cmdref.net - Command Reference

This site is command references for system engineers.

User Tools

Site Tools


Top     SiteMap

Sidebar

Top     SiteMap








Etc


Reference











.

middleware:virtualization:lxd:index.html



LXD

Directory structure

File Note
/var/lib/lxd/lxd.db LXD has an internal database which stores all of that information.
/var/lib/lxd/containers/CONTAINER/rootfs/
/var/lib/lxd/snapshots


Installation of LXD

How to install LXD in Ubuntu

$ sudo apt-get update
$ sudo apt-get upgrade

$ dpkg -l |grep lxd   <- checking
$ sudo apt install lxd
$ dpkg -l |grep lxd   <- checking

$ sudo systemctl status lxd.service  <- checking
$ sudo systemctl start lxd.service
$ sudo systemctl enable lxd.service
$ sudo systemctl status lxd.service  <- checking
$ lxd --version
2.0.0
$ lxc --version
2.0.0
If you want to use bridged network, you install bridge-utils
sudo apt-get install bridge-utils
If you want to use zfs, you install zfsutils-linux.
sudo apt-get install zfsutils-linux


Preparation

Crete A New Bridge

/etc/network/interfaces

source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto br0
iface br0 inet dhcp
        bridge_ports enp0s3

iface enp0s3 inet manual
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto enp0s3
iface enp0s3 inet manual

auto br0
iface br0 inet dhcp
    bridge-ifaces enp0s3
    bridge-ports enp0s3
    ip link set enp0s3 up
source /etc/network/interfaces.d/*

auto lo
iface lo inet loopback

auto ens1f1
iface ens1f1 inet manual

auto br0
iface br0 inet static
  address 192.168.0.100
  network 192.168.0.0
  netmask 255.255.255.0
  gateway 192.168.0.1
  bridge_ports ens1f1

To enable packet forwarding for IPv4

# sysctl net.ipv4.ip_forward  < - checking the parameter
net.ipv4.ip_forward = 0
# vi /etc/sysctl.conf
...
net.ipv4.ip_forward=1
...
# sysctl -p
# sysctl net.ipv4.ip_forward  < - checking the parameter
net.ipv4.ip_forward = 1


Disable IPv6

$ sudo vi /etc/sysctl.conf
....
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
....
$ sudo sysctl -p


Disable iptalbes

$ sudo iptalbes -F
$ sudo iptables-save


Initialization

Initialization with Dialog

Example for bridged network
# ip a  <- check

# lxd init
Name of the storage backend to use (dir or zfs) [default=zfs]: 
Create a new ZFS pool (yes/no) [default=yes]? 
Name of the new ZFS pool [default=lxd]: 
Would you like to use an existing block device (yes/no) [default=no]? 
Size in GB of the new loop device (1GB minimum) [default=15]: 30
Would you like LXD to be available over the network (yes/no)? no
Do you want to configure the LXD bridge (yes/no)? yes

Would you like to setup a network bridge for LXD containers now? yes
Do you want to use an existing bridge? yes  
Bridge interface name:  br0

Do you want to setup an IPv4 subnet?
No

Do you want to setup an IPv6 subnet?
No

LXD has been successfully configured. 
Example for nat network
$ sudo lxd init
Name of the storage backend to use (dir or zfs) [default=dir]: dir
Would you like LXD to be available over the network (yes/no) [default=no]?no
Do you want to configure the LXD bridge (yes/no) [default=yes]?yes

Would you like to setup a network bridge for LXD containers now? yes
Do you want to use an existing bridge? yes  
Bridge interface name:  br0

Do you want to setup an IPv4 subnet?
No

Do you want to setup an IPv6 subnet?
No

LXD has been successfully configured. 



Reconfigure after Initialization

# dpkg-reconfigure -p medium lxd


Configuration for Profile

Commands Note
lxc profile list list of all available profiles
lxc profile show <profile> To see the content of a profile
lxc profile edit <profile> change profile
lxc profile apply <container> <profile1>,<profile2>,<profile3>,.. apply profile to container
Local configuration
Commands Note
lxc config show <container> read the container local configuration
lxc config show --expanded <container> including all the profile keys
lxc config edit <container>
lxc config set <container> <key> <value>

Configuration for Bridge Network

If you want to bridge network, you need to disable lxd-bridge and set the new bridge.

# lxc profile edit default
config: {}
description: Default LXD profile
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: br0      # change from lxdbr0 to br0
    type: nic
name: default



to set the container to privileged

# lxc profile edit default
.....
  security.privileged: "true"                                    <- add
.....

# lxc profile show default
config:
  environment.http_proxy: http://[fe80::1%eth0]:13128
  security.privileged: "true"                                    <- add
  user.network_mode: link-local
description: Default LXD profile
.....


How to Check Configuration

# lxc profile list
default
docker
# lxc profile show default
config: {}
description: Default LXD profile
devices:
  eth0:
    name: eth0
    nictype: bridged
    parent: lxdbr0      # change from lxdbr0 to br0
    type: nic
name: default
# lxc list --fast
+---------------+---------+--------------+----------------------+---------------------------+------------+
|     NAME      |  STATE  | ARCHITECTURE |      CREATED AT      |            PROFILES       |    TYPE    |
+---------------+---------+--------------+----------------------+---------------------------+------------+
| centos7-1     | STOPPED | x86_64       | 2017/06/16 11:59 UTC | default                   | PERSISTENT |
|               |         |              |                      | eth1_vlan10               |            |
+---------------+---------+--------------+----------------------+---------------------------+------------+
#
# lxc info
Generating a client certificate. This may take a minute...
If this is your first time using LXD, you should also run: sudo lxd init
To start your first container, try: lxc launch ubuntu:16.04

config:
  core.https_address: '[::]:8443'
  core.trust_password: true
apiextensions:
- id_map
apistatus: stable
apiversion: "1.0"
auth: trusted
public: false
environment:
  addresses:
  - xx.xx.xx.xx:8443
  - 192.168.122.1:8443
  architectures:
  - x86_64
  - i686
  certificate: |
....
root@ubuntu1604:~# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.0800272f3dc0       no              enp0s3
                                                        vethMW7EXV
lxcbr0          8000.00163e000000       no       




LXD Commands

Commands Note
lxc image list list container image
lxc image delete FINGERPRINT
lxc list list container
lxc list --fast Check container's profile
lxc info CONTAINER list container information
lxc start CONTAINER start container
lxc stop CONTAINER stop container
lxc restart CONTAINER restart container
lxc exec CONTAINER /bin/bash use container bash
lxc copy CONTAINER1 CONTAINER2 copy container
lxc delete CONTAINER delete container

check the lists

root@ubuntu1604:~# lxc remote list
+-----------------+------------------------------------------+---------------+--------+--------+
|      NAME       |                   URL                    |   PROTOCOL    | PUBLIC | STATIC |
+-----------------+------------------------------------------+---------------+--------+--------+
| images          | https://images.linuxcontainers.org       | simplestreams | YES    | NO     |
+-----------------+------------------------------------------+---------------+--------+--------+
| local (default) | unix://                                  | lxd           | NO     | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+
| ubuntu          | https://cloud-images.ubuntu.com/releases | simplestreams | YES    | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+
| ubuntu-daily    | https://cloud-images.ubuntu.com/daily    | simplestreams | YES    | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+
root@ubuntu1604:~# 

How to check images

Image server for LXC and LXD https://uk.images.linuxcontainers.org/

Proxy configuration
export http_proxy="http://xx.xx.xx.xx:XX"
export https_proxy="http://xx.xx.xx.xx:XX"
export ftp_proxy="http://xx.xx.xx.xx:XX"
root@ubuntu1604:~# lxc image list images:
root@ubuntu1604:~# lxc image list images: centos
+------------------------+--------------+--------+---------------------------------+--------+---------+------------------------------+
|         ALIAS          | FINGERPRINT  | PUBLIC |           DESCRIPTION           |  ARCH  |  SIZE   |         UPLOAD DATE          |
+------------------------+--------------+--------+---------------------------------+--------+---------+------------------------------+
| centos/6 (3 more)      | 549db7214381 | yes    | Centos 6 amd64 (20170504_02:16) | x86_64 | 65.42MB | May 4, 2017 at 12:00am (UTC) |
+------------------------+--------------+--------+---------------------------------+--------+---------+------------------------------+
| centos/6/i386 (1 more) | 28fb7504e3ed | yes    | Centos 6 i386 (20170504_02:16)  | i686   | 65.34MB | May 4, 2017 at 12:00am (UTC) |
+------------------------+--------------+--------+---------------------------------+--------+---------+------------------------------+
| centos/7 (3 more)      | 41c7bb494bbd | yes    | Centos 7 amd64 (20170504_02:16) | x86_64 | 65.33MB | May 4, 2017 at 12:00am (UTC) |
+------------------------+--------------+--------+---------------------------------+--------+---------+------------------------------+
root@ubuntu1604:~# 

How to create container

Proxy Configuration
# lxc config set core.proxy_http http://squid01.internal:3128
# lxc config set core.proxy_https http://squid01.internal:3128
# lxc config set core.proxy_ignore_hosts image-server.local
Download and Launch
# lxc launch ubuntu:16.04 ubuntu1
#lxc launch images:{distro}/{version}/{arch} {container-name-here}

#lxc launch images:ubuntu/xenial/amd64 ubuntu-nginx
#lxc launch images:oracle/7/amd64 oracle-proxy-c1

# lxc launch images:ubuntu/16.04/amd64 ubuntu16-1

# lxc launch images:centos/7/amd64 centos7-1
# lxc launch images:centos/6/amd64 centos6-1


How to check container

# lxc image list
+-------+--------------+--------+---------------------------------+--------+---------+------------------------------+
| ALIAS | FINGERPRINT  | PUBLIC |           DESCRIPTION           |  ARCH  |  SIZE   |         UPLOAD DATE          |
+-------+--------------+--------+---------------------------------+--------+---------+------------------------------+
|       | 41c7bb494bbd | no     | Centos 7 amd64 (20170504_02:16) | x86_64 | 65.33MB | May 13, 2017 at 2:21pm (UTC) |
+-------+--------------+--------+---------------------------------+--------+---------+------------------------------
# lxc list
+-----------+---------+---------------------+------+------------+-----------+
|   NAME    |  STATE  |        IPV4         | IPV6 |    TYPE    | SNAPSHOTS |
+-----------+---------+---------------------+------+------------+-----------+
| centos7-1 | RUNNING | 192.168.0.39 (eth0) |      | PERSISTENT | 0         |
+-----------+---------+---------------------+------+------------+-----------+
# lxc info centos7-1
Name: centos7-1
Remote: unix:/var/lib/lxd/unix.socket
Architecture: x86_64
Created: 2017/05/13 14:21 UTC
Status: Running
Type: persistent
Profiles: default
Pid: 1959
Ips:
  eth0: inet    192.168.0.39    vethFA2QK4
  eth0: inet6   fe80::216:3eff:fed2:f5fe        vethFA2QK4
  lo:   inet    127.0.0.1
  lo:   inet6   ::1
Resources:
  Processes: 10
  Memory usage:
    Memory (current): 41.29MB
    Memory (peak): 43.77MB
.....
# du -sh /var/lib/lxd/containers/CONTAINER/
420M

# less /var/lib/lxd/containers/CONTAINER/metadata.yaml
root@ubuntu1604:/var/lib/lxd/containers/centos7-1# lxc exec centos7-1  -- free -m
              total        used        free      shared  buff/cache   available
Mem:            488          15         459           6          13         459
Swap:           511           1         510
root@ubuntu1604:/var/lib/lxd/containers/centos7-1# free -m
              total        used        free      shared  buff/cache   available
Mem:            488          76          93           6         318         374
Swap:           511           1         510
root@ubuntu1604:/var/lib/lxd/containers/centos7-1# 


root@ubuntu1604:/var/lib/lxd/containers/centos7-1# lxc exec centos7-1  -- df -h
Filesystem                       Size  Used Avail Use% Mounted on
/dev/mapper/ubuntu1604--vg-root   14G  1.9G   12G  15% /
none                             492K     0  492K   0% /dev
udev                             225M     0  225M   0% /dev/tty
tmpfs                            245M     0  245M   0% /dev/shm
tmpfs                            245M  4.1M  241M   2% /run
tmpfs                            245M     0  245M   0% /sys/fs/cgroup
root@ubuntu1604:/var/lib/lxd/containers/centos7-1# df -h
Filesystem                       Size  Used Avail Use% Mounted on
udev                             225M     0  225M   0% /dev
tmpfs                             49M  2.0M   47M   5% /run
/dev/mapper/ubuntu1604--vg-root   14G  1.9G   12G  15% /
tmpfs                            245M     0  245M   0% /dev/shm
tmpfs                            5.0M     0  5.0M   0% /run/lock
tmpfs                            245M     0  245M   0% /sys/fs/cgroup
/dev/sda1                        472M   57M  391M  13% /boot
tmpfs                             49M     0   49M   0% /run/user/1000
root@ubuntu1604:/var/lib/lxd/containers/centos7-1# 


Autostarting LXD containers

# lxc config set CONTAINER boot.autostart 0   <-  1 enabled, 0 disabled
# lxc config show CONTAINER |grep autostart
  boot.autostart: "0"
#


How to create Image Server

## img-server1(192.168.1.11)
img-server1 $ lxc config set core.https_address 192.168.1.11
img-server1 $ lxc config set core.trust_password TEST

## host1(192.168.1.12)
host1 $ lxc remote add  img-server1 192.168.1.11
host1 $ lxc image list img-server1:


Tips

How to mount shared directory of Host

lxc config device add CONTAINER NAME disk path=/mnt source=/mnt


Refelences




middleware/virtualization/lxd/index.html.txt ยท Last modified: 2017/06/29 by admin