wanting to clarify the simplest recipe to create an LXC container

Robert P. J. Day rpjday at crashcourse.ca
Tue Sep 20 22:45:22 UTC 2011 

  i'm currently working on a project that requires, among other
things, using LXC containers, and i'd like to clarify the simplest set
of commands i can use to create a container, test it, then delete it,
with all of this on a running 11.04 system so that everything else
keeps running.  i'm currently working off of this tutorial:

  http://www.ibm.com/developerworks/linux/library/l-lxc-containers/

which *seems* fairly straightforward but i just want to run this by
folks to see if i've misunderstood anything before i do something
awesomely stupid.

  first, install the "lxc" package, which can't possibly do any harm
by the mere action of installing, so it's now in.

  next, since cgroup is not currently mounted, mount it (under the
assumption that simply mounting that won't affect the current system,
right?)

  $ sudo mkdir /cgroup
  $ sudo mount -t cgroup cgroup /cgroup

so far, so good.

  now, as i read it, there are two types of containers i can create --
a custom container and an ssh container, which is much smaller.  for
simplicity, i'll go with the ssh container when i have to make that
choice.

  now, having installed the lxc package, i can check the state of my
system to see if it's ready for containers:

=====

$ lxc-checkconfig
Kernel config /proc/config.gz not found, looking in other places...
Found kernel config file /boot/config-2.99.99-07393-g140d0b2-dirty
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Multiple /dev/pts instances: enabled

--- Control groups ---
Cgroup: enabled
Cgroup namespace: missing
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
File capabilities: enabled

=====

  the only thing missing is "Cgroup namespace" which i don't *think*
is essential but i'm willing to be corrected, so i'm just going to
carry on.

  at this point, my main concern is proper networking and, as i read
it, that tutorial explains how to set up bridge networking so that my
container has access to the outside world, correct?  i'd rather have a
separate internal (virtual?) network, so is there a recipe for that?

  everything up to this point seems fine, i'm just not sure how i
would tweak that tutorial to get the networking i want (if that is, in
fact, what i want since this is new to me).

  thoughts on how to continue?  thanks.

rday

-- 

========================================================================
Robert P. J. Day                                 Ottawa, Ontario, CANADA
                        http://crashcourse.ca

Twitter:                                       http://twitter.com/rpjday
LinkedIn:                               http://ca.linkedin.com/in/rpjday
========================================================================

More information about the ubuntu-users mailing list