У меня стоит LXC-v4. Для начала нужно запустить: # systemctl start lxc # systemctl start lxc-auto Потом посмотреть основные файлики конфигов: #/etc/default/lxc-net # Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your # containers. Set to "false" if you'll use virbr0 or another existing # bridge, or mavlan to your host's NIC. USE_LXC_BRIDGE="true" # If you change the LXC_BRIDGE to something other than lxcbr0, then # you will also need to update your /etc/lxc/default.conf as well as the # configuration (/var/lib/lxc/<container>/config) for any containers # already created using the default config to reflect the new bridge # name. # If you have the dnsmasq daemon installed, you'll also have to update # /etc/dnsmasq.d/lxc and restart the system wide dnsmasq daemon. LXC_BRIDGE="br0" #LXC_ADDR="10.0.11.1" #LXC_NETMASK="255.255.255.0" #LXC_NETWORK="10.0.11.0/24" #LXC_DHCP_RANGE="10.0.11.2,10.0.11.30" #LXC_DHCP_MAX="29" # Uncomment the next line if you'd like to use a conf-file for the lxcbr0 # dnsmasq. For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have # container 'mail1' always get ip address 10.0.3.100. #LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf # Uncomment the next line if you want lxcbr0's dnsmasq to resolve the .lxc # domain. You can then add "server=/lxc/10.0.3.1' (or your actual $LXC_ADDR) # to your system dnsmasq configuration file (normally /etc/dnsmasq.conf, # or /etc/NetworkManager/dnsmasq.d/lxc.conf on systems that use NetworkManager). # Once these changes are made, restart the lxc-net and network-manager services. # 'container1.lxc' will then resolve on your host. #LXC_DOMAIN="lxc" И еще: #/etc/lxc/default.conf #lxc.net.0.type = empty lxc.net.0.type = veth lxc.net.0.name = veth0 lxc.net.0.link = br0 lxc.net.0.flags = up #lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx lxc.uts.name = centos lxc.start.auto = 1 # support to run unprivileged containers lxc.idmap = u 0 100000 65536 lxc.idmap = g 0 100000 65536 # Для непривелигированных: #/etc/subuid root:100000:65536 #/etc/subgid root:100000:65536 Запускать непривилегированные нужно так: # Run Unprivileged $ systemd-run --user --scope -p "Delegate=yes" lxc-start -n container_name У каждого LXC-контейнера есть свой конфиг, где можно сделать маунты: #/var/lib/lxc/CONTAINER_NAME/config lxc.mount.entry = /var/cache/pacman/pkg var/cache/pacman/pkg none bind 0 0 # privileged containers lxc.mount.entry = tmpfs tmp tmpfs defaults Далее и наконец-то - рабочие команды: Сначала - создание/удаление: # Ручной выбор # lxc-create -n CONTAINER_NAME -t download # lxc-create -n CONTAINER_NAME -t download -- --dist archlinux --release current --arch amd64 # lxc-destroy -n CONTAINER_NAME Потом - администрирование: # lxc-ls -f # lxc-start -n CONTAINER_NAME # lxc-stop -n CONTAINER_NAME # lxc info --show-log CONTAINER_NAME # lxc-attach -n CONTAINER_NAME --clear-env # lxc-console -n CONTAINER_NAME -t 0 Еще очень полезно - снимки и клоны: # spanshot # lxc-copy -n CONTAINER_NAME -N snap1 -B overlayfs -s # lxc-copy -n CONTAINER_NAME -N snap2 -B overlayfs -s # lxc-destroy -n snap1 -f # clone # lxc-copy -n CONTAINER_NAME -N CLONE_NAME -B dir Для переноса контейнера на другой хост используются некоторые ВАЖНЫЕ флаги: # lxc-stop -n CONTAINER_NAME # tar --numeric-owner -czvf lxc.tgz /var/lib/lxc/<YOUR-CONTAINER-NAME> # rsync -avh lxc.tgz user@newserver:/var/lib/lxc/ # tar --numeric-owner -xzvf lxc.tgz # lxc-start -n CONTAINER_NAME
Linux/Windows Справочник v0.05 © 2007-2024 Igor Salnikov aka SunDoctor