Linux Containers (LXC) provides containers similar BSD Jails, Linux VServer and Solaris Zones. It gives the impression of virtualization, but shares the kernel and resources with the "host".
Install the required packages:
Prepare network on host
Set up a bridge on the host. Example /etc/network/interfaces:
auto br0 iface br0 inet dhcp bridge-ports eth0
Create a network configuration template for the guests, /etc/lxc/lxc.conf:
lxc.network.type = veth lxc.network.link = br0 lxc.network.flags = up
Create a guest
This will create a /var/lib/lxc/guest1 directory with a config file and a rootfs directory.
Note that by default alpine template does not have networking service on, you will need to add it using lxc-console
If running on x86_64 architecture, it is possible to create a 32bit guest:
In order to create a debian template container you will need to install some packages:
Also you will need to turn off some grsecurity chroot options otherwise the debootstrap will fail:
Please remember to turn them back on, or just simply reboot the system.
Now you can run:
Starting/Stopping the guest
Create a symlink to the /etc/init.d/lxc script for your guest.
You can start your guest with:
Stop it with:
Make it autostart on boot up with:
Connecting to the guest
By default sshd is not installed, so you will have to connect to a virtual console. This is done with:
To disconnect from it, press+
Deleting a guest
Make sure the guest is stopped and run:
This will erase everything, without asking any questions. It is equivalent to:
Using static IP
If you're using static IP, you need to configure this properly on guest's /etc/network/interfaces. To stay on the above example, modify /var/lib/lxc/guest1/rootfs/etc/network/interfaces
#auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp
#auto lo iface lo inet loopback auto eth0 iface eth0 inet static address <lxc-container-ip> # IP which the lxc container should use gateway <gateway-ip> # IP of gateway to use, mostly same as on lxc-host netmask <netmask>
mem and swap
In order for network to work on containers you need to set "Promiscuous Mode" to "Allow All" in VirtualBox settings for the network adapter.
LXC 1.0 Additional information
Some info regarding new features in LXC 1.0