92 lines
3.0 KiB
Bash
92 lines
3.0 KiB
Bash
# NB. cgmanager for nested unprivileged containers has been deprecated (dbus usage was a bad idea)
|
|
# in favor of lxcfs on older kernels or the kernels CGroup Namespace on newer, expect lxcfs to go
|
|
# the same way as cgmanager, just use newer kernels.
|
|
|
|
apt-get install lxc lxcfs dnsmasq
|
|
|
|
# lxc-net configuration sourced from /usr/lib/x86_64-linux-gnu/lxc/lxc-net which contains the default values which means your bridge will be given a subnet of 10.0.3.0.
|
|
|
|
# The defaults, lets explicitly put them in /etc/default/lxc-net so we know where and what to change.
|
|
cat > /etc/default/lxc-net << 'EOF'
|
|
USE_LXC_BRIDGE="true"
|
|
LXC_BRIDGE="lxcbr0"
|
|
LXC_BRIDGE_MAC="00:16:3e:00:00:00"
|
|
LXC_ADDR="10.0.3.1"
|
|
LXC_NETMASK="255.255.255.0"
|
|
LXC_NETWORK="10.0.3.0/24"
|
|
LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"
|
|
LXC_DHCP_MAX="253"
|
|
LXC_DHCP_CONFILE=""
|
|
LXC_DOMAIN=""
|
|
|
|
LXC_IPV6_ADDR=""
|
|
LXC_IPV6_MASK=""
|
|
LXC_IPV6_NETWORK=""
|
|
LXC_IPV6_NAT="false"
|
|
EOF
|
|
|
|
# Create template for new containers
|
|
# NB. For some reason lxc.network* will be replaced by lxc.net* in the configuration files below
|
|
|
|
# The /etc/lxc/default.conf only has one line at install:
|
|
## lxc.network.type = empty
|
|
# Just to make sure we don't squash future additions let change and append
|
|
sed -i 's,^\(lxc.network.type = \).*,\1'veth',' /etc/lxc/default.conf
|
|
|
|
# Newly created containers will be using the lxcbr0 bridge created by the lxc-net service.
|
|
cat >> /etc/lxc/default.conf << 'EOF'
|
|
lxc.network.link = lxcbr0
|
|
lxc.network.flags = up
|
|
lxc.network.hwaddr = 00:16:3e:xx:xx:xx
|
|
lxc.network.ipv4 = 0.0.0.0/24
|
|
EOF
|
|
|
|
#Uncomment net.ipv4.ip_forward
|
|
sed -i -- 's/#net.ipv4.ip_forward/net.ipv4.ip_forward/g' /etc/sysctl.conf
|
|
#Change value of net.ipv4.ip_forward if not already 1
|
|
sed -i 's,^\(net.ipv4.ip_forward=\).*,\1'1',' /etc/sysctl.conf
|
|
#Activate on current system
|
|
echo 1 > /proc/sys/net/ipv4/ip_forward
|
|
|
|
|
|
/etc/init.d/lxc-net restart
|
|
|
|
# Other configuration in:
|
|
## /usr/share/lxc/config/
|
|
|
|
## /usr/share/lxm/config/common.conf.d
|
|
# This directory can be used by packages and users to dump LXC
|
|
# configuration snippets which will then be used by all containers using
|
|
# the common.conf configuration file (directly or indirectly).
|
|
#
|
|
#Configuration files must end with the .conf suffix and LXC will include
|
|
#those in alphabetical order.
|
|
|
|
# Needed for live migrate
|
|
apt-get install criu
|
|
|
|
## then you can:
|
|
# lxc launch ubuntu $somename
|
|
# sleep 5s # let the container get to an interesting state
|
|
# lxc move host1:$somename host2:$somename
|
|
|
|
# But it would be nicer to use zfs features
|
|
|
|
# Add devuan template
|
|
# https://git.devuan.org/gregolsen/lxc-devuan
|
|
cd /var/tmp
|
|
git clone https://git.devuan.org/gregolsen/lxc-devuan.git
|
|
cp /var/tmp/lxc-devuan/templates/* /usr/share/lxc/templates/
|
|
cp /var/tmp/lxc-devuan/config/* /usr/share/lxc/config/
|
|
rm -rf /var/tmp/lxc-devuan
|
|
|
|
# LXC ZFS backingstore (amd64)
|
|
# no mount point need on create as it is created on init
|
|
# zfs create -o ${POOL_NAME}/lxc
|
|
|
|
POOL_NAME=rpool
|
|
echo "lxc.bdev.zfs.root = ${POOL_NAME}/lxc" >> /etc/lxc/lxc.conf
|
|
|
|
# Now you can use -B zfs
|
|
# lxc-create -t devuan -n devuan-jessie-box2 -B zfs
|