Introduction
So far all my blog posts about LXD have been assuming an Ubuntu host with LXD installed from packages, as a snap or from source.
But LXD is perfectly happy to run on any Linux distribution which has the LXC library available (version 2.0.0 or higher), a recent kernel (3.13 or higher) and some standard system utilities available (rsync, dnsmasq, netcat, various filesystem tools, …).
In fact, you can find packages in the following Linux distributions (let me know if I missed one):
We have also had several reports of LXD being used on Centos and Fedora, where users built it from source using the distribution’s liblxc (or in the case of Centos, from an external repository).
One distribution we’ve seen a lot of requests for is Debian. A native Debian package has been in the works for a while now and the list of missing dependencies has been shrinking quite a lot lately.
But there is an easy alternative that will get you a working LXD on Debian today!
Use the same LXD snap package as I mentioned in a previous post, but on Debian!
Requirements
- A Debian “testing” (stretch) system
- The stock Debian kernel without apparmor support
- If you want to use ZFS with LXD, then the “contrib” repository must be enabled and the “zfsutils-linux” package installed on the system
Installing snapd and LXD
Getting the latest stable LXD onto an up to date Debian testing system is just a matter of running:
apt install snapd snap install lxd
If you never used snapd before, you’ll have to either logout and log back in to update your PATH, or just update your existing one with:
. /etc/profile.d/apps-bin-path.sh
And now it’s time to configure LXD with:
root@debian:~# lxd init Name of the storage backend to use (dir or zfs) [default=dir]: Create a new ZFS pool (yes/no) [default=yes]? Name of the new ZFS pool [default=lxd]: Would you like to use an existing block device (yes/no) [default=no]? Size in GB of the new loop device (1GB minimum) [default=15]: Would you like LXD to be available over the network (yes/no) [default=no]? Would you like stale cached images to be updated automatically (yes/no) [default=yes]? Would you like to create a new network bridge (yes/no) [default=yes]? What should the new bridge be called [default=lxdbr0]? What IPv4 subnet should be used (CIDR notation, “auto” or “none”) [default=auto]? What IPv6 subnet should be used (CIDR notation, “auto” or “none”) [default=auto]? LXD has been successfully configured.
And finally, you can start using LXD:
root@debian:~# lxc launch images:debian/stretch debian Creating debian Starting debian root@debian:~# lxc launch ubuntu:16.04 ubuntu Creating ubuntu Starting ubuntu root@debian:~# lxc launch images:centos/7 centos Creating centos Starting centos root@debian:~# lxc launch images:archlinux archlinux Creating archlinux Starting archlinux root@debian:~# lxc launch images:gentoo gentoo Creating gentoo Starting gentoo
And enjoy your fresh collection of Linux distributions:
root@debian:~# lxc list +-----------+---------+-----------------------+-----------------------------------------------+------------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +-----------+---------+-----------------------+-----------------------------------------------+------------+-----------+ | archlinux | RUNNING | 10.250.240.103 (eth0) | fd42:46d0:3c40:cca7:216:3eff:fe40:7b1b (eth0) | PERSISTENT | 0 | +-----------+---------+-----------------------+-----------------------------------------------+------------+-----------+ | centos | RUNNING | 10.250.240.109 (eth0) | fd42:46d0:3c40:cca7:216:3eff:fe87:64ff (eth0) | PERSISTENT | 0 | +-----------+---------+-----------------------+-----------------------------------------------+------------+-----------+ | debian | RUNNING | 10.250.240.111 (eth0) | fd42:46d0:3c40:cca7:216:3eff:feb4:e984 (eth0) | PERSISTENT | 0 | +-----------+---------+-----------------------+-----------------------------------------------+------------+-----------+ | gentoo | RUNNING | 10.250.240.164 (eth0) | fd42:46d0:3c40:cca7:216:3eff:fe27:10ca (eth0) | PERSISTENT | 0 | +-----------+---------+-----------------------+-----------------------------------------------+------------+-----------+ | ubuntu | RUNNING | 10.250.240.80 (eth0) | fd42:46d0:3c40:cca7:216:3eff:fedc:f0a6 (eth0) | PERSISTENT | 0 | +-----------+---------+-----------------------+-----------------------------------------------+------------+-----------+
Conclusion
The availability of snapd on other Linux distributions makes it a great way to get the latest LXD running on your distribution of choice.
There are still a number of problems with the LXD snap which may or may not be a blocker for your own use. The main ones at this point are:
- All containers are shutdown and restarted on upgrades
- No support for bash completion
If you want non-root users to have access to the LXD daemon. Simply make sure that a “lxd” group exists on your system and add whoever you want to manage LXD into that group, then restart the LXD daemon.
Extra information
The snapd website can be found at: http://snapcraft.io
The main LXD website is at: https://linuxcontainers.org/lxd
Development happens on Github at: https://github.com/lxc/lxd
Mailing-list support happens on: https://lists.linuxcontainers.org
IRC support happens in: #lxcontainers on irc.freenode.net
Try LXD online: https://linuxcontainers.org/lxd/try-it
Github
Twitter
LinkedIn
Mastodon
RSS feed
Great article! But I never could understand correctly what is LXD. LXD is a system to create and manage LXC containers? I saw a frontend tool (‘lxc’ command) and seems there is a daemon (‘lxd’ package), so I think this frontend tool communicates with the daemon to create, destroy, etc. the LXC containers on the host. That is correct?
Yep, lxd is the daemon, lxc is the default client for it. You can also use various other clients to interact with LXD if you’d like since it offers a pretty simple REST API.
LXD makes it much easier to setup LXC containers than the old set of tools and it makes it possible to do all of that over the network.
Good post! Do you know of any work being done to also package Juju for snapd? A Juju snap would be the perfect companion for the LXD.
Nicholas Skaggs on the Juju team has been working on one. I’m not sure of the current status of it though.
Since there is no lxd group (like under Ubuntu) is there a way to run lxd from a classic user (non-root) ?
The LXD snap will use the “lxd” group if it’s found.
So doing:
groupadd –system lxd lxd
adduser
systemctl restart snap.lxd.daemon.service
Should have the daemon respawned using the “lxd” group.
Your user will then be able to interact with it, though possibly only after a “newgrp lxd” call to make sure it’s using its newly added group.
Thank you very much, it works ! 🙂
Did you try to install LXD on Debian Jessie?
It’s not possible?
snapd doesn’t exist in the Jessie repository so you can’t just use that, you’ll need to build it by hand.
Building LXD by hand on Jessie will also require you to update to a newer version of LXC and LXCFS, those seem to be available in jessie-backports. You’ll then need to install the Go compiler, also from backports and then build LXD using those.
The instructions at https://github.com/lxc/lxd should work fine once you’ve got all the dependencies sorted out.
Note that back in Jessie, Debian would disable the user namespace by default, so you’ll need to find and flip the sysctl for that.
Hi Stéphane, thanks for the post, it really helped.
However, you mention “The stock Debian kernel without apparmor support”. How could I achieve that? I tried disabling the apparmor profiles, as suggested by Zygmunt, but I have none.
If I try to get rid of the apparmor all together, the snapd will go with it. So I don’t know what to do.
The default Debian kernel has it disabled. If you have it enabled, then edit /etc/default/grub to remove the apparmor=1 and security=apparmor kernel options.
Hi Stéphane,
Thank you for the very nice post. It already helped me a lot.
However, I’m still stuck with some problems on Debian Testing and lxd.
First I did a fresh install of lxd over snap and create a container:
root@host:~# snap install lxd –edge
root@host:~# lxd (edge) git-aaf86a9 from ‘canonical’ installed
root@host:~# export PATH=$PATH:/snap/bin
root@host:~# groupadd –system lxd
root@host:~# adduser lxd
root@host:~# systemctl restart snap.lxd.daemon.service
root@host:~# lxd init
Do you want to configure a new storage pool (yes/no) [default=yes]?
Name of the new storage pool [default=default]:
Name of the storage backend to use (dir or zfs) [default=zfs]: dir
Would you like LXD to be available over the network (yes/no) [default=no]?
Would you like stale cached images to be updated automatically (yes/no) [default=yes]?
Would you like to create a new network bridge (yes/no) [default=yes]?
What should the new bridge be called [default=lxdbr0]?
What IPv4 address should be used (CIDR subnet notation, “auto” or “none”) [default=auto]?
What IPv6 address should be used (CIDR subnet notation, “auto” or “none”) [default=auto]?
LXD has been successfully configured.
lxc launch ubuntu:16.04 test -c environment.DISPLAY=${DISPLAY}
If this is your first time using LXD, you should also run: lxd init
To start your first container, try: lxc launch ubuntu:16.04
Creating test
Starting test
root@host:~# lxc config device add test x disk source=/tmp/.X11-unix/ path=/tmp/.X11-unix/
error: Failed to setup device: Source path /tmp/.X11-unix/ doesn’t exist for device /tmp/.X11-unix/
Unfortunately, mounting of the /tmp/.X11-unix/ directory failed and I have no idea why?
My intention is setting up a container with 3d acceleration support.
Any hint would be very much appreciated!
It’s not possible, because snap is like a container itself. That means, every snap has it’s own rootfs (AFAIK). So in the rootfs of lxd, your device-path/mountpoint/dir/.. simply doesn’t exist.
I tried some things to bind-mount my mountpoint into the lxd-snap, without success. Hopefully somebudy finds out how to do that :/
Hi Stéphane,
Thank you for the great tutorial!
I bumped into a problem here. I am using Debian Sid. Installed snapd (sudo apt-get install snapd) and then tried install lxd by issuing the command “sudo snap install lxd”
However, the installation got stuck at “Run configure hook of ‘core’ snap if present”, screenshot here: http://i.imgur.com/dofhvm7.png
Any hint?
The same bug occurs when i do `sudo snap refresh`, it’s look like a snapd bug or `core` package. It’s known and seems to have a workaround (that i did not tested) : https://bugs.launchpad.net/snappy/+bug/1674193
I seem to have found the solution.
$ sudo snap install core
$ sudo snap install lxd
With the `core` package, now it works fine.
I wonder what the security implications of running without apparmor are. Looks like at the very least it breaks nested snapd (and therefore nested lxd?). But would it also make it easier, maybe even trivial, for containers to be broken out of?
Hi,
I’m trying to make LXD work on Debian 8 using snapd.
I installed all the dependencies and lxd using snap and it worked at some point but now it won’t for some reason. If I type
>> lxd init
error: Unable to talk to LXD: Get http://unix.socket/1.0: dial unix /var/snap/lxd/common/lxd/unix.socket: connect: no such file or directory
>> lxc list
LXD socket not found; is LXD installed and running?
I’m stuck, do you have any piece of advice ?
Thanks a lot
> it worked at some point but now it won’t for some reason
Yea, I ran into similar issues. It looked to work for the first couple weeks, but after a while (after an update?) the lxd service kept going up and down on (re)boot. This, combined with other issues with snapd (not classic confinement; not possible to mount paths as disks if outside of home dir, not possible to push/pull files from non-home paths, dnsmasq would randomly stop responding to requests…) suggests that it really isn’t ready for any kind of serious use.
I ended up switching to packages from the Ubuntu stable PPA rebuilt for Debian a few days ago. It’s been stable so far, and the lxc client also responds faster than it does under snapd. Following the “CreatePackageFromPPA” guide on the Debian wiki (https://wiki.debian.org/CreatePackageFromPPA) largely works – you just need to install the repo `lxc` first and then use `dpkg -i –force-overwrite` when installing the PPA `lxd-client` (otherwise it fails on conflicting bash completions vs the Debian lxc package). At some point I’ll probably do a write-up of the entire process.
The downside of this approach is, of course, you’ll have to manually rebuild the packages every update, and I’m still not sure if there’s anything Ubuntu-specific in the PPA that can break things. The alternative is to wait for a properly native LXD package to make its way into the Debian archives, or use Ubuntu.
Personally, I’ve given up on trying to beat snapd into working.
Thank you for your reply ! Really appreciated.
Hey,
I am trying to assign a static IP address to a container, but all the tutorials I have seen in the web assume that the configuration is stored in /etc/lxc/ or other absolute directories. I haven’t been able to find it in the snap directory though. Where is the LXC configuration stored in case of snaps, or how should I configure LXD/LXC to assign a static IPv4 address to a container?
BR
~phoe
I ran in similar issue…
It would be fine to get the point of view of Stéphane today : CreatePackageFromPPA or snap ?
Thanks for the tutorial, but it does not work for me.
root@debian-simon:/home/simon# lxd init
bash: lxd: command not found.
But snap install lxd worked without error.
root@debian-simon:/home/simon# sudo snap install lxd
snap “lxd” is already installed, see ‘snap help refresh’