-
-
Save ca4ti/de0cf549a3d388103daa7453a57c71f8 to your computer and use it in GitHub Desktop.
LXD Usage
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Docs - LXD Helpful Docs: | |
https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/ | |
https://www.flockport.com/flockport-first-look-at-lxd/ | |
http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/ | |
Docs - Installation: | |
http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/ | |
Docs - API: | |
https://linuxcontainers.org/lxd/getting-started-cli/ | |
Docs - Images: | |
https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/ | |
Installation: | |
# apt install lxd -y | |
# newgrp lxd | |
# lxd init | |
# /etc/init.d/lxd restart | |
Images: Setting up Remote Repository for Images: | |
# lxc remote list | |
# lxc remote add <repo-name> <endpoint> | |
# lxc remote add images images.linuxcontainers.org | |
Images: Listing remote images from the repo that was created: | |
# lxc image list images: | |
Images: Listing images from Ubuntu repo: | |
# lxc image list ubuntu: | |
Images: you can have multiple lxd nodes, all pointing to one central lxd image repostiry | |
# lxc remote add 10.79.1.1 'lxd-node-1' --password='password' | |
# lxc list lxd-node-1: | |
Images: Importing image to your local image repository | |
# lxc image copy images:debian/jessie/amd64 local: --alias debian-jessie --auto-update | |
Launch: Launch a container without starting it: | |
# lxc init images:16.04 ubuntu-16 | |
# lxc init local:<image-name> <your-container-name> (creating a container from your local repo) | |
Launch: Start a container: | |
# lxc launch images:16.04 ubuntu-16 (create container and launch) | |
Controlling: Controlling a Container | |
# lxc list (lists all containers) | |
# lxc list lxd-master-1: (lists containers on lxd-master-1 from a remote node) | |
# lxc start <container-name> | |
# lxc stop <container-name> | |
# lxc delete <container-name> --force (stops it for you, then delete) | |
Controlling: Access a container: | |
# lxc exec mycontainer /bin/bash | |
Controlling: Executing commands from the host: | |
# lxc exec mycontainer -- ifconfig | |
Copy: Making a exact copy of the container: | |
# lxc copy mycontainer mycontainer2 | |
Storage: Add shared disk/paths | |
# --> https://www.stgraber.org/2016/04/25/lxd-2-0-live-migration-912/ | |
# chown 100000:100000 /tmp/shared | |
# lxc config device add mycontainer sharedtmp disk \ | |
path=/tmp/shared source=/tmp/shared | |
# --> http://insights.ubuntu.com/2016/03/14/the-lxd-2-0-story-prologue/ | |
Publish Images to your store from created containers: | |
# --> https://www.stgraber.org/2016/03/30/lxd-2-0-image-management-512/ | |
# lxc publish mycontainer --alias="myimage-mycontainer" | |
Published Images: Editing metadata | |
# lxc image edit myimage | |
autoupdate: false | |
properties: | |
description: My Description of mycontainer | |
public: false | |
Export: Exporting Images | |
# lxc image export local:test1 . | |
Output is in . | |
root@lxd:/home/ubuntu/n# ls | |
767a2bafeaef7cc7d140bbde9a0d598f3aa561f8313cc6b01bc4e9c991f85f56.tar.xz | |
meta-767a2bafeaef7cc7d140bbde9a0d598f3aa561f8313cc6b01bc4e9c991f85f56.tar.xz | |
Export/Import: | |
# lxc image export mycontainer myc-2016-11-01 | |
# lxc image import myc-2016-11-01 | |
Import: | |
# lxc image list local: | |
# lxc image alias create local:test1 767a2bafeaef | |
# lxc image import <metadata tarball> <rootfs tarball> --alias some-name | |
Profiles: | |
# -- > https://www.flockport.com/flockport-first-look-at-lxd/ | |
# lxc profile get default limits.cpu | |
# lxc profile show default | |
# lxc profile device get default eth0 nictype | |
Profiles: Create new profile | |
# lxc profile create myprofile1 | |
# lxc profile device add myprofile1 eth0 nic nictype=bridged parent=lxcbr0 | |
# lxc profile device add myprofile1 tuntap unix-char path=/dev/net/tun | |
# lxc config device add myprofile1 eth0 nic nictype=macvlan parent=eth0 | |
# lxc init ubuntu my-container -p myprofile1 | |
Controlling Resources: | |
# lxc config set myct limits.cpu 1 | |
# lxc config set myct limits.memory 512MB | |
# lxc config set myct limits.memory.swap false | |
# --> https://www.stgraber.org/2016/03/26/lxd-2-0-resource-control-412/ | |
Privileged Containers: | |
# lxc launch <image-name> <ctname> | |
# lxc stop ctname --force | |
# lxc config set ctname security.privileged true | |
# lxc config device add dokku-alt tun unix-char path=/dev/net/tun (Adding Tun/Tap) | |
# lxc start ctname | |
# debian issue: | |
apt-get install --reinstall -y systemd dbus | |
Snapshots: Create a snapshot | |
# lxc snapshot mycontainer mycontainer-backup1 | |
Snapshots: Create container from snapshot | |
# lxc copy local:mycontainer/mycontainer-backup1 newcontainer | |
== Networking: | |
OpenVSwitch to have networking between hosts | |
https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/ | |
https://www.flockport.com/lxc-networking-guide/ (DHCP) | |
== Docker in LXD: | |
https://insights.ubuntu.com/2016/04/15/docker-1-10-with-fan-networking-in-ubuntu-16-04-for-every-architecture/ | |
== Overlay on LXD: | |
https://wiki.ubuntu.com/FanNetworking | |
https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/ | |
https://www.flockport.com/lxc-networking-guide/ | |
https://insights.ubuntu.com/2016/04/15/docker-1-10-with-fan-networking-in-ubuntu-16-04-for-every-architecture/ | |
https://lxadm.com/Unicast_VXLAN:_overlay_network_for_multiple_servers_with_dozens_of_containers | |
https://www.flockport.com/simplify-container-networking-with-ubuntu-fan-project/ | |
https://lxadm.com/Unicast_VXLAN:_overlay_network_for_multiple_servers_with_dozens_of_containers | |
https://www.flockport.com/build-layer2-and-layer-3-overlay-networks-with-peervpn/ | |
== Peer VPN | |
wget http://peervpn.net/files/peervpn-0-044.tar.gz | |
tar -xvf peervpn-0-044.tar.gz | |
apt-get install gcc make openssl libssl-dev -y | |
cd peervpn-0-044 | |
#side a | |
cat > peervpn.conf << EOF | |
networkname lxdnet | |
psk random-secret-value | |
enabletunneling yes | |
interface peervpn0 | |
ifconfig4 10.254.99.2/24 | |
port 7000 | |
initpeers 172.10.20.5 7000 | |
EOF | |
# side b | |
cat > peervpn.conf << EOF | |
networkname lxdnet | |
psk random-secret-value | |
enabletunneling yes | |
interface peervpn0 | |
ifconfig4 10.254.99.3/24 | |
port 7000 | |
initpeers 172.10.20.6 7000 | |
EOF | |
make | |
make install | |
screen | |
./peervpn peervpn.conf | |
ip link set dev peervpn0 master lxdbr0 | |
/etc/init.d/lxd restart | |
ip link show |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment