In case you missed it, Canonical relicensed LXD under AGPLv3 in December 2023 with a mandatory CLA. The LXD project was hard forked as Incus and licensed under an Apache 2.0 License.
Incus is maintained by the same team of developers that first created LXD and is recommended for new users going forward.
Borrowed from here.
There are two options currently available to Debian users.
- A native
incuspackage is currently available in the Debian testing and unstable repositories. This package will be featured in the upcoming Debian 13 (trixie) release.apt install incus
- Zabbly provides up to date and supported Incus packages for Debian stable releases (11 and 12). Those packages contain everything needed to use all Incus features.
Up to date installation instructions may be found here:
https://github.com/zabbly/incus
The example config below uses the dir storage driver.
π‘ If you have different needs, just run
incus admin initinteractively and adjust accordingly.
incus admin init --preseed << EOF
---
config: {}
networks: []
storage_pools:
- config: {}
description: ""
name: default
driver: dir
profiles:
- config: {}
description: ""
devices:
root:
path: /
pool: default
type: disk
name: default
projects: []
cluster: null
EOFπ‘ The current stable release of Flatcar Container Linux can be found here.
export CHANNEL="stable"
export VERSION="3815.2.0"
export IMAGE_BASENAME="flatcar_production_qemu_uefi"
export OVMF_DIR="/opt/incus/share/qemu"π‘ Flatcar does not yet officially support UEFI secure boot: flatcar/Flatcar#501 There is a PR in-progress that can produce an image which secure boots but it is not yet signed by a UEFI CA.
wget "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/${VERSION}/${IMAGE_BASENAME}_image.img"
wget -O "${OVMF_DIR}/${IMAGE_BASENAME}_efi_code.fd" "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/${VERSION}/${IMAGE_BASENAME}_efi_code.fd"
wget -O "${OVMF_DIR}/${IMAGE_BASENAME}_efi_vars.fd" "https://${CHANNEL}.release.flatcar-linux.net/amd64-usr/${VERSION}/${IMAGE_BASENAME}_efi_vars.fd"chmod 0444 "${OVMF_DIR}/${IMAGE_BASENAME}_efi_code.fd"
chmod 0644 "${OVMF_DIR}/${IMAGE_BASENAME}_efi_vars.fd"cat << EOF > metadata.yaml
---
architecture: x86_64
creation_date: $(date +%s)
properties:
description: ${IMAGE_BASENAME}_image
os: Flatcar
release: ${VERSION}
EOF
tar -cvzf metadata.tar.gz metadata.yamlincus image import metadata.tar.gz "${IMAGE_BASENAME}_image.img" --alias "flatcar/${VERSION}"This profile is configured for 16GiB of memory, 2 CPUs with pinned-affinity, 16GiB root disk, setting the instance to autostart on boot and disabling secureboot as the EFI image of Flatcar we're using is unsigned. It uses some advanced directives for overridng the generated qemu and apparmor configuration.
π‘ For a full list of instance options, see here. If you're unsure what to set here, you can always change this later.
incus profile create flatcar
incus profile edit flatcar << EOF
---
config:
limits.memory: 16GiB
limits.cpu: 0,1
boot.autostart: true
raw.apparmor: |-
${OVMF_DIR}/${IMAGE_BASENAME}_efi_code.fd rk,
${OVMF_DIR}/${IMAGE_BASENAME}_efi_vars.fd rwk,
raw.qemu: |-
-drive if=pflash,format=raw,file="${OVMF_DIR}/${IMAGE_BASENAME}_efi_code.fd,readonly=on"
-drive if=pflash,format=raw,file="${OVMF_DIR}/${IMAGE_BASENAME}_efi_vars.fd"
raw.qemu.conf: |-
[drive][0]
[drive][1]
security.secureboot: "false"
description: Flatcar
devices:
eth0:
name: eth0
nictype: bridged
parent: br0
type: nic
root:
path: /
pool: default
type: disk
size: 16GiB
name: flatcar
used_by:
EOFπ‘ If you weren't sure what to define for
limits.*above, you can pass--typeand specify an AWS, GCE, or Azure instance type.
incus launch --profile flatcar --vm local:"flatcar/${VERSION}" flatcarπ‘
Ctrl-a, qto escape
incus console flatcarπ‘ You can edit your existing profile with
incus profile edit flatcar
You may want to review the boot-related options in the LXD Documentation to control startup/shutdown and prioritization.
Incus will assign your instance a random MAC address. You can override this property after the instance has launched with:
π‘ The first octet of your locally administered MAC address should be either
x2,x6,xA, orxE.
incus config device override flatcar eth0 hwaddr=01:02:03:aa:bb:cc
You can do this at launch time with the --device flag:
incus launch --profile flatcar --vm local:"flatcar/${VERSION}" flatcar --device eth0,hwaddr="01:02:03:aa:bb:cc"
Thank you for your help, I'm just experimenting a bit with it.
Yeah I forgot to mention, I didn't follow the guide but used it as reference to try it on proxmox as a proxmox container that is based on lxc and not lxd. It's cool that there are images for a container os as lxc and people who got it work.
I got network working by configuring eth0.network inside the lxc, not sure why the lxc options aren't working
I'm still trying to find a way to implement the raw.* Configurations in lxc
Btw, does the lxc image have tools like docker installed or does it get installed after ignition once ran? The template doesn't have any docker stuff in it and was very plain but a core user was already present but many tools couldn't work without creating directories, files or filling out files.
This could also be a limitiation of lxc but I thought they were more similar but I had to symlink /usr/sbin to /sbin and stuff to get the os booting.
I haven't really used flatcar yet but I'll test the normal image in a vm tomorrow to see the official result but I used similar oses before like opensuse microos and I'm hoping to replace that with flatcar.
Dealing with podman problems and enforcing selinux got annyoing