LXC Alpinelinux Simple: Difference between revisions

From Alpine Linux
(LXC_Alpinelinux_Simple created)
 
m (alpinelinux to Alpine Linux)
 
(6 intermediate revisions by the same user not shown)
Line 6: Line 6:


=== Objective ===
=== Objective ===
# Install Alpinelinux.
# Install Alpine Linux.
# Install LXC and its dependencies.
# Install LXC and its dependencies.
# Download required files.
# Download required files.
Line 15: Line 15:
{{Pill||WIP|goldenrod|yellow}}
{{Pill||WIP|goldenrod|yellow}}
* Describe here the test bed/setup used to run the scripts below.
* Describe here the test bed/setup used to run the scripts below.
# MODEL: Dell Laptop.
# CPUs
## CPU: Intel i5 2nd generation.
## CPU: Intel i5 3rd generation with virtualization enabled (2nd setup).
# RAM: 8GB


==== Install Alpinelinux ====
==== Install Alpine Linux ====
# Diskless installs (Ram based)
# Diskless installs (Ram based)
# SYS installs
# SYS installs


{{tip| - for further setup to work correctly, its assumed that alpinelinux installed in done for version between ''v3.21.x and v3.22.x''}}
{{tip| - for further setup to work correctly, its assumed that Alpine Linux installed in done for version between ''v3.21.x and v3.22.x''}}


==== Install LXC and its dependencies ====
==== Install LXC and its dependencies ====
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
Install the required packages (as root):
Install the required packages (as root):
{{Cmd2|apk add lxc lxcfs bridge}}
{{Cmd2|apk add lxc lxcfs lxc-templates-legacy-alpine bridge}}


==== Setup LXC ====
==== Setup LXC ====
{{Pill||-v3.22.x|cadetblue|lightblue}}
{{Pill||-v3.22.x|cadetblue|lightblue}}
Get required files (as root):
Get/set required files (as root):
{{Cmd2|cd /var/lib/lxc/
{{Cmd2|cd ~
wget https://dl-cdn.alpinelinux.org/v3.21/releases/x86_64/alpine-minirootfs-3.21.1-x86_64.tar.gz
cd /var/lib/lxc/
mkdir -p guest1/rootfs
mkdir -p guest1/rootfs
cd guest1/rootfs
cd guest1/rootfs
Line 46: Line 53:
Content of /etc/lxc/bridgenat.conf. (Not needed for manual setup)
Content of /etc/lxc/bridgenat.conf. (Not needed for manual setup)
<pre>
<pre>
  lxc.net.0.type = veth
lxc.net.0.type = veth
  lxc.net.0.flags = up
lxc.net.0.flags = up
  lxc.net.0.link = br0
lxc.net.0.link = br0
  lxc.net.0.name = eth1
lxc.net.0.name = eth1
  lxc.net.0.ipv4.address = 192.168.10.2/24 192.168.1.255
lxc.net.0.ipv4.address = 192.168.10.2/24 192.168.10.255
  lxc.net.0.ipv4.gateway = 192.168.10.1
lxc.net.0.ipv4.gateway = 192.168.10.1
  lxc.net.0.veth.pair = veth-if-10
lxc.net.0.veth.pair = veth-if-10
</pre>
</pre>


{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
Content of guest1/config
Content of guest1/config (need to create once)
<pre>
<pre>
  # config file that was generated using  
# default config file that was generated using
  # 'lxc-create -n alpine -f /etc/lxc/bridgenat.conf -t alpine'
# 'lxc-create -n alpine -f /etc/lxc/bridgenat.conf -t alpine'
# config below was modified to a simpler manual setup


  lxc.net.0.type = veth
lxc.net.0.type = veth
  lxc.net.0.flags = up
lxc.net.0.flags = up
  lxc.net.0.link = br0
lxc.net.0.link = br0
  lxc.net.0.name = eth1
lxc.net.0.name = eth1
    
    
  lxc.net.0.ipv4.address = 192.168.10.10/24 192.168.10.255
lxc.net.0.ipv4.address = 192.168.10.10/24 192.168.10.255
  lxc.net.0.ipv4.gateway = 192.168.10.1
lxc.net.0.ipv4.gateway = 192.168.10.1
    
    
  # needs to be uniq per guest
# needs to be uniq per guest
  lxc.net.0.veth.pair = veth-if-10
lxc.net.0.veth.pair = veth-if-10
    
    
  lxc.rootfs.path = dir:/var/lib/lxc/guest1/rootfs
lxc.rootfs.path = dir:/var/lib/lxc/guest1/rootfs
    
    
  # Specify container architecture.
# Specify container architecture.
  lxc.arch = x86_64
lxc.arch = x86_64
    
    
  # Set hostname.
# Set hostname.
  lxc.uts.name = guest1
lxc.uts.name = guest1
    
    
  # If something doesn't work, try to comment this out.
# If something doesn't work, try to comment this out.
  lxc.cap.drop = sys_admin
lxc.cap.drop = sys_admin
    
    
  # Comment this out if you have to debug processes by tracing.
# Comment this out if you have to debug processes by tracing.
  lxc.cap.drop = sys_ptrace
lxc.cap.drop = sys_ptrace
    
    
  # Comment this out if required by your applications.
# Comment this out if required by your applications.
  lxc.cap.drop = setpcap
lxc.cap.drop = setpcap
    
    
  # Include common configuration.
# Include common configuration.
  lxc.include = /usr/share/lxc/config/alpine.common.conf
lxc.include = /usr/share/lxc/config/alpine.common.conf
</pre>
</pre>




==== Start a LXC instance ====
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
==== Start a LXC instance ====
Start these net/services as root
{{Cmd2|rc-service lxc.guest1 start}}
{{Cmd2|# brctl addbr br0 # need to set this first once}}
{{Cmd2|# ln -s lxc /etc/init.d/lxc.guest1 # need to do once}}
{{Cmd2|# rc-service lxc.guest1 start}}
 
<pre>
# KNOWN ISSUEs:
  # * /var/lib/lxc/guest1/rootfs is on tmpfs and ALLOW_TMPFS is not set
  # * ERROR: lxc.guest1 failed to start
 
# To avoid seeing error like above in DISKLESS installs,
# SOLUTION is: move /var/lib/lxc to disk, then create a symlink of lxc
</pre>


==== Use LXC ====
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
==== Use LXC ====
Start these net/services as root
{{Cmd2|lxc-attach -n guest1
{{Cmd2|# lxc-attach -n guest1
passwd root # add a passwd
passwd root # add a passwd
exit
exit
Line 109: Line 130:
  # OR use lxc-attach to change passwd of root
  # OR use lxc-attach to change passwd of root
}}
}}
==== Fix some basic networking ====
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
{{Pill||WIP|goldenrod|yellow}}
{{Pill||WIP|goldenrod|yellow}}
Fix some basic networkings
Step 1. Bring br0 up (on HOST)
{{Cmd2|# ifconfig br0 192.168.10.1 netmask 255.255.255.0 up }}


<pre>
<pre>
# brctl show
# brctl show
bridge name bridge id STP enabled interfaces
bridge name bridge id STP enabled interfaces
br0 8000.4686bf1982a3 no dummy0
br0 8000.febdf6e3a9f2 no veth-if-10
veth-if-10
 
# ifconfig br0
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.1  netmask 255.255.255.0  broadcast 192.168.10.255
...
</pre>
</pre>
Step 2. Bring eth1 up (on GUEST)
* Nothing to be done.
<pre>
guest1:/tmp# ifconfig
eth1      Link encap:Ethernet  HWaddr 5E:2A:70:E0:D9:49 
          inet addr:192.168.10.10  Bcast:192.168.10.255  Mask:255.255.255.0
...
</pre>
==== Test networking ====
{{Pill||v3.21.x-v3.22.x|cadetblue|lightblue}}
Step 1. Test on HOST - IMPORTANT: remove firewall if any
{{Cmd2|$ nc -l 1234 > /tmp/filename.out}}
Step 2. Test on GUEST
{{Cmd2|# echo -e "aaa\nbbb" > test.txt}}
{{Cmd2|# nc 192.168.10.1 1234 < test.txt}}
Step 3. Test on HOST
{{Cmd2|$ cat /tmp/filename.out}}


== See also ==
== See also ==

Latest revision as of 20:37, 28 August 2025

Linux Containers (LXC) provides containers similar to BSD Jails, Linux VServers and Solaris Zones. It gives the impression of virtualization, but shares the kernel and resources with the "host".

Setup walkthrough

Basic setup that gets you going, you would still need to read main LXC documentations for advanced features.

Objective

  1. Install Alpine Linux.
  2. Install LXC and its dependencies.
  3. Download required files.
  4. Start a LXC instance.
  5. Test basic networking.

Test bed

WIP

  • Describe here the test bed/setup used to run the scripts below.
  1. MODEL: Dell Laptop.
  2. CPUs
    1. CPU: Intel i5 2nd generation.
    2. CPU: Intel i5 3rd generation with virtualization enabled (2nd setup).
  3. RAM: 8GB

Install Alpine Linux

  1. Diskless installs (Ram based)
  2. SYS installs
Tip: - for further setup to work correctly, its assumed that Alpine Linux installed in done for version between v3.21.x and v3.22.x

Install LXC and its dependencies

v3.21.x-v3.22.x

Install the required packages (as root):

apk add lxc lxcfs lxc-templates-legacy-alpine bridge

Setup LXC

-v3.22.x

Get/set required files (as root):

cd ~ wget https://dl-cdn.alpinelinux.org/v3.21/releases/x86_64/alpine-minirootfs-3.21.1-x86_64.tar.gz cd /var/lib/lxc/ mkdir -p guest1/rootfs cd guest1/rootfs tar -zxf ~/alpine-minirootfs-3.21.1-x86_64.tar.gz apk add --root ./ alpine-base

v3.21.x-v3.22.x

Fix some issues (as root),

#### Minor/manual changes #### rm -f /var/lib/lxc/guest1/rootfs/dev/null rm -f /var/lib/lxc/guest1/rootfs/dev/zero

v3.21.x-v3.22.x

Content of /etc/lxc/bridgenat.conf. (Not needed for manual setup) 

lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.link = br0
lxc.net.0.name = eth1
lxc.net.0.ipv4.address = 192.168.10.2/24 192.168.10.255
lxc.net.0.ipv4.gateway = 192.168.10.1
lxc.net.0.veth.pair = veth-if-10

v3.21.x-v3.22.x

Content of guest1/config (need to create once) 

# default config file that was generated using
# 'lxc-create -n alpine -f /etc/lxc/bridgenat.conf -t alpine'
# config below was modified to a simpler manual setup

lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.link = br0
lxc.net.0.name = eth1
  
lxc.net.0.ipv4.address = 192.168.10.10/24 192.168.10.255
lxc.net.0.ipv4.gateway = 192.168.10.1
  
# needs to be uniq per guest
lxc.net.0.veth.pair = veth-if-10
  
lxc.rootfs.path = dir:/var/lib/lxc/guest1/rootfs
  
# Specify container architecture.
lxc.arch = x86_64
  
# Set hostname.
lxc.uts.name = guest1
  
# If something doesn't work, try to comment this out.
lxc.cap.drop = sys_admin
  
# Comment this out if you have to debug processes by tracing.
lxc.cap.drop = sys_ptrace
  
# Comment this out if required by your applications.
lxc.cap.drop = setpcap
  
# Include common configuration.
lxc.include = /usr/share/lxc/config/alpine.common.conf


Start a LXC instance

v3.21.x-v3.22.x

Start these net/services as root

# brctl addbr br0 # need to set this first once

# ln -s lxc /etc/init.d/lxc.guest1 # need to do once

# rc-service lxc.guest1 start

# KNOWN ISSUEs:
   # * /var/lib/lxc/guest1/rootfs is on tmpfs and ALLOW_TMPFS is not set
   # * ERROR: lxc.guest1 failed to start

# To avoid seeing error like above in DISKLESS installs,
# SOLUTION is: move /var/lib/lxc to disk, then create a symlink of lxc

Use LXC

v3.21.x-v3.22.x

Start these net/services as root

# lxc-attach -n guest1 passwd root # add a passwd exit lxc-console -n guest1 # this works !!!, need to create user first then su -l to root # OR use lxc-attach to change passwd of root

Fix some basic networking

v3.21.x-v3.22.x

WIP

Step 1. Bring br0 up (on HOST)

# ifconfig br0 192.168.10.1 netmask 255.255.255.0 up 

# brctl show
bridge name	bridge id		STP enabled	interfaces
br0		8000.febdf6e3a9f2	no		veth-if-10

# ifconfig br0
br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.1  netmask 255.255.255.0  broadcast 192.168.10.255
...

Step 2. Bring eth1 up (on GUEST)

  • Nothing to be done.
guest1:/tmp# ifconfig 
eth1      Link encap:Ethernet  HWaddr 5E:2A:70:E0:D9:49  
          inet addr:192.168.10.10  Bcast:192.168.10.255  Mask:255.255.255.0
...

Test networking

v3.21.x-v3.22.x

Step 1. Test on HOST - IMPORTANT: remove firewall if any

$ nc -l 1234 > /tmp/filename.out

Step 2. Test on GUEST

# echo -e "aaa\nbbb" > test.txt

# nc 192.168.10.1 1234 < test.txt

Step 3. Test on HOST

$ cat /tmp/filename.out

See also

Resources

  1. https://linuxcontainers.org/lxc/manpages/
  2. https://manned.org/pkg/alpine-3.22/lxc-doc
Retrieved from "https://wiki.alpinelinux.org/w/index.php?title=LXC_Alpinelinux_Simple&oldid=30805"