for every container you may want to create.
Script can be downloaded from: http://www.stgraber.org/download/lxc-demo.sh.
Once you have a container started, you can start playing with:
- Attach to a VT: lxc-console –name natty01
- Get the status: lxc-info –name natty01
- Get the list of running processes: lxc-ps –name natty01 aux
- Start/Stop containers: lxc-start/lxc-stop