LXC Configure Ubuntu Lucid Containers
In this post I will demonstrate how to use debootstrap to make a root file system (rootfs) for a LXC container using Ubuntu Lucid (10.04).
Note: At the time of this post, Lucid (Ubuntu 10.04) is in the Alpha stage of development. As with all development releases, breakage may occur.
Commands in this tutorial are run as root, so to obtain a root shell use:
sudo -i
The working directory for this tutorial is /home/bodhi/lxc , so config.ubuntu and rootfs.ubuntu are both located in /home/bodhi/lxc
Make a rootfs via debootstrap
debootstrap –variant=minbase lucid rootfs.ubuntu # two – - in front of “- -variant”
Configure the container
Copy resolv.conf from host node to container
cp /etc/resolv.conf rootfs.ubuntu/etc
Fix devices in rootfs.ubuntu/dev
udev does not run in lxc containers, so you need to manually make the needed devices.
I use this script to configure the devices:
#!/bin/bash
# bodhi.zazen's lxc-config
# Makes default devices needed in lxc containers
# modified from http://lxc.teegra.net/
ROOT=$(pwd)
DEV=${ROOT}/dev
if [ $ROOT = '/' ]; then
printf "\033[22;35m\nDO NOT RUN ON THE HOST NODE\n\n"
tput sgr0
exit 1
fi
if [ ! -d $DEV ]; then
printf "\033[01;33m\nRun this script in rootfs\n\n"
tput sgr0
exit 1
fi
rm -rf ${DEV}
mkdir ${DEV}
mknod -m 666 ${DEV}/null c 1 3
mknod -m 666 ${DEV}/zero c 1 5
mknod -m 666 ${DEV}/random c 1 8
mknod -m 666 ${DEV}/urandom c 1 9
mkdir -m 755 ${DEV}/pts
mkdir -m 1777 ${DEV}/shm
mknod -m 666 ${DEV}/tty c 5 0
mknod -m 666 ${DEV}/tty0 c 4 0
mknod -m 666 ${DEV}/tty1 c 4 1
mknod -m 666 ${DEV}/tty2 c 4 2
mknod -m 666 ${DEV}/tty3 c 4 3
mknod -m 666 ${DEV}/tty4 c 4 4
mknod -m 600 ${DEV}/console c 5 1
mknod -m 666 ${DEV}/full c 1 7
mknod -m 600 ${DEV}/initctl p
mknod -m 666 ${DEV}/ptmx c 5 2
exit 0
The script is very slightly modified from This page and is saved in /usr/local/bin/lxc-config .
Make it executable :
chmod u+x /usr/local/bin/lxc-config
Run the script in rootfs.ubuntu
cd rootfs.ubuntu
/usr/local/bin/lxc-config # fix /dev
Generate a config file
I call it config.ubuntu . Make sure the following information is accurate:
container name (lxc.utsname)
network (lxc.network.ipv4)
rootfs (lxc.rootfs)
lxc.utsname = ubuntu
lxc.tty = 4
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.network.mtu = 1500
lxc.network.ipv4 = 192.168.0.0/24
lxc.rootfs = /home/bodhi/lxc/rootfs.ubuntu
lxc.cgroup.devices.deny = a
# /dev/null and zero
lxc.cgroup.devices.allow = c 1:3 rwm
lxc.cgroup.devices.allow = c 1:5 rwm
# consoles
lxc.cgroup.devices.allow = c 5:1 rwm
lxc.cgroup.devices.allow = c 5:0 rwm
lxc.cgroup.devices.allow = c 4:0 rwm
lxc.cgroup.devices.allow = c 4:1 rwm
# /dev/{,u}random
lxc.cgroup.devices.allow = c 1:9 rwm
lxc.cgroup.devices.allow = c 1:8 rwm
# /dev/pts/* - pts namespaces are "coming soon"
lxc.cgroup.devices.allow = c 136:* rwm
lxc.cgroup.devices.allow = c 5:2 rwm
# rtc
lxc.cgroup.devices.allow = c 254:0 rwm
Modify the rootfs
chroot into rootfs.ubuntu and configure
chroot rootfs.ubuntu
apt-get install --force-yes -y gpgv # two - - in front of "--force-yes"
apt-get update
# set locales
apt-get install -y language-pack-en
update-locale LANG=”en_US.UTF-8″ LANGUAGE=”en_US.UTF-8″ LC_ALL=”en_US.UTF-8″
# Add to the installed applications
apt-get install -y adduser apt-utils iproute netbase nano openssh-blacklist openssh-blacklist-extra openssh-server console-setup sudo ping
#Set a root passwd
passwd
# As an alternate to setting a root password, you may of course add a new user and configure sudo.
#exit chroot
exit
Configure networking
edit rootfs.ubuntu/etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.0.60
netmask 255.255.255.0
broadcast 192.168.0.255
gateway 192.168.0.1
Remove tty4, 5, & 6
rm rootfs.ubuntu/etc/init/tty{4,5,6}.conf
Fix /var/run/network/ifstate
mkdir -p rootfs.ubuntu/var/run/network
touch rootfs.ubuntu/var/run/network/ifstate
Add a directory to allow ssh user privilege separation
mkdir -p rootfs.ubuntu/var/run/sshd
Edit rootfs.ubuntu/lib/init/fstab
Using any editor, open rootfs.ubuntu/lib/init/fstab and comment out the following lines:
#none /proc proc nodev,noexec,nosuid 0 0
#none /sys sysfs nodev,noexec,nosuid 0 0
#none /dev devtmpfs,tmpfs mode=0755 0 0
Edit rootfs.ubuntu/etc/init/rc-sysinit.conf
Using any editor, open rootfs.ubuntu/etc/init/rc-sysinit.conf, look for the line
start on filesystem and net-device-up IFACE=lo
and change it to
start on filesystem # and net-device-up IFACE=lo
Add an init (upstart) script
Using any editor, make a file rootfs.lucid/etc/init/lxc.conf and add:
# LXC – Fix init sequence to have LXC containers boot with upstart
# description “Fix LXC container - Lucid”
start on startup
task
pre-start script
mount -t proc proc /proc
mount -t devpts devpts /dev/pts
mount -t sysfs sys /sys
mount -t tmpfs varrun /var/run
mount -t tmpfs varlock /var/lock
mkdir -p /var/run/network
touch /var/run/utmp
chmod 664 /var/run/utmp
chown root.utmp /var/run/utmp
if [ "$(find /etc/network/ -name upstart -type f)" ]; then
chmod -x /etc/network/*/upstart || true
fi
end script
script
start networking
initctl emit filesystem --no-wait
initctl emit local-filesystems --no-wait
initctl emit virtual-filesystems --no-wait
init 2
end script
Configure and start the container
Create the container:
lxc-create -f /home/bodhi/lxc/conf.ubuntu -n ubuntu
lxc-start -n ubuntu
You should now be able to access the container with either lxc-console or ssh
ssh root@192.168.0.60
lxc-console -n ubuntu
Update: The lucid container now boots with the -d option .
Posted in Linux
[...] See original here: Shadows of epiphany » Blog Archive » LXC Configure Ubuntu Lucid … [...]
Pingback by Shadows of epiphany » Blog Archive » LXC Configure Ubuntu Lucid … | Just linux! — February 5, 2010 @ 4:50 am