Install Alpine on LXD

From Alpine Linux

LXD

LXD is an easy to use daemon and client for managing LXC containers. It is included by default in Ubuntu 16.04 and later versions. It may become available in other distributions, such as debian. If you are not familiar at all with LXC or LXD, start directly with LXD. For detailed instructions on how to use it, see https://linuxcontainers.org/lxd/introduction/

With LXD you can start an Alpine Linux container in seconds, in practically any Ubuntu 16.04 (or later) system, including:

  • A standalone system
  • An Amazon EC2 instance
  • An OpenStack KVM VPS

With LXD, you can easily run Alpine in all those environments, on top of an Ubuntu Host.

These instructions assume you are running on an amd64 (x86_64) platform.

LXD installation

On Ubuntu 18.04 there are two versions of LXD available:

  • From apt packages, included by default on a new installation
  • From snap. The snap version of LXD has a higher version and more features than the apt version. Future versions of LXD will be distributed only via snap.

If you want to use the latest LXD, remove the apt version and install the snap version:

sudo apt-get remove lxd lxd-client sudo snap install lxd

Add yourself to the lxd group, so you can run lxc without being root:

sudo adduser `whoami` lxd

Then logout and login again.

LXD configuration

Before you launch LXD containers, you must configure LXD:

sudo lxd init

Accept all the defaults. You can rerun this if you have no containers. The ZFS storage method is recommended, because of its ability to create instant snapshots and copies of containers, but it requires additional configuration and it is not available everywhere (e.g. in a VPS host). dir will do just fine for a demo.

Container creation

To install Alpine Linux 3.8 run:

lxc launch images:alpine/3.8 a1

To install Alpine Linux edge version run:

lxc launch images:alpine/edge a2

To enter a shell in the container:

lxc exec a1 ash

Networking

The container has outgoing access to the network, but no incoming public access, since it doesn't have a public ip. You can provide incoming access using several networking techniques:

  • On a LAN, it suffices to add a route through the host LXD node
  • Use an iptables configurator, such as shorewall
  • For HTTP/HTTPS access, use an HTTP reverse proxy/load balancer, such as haproxy or pound, to redirect HTTP requests to various containers. You can run the HTTP reverse proxy in an Alpine container, once you redirect the ports that you want to it, (using iptables).