Documenting Problems That Were Difficult To Find The Answer To

LXC Tutorial on Ubuntu Precise 12.04


This is a quick-and-dirty tutorial to get containers created, running, and destroyed on Linux Ubuntu Precise 12.04.



Installing LXC

Simply run:

$ apt-get install lxc
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
  bridge-utils cgroup-lite cloud-utils debootstrap dnsmasq-base euca2ools
  libapparmor1 libcap2-bin libnetfilter-conntrack3 libpam-cap libyaml-0-2
  python-boto python-m2crypto python-paramiko python-yaml
Suggested packages:
  libcap-dev btrfs-tools lvm2 qemu-user-static
The following NEW packages will be installed:
  bridge-utils cgroup-lite cloud-utils debootstrap dnsmasq-base euca2ools
  libapparmor1 libcap2-bin libnetfilter-conntrack3 libpam-cap libyaml-0-2 lxc
  python-boto python-m2crypto python-paramiko python-yaml
0 upgraded, 16 newly installed, 0 to remove and 4 not upgraded.
Need to get 2,343 kB of archives.
After this operation, 14.4 MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Fetched 2,343 kB in 0s (10.3 MB/s)

Creating Your First Container

You can create a container using a pre-existing template. To see the templates available on your system:

$ ls /usr/lib/lxc/templates/
lxc-busybox  lxc-fedora    lxc-sshd    lxc-ubuntu-cloud
lxc-debian   lxc-opensuse  lxc-ubuntu

You can get help for the ubuntu template:

$ lxc-create -t ubuntu --help
/usr/share/lxc/templates/lxc-ubuntu -h|--help [-a|--arch] [-b|--bindhome ] [-d|--debug]
   [-F | --flush-cache] [-r|--release ] [ -S | --auth-key ]
   [--rootfs ] [--packages ] [-u|--user ] [--password ]
   [--mirror ] [--security-mirror ]
release: the ubuntu release (e.g. precise): defaults to host release on ubuntu, otherwise uses latest LTS
bindhome: bind 's home into the container
          The ubuntu user will not be created, and  will have
          sudo access.
arch: the container architecture (e.g. amd64): defaults to host arch
auth-key: SSH Public key file to inject into container
packages: list of packages to add comma separated
mirror,security-mirror: mirror for download and /etc/apt/sources.list

So we can choose ubuntu from the above templates to create a container and give it a name:

$ lxc-create -n lxctutorial -t ubuntu
No config file specified, using the default config
debootstrap is /usr/sbin/debootstrap
Checking cache download in /var/cache/lxc/precise/rootfs-amd64 ...
Copy /var/cache/lxc/precise/rootfs-amd64 to /var/lib/lxc/lxctutorial/rootfs ...
Copying rootfs to /var/lib/lxc/lxctutorial/rootfs ...

# The default user is 'ubuntu' with password 'ubuntu'!
# Use the 'sudo' command to run tasks as root in the container.

'ubuntu' template installed
'lxctutorial' created

Note that the default password is shown.

You could have specified which release with the command, e.g.:

$ lxc-create -n lxctutorial -t ubuntu -- -r precise

So we’ve created a container. Let’s see if LXC knows about it:

$ lxc-list



Where is the LXC container stored?

$ ls -l /var/lib/lxc/lxctutorial
total 12
-rw-r--r--  1 root root 1273 Feb 14 12:07 config
-rw-r--r--  1 root root  110 Feb 14 12:07 fstab
drwxr-xr-x 22 root root 4096 Jun 16  2014 rootfs

So the container has been created!

Running the Container

Start the container with the -d flag (otherwise you will go straight into console mode and there is a bug in lxc-start that prevents the ctrl-a, q escape combination from working).

$ lxc-start -n lxctutorial -d
$ lxc-list



You can connect to your container in console mode:

$ lxc-console -n lxctutorial
Ubuntu 12.04.4 LTS lxctutorial tty1

lxctutorial login: ubuntu
Password: ubuntu
Welcome to Ubuntu 12.04.4 LTS (GNU/Linux 3.2.0-74-generic x86_64)

 * Documentation:

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.


To disconnect from the console (quit/exit) press ctrl-a, q.

Stopping the Container

You can stop the container – this kills all the processes inside the container.

$ lxc-stop -n lxctutorial

But a cleaner way of bringing a container to a stop is to halt it:

$ lxc-shutdown -n lxctutorial -w
Container lxctutorial has shut down

Destroying the Container

$ lxc-destroy -n lxctutorial
$ lxc-list



Assigning Static DHCP Leases to LXC Containers

You will need to create a configuration file in which you can put static leases, e.g.:

$ touch /etc/lxc/dnsmasq.conf

Next edit your /etc/init/lxc-net.conf file to add this configuration file to the dnsmasq startup, from:

dnsmasq -u lxc-dnsmasq --strict-order --bind-interfaces \
  --pid-file=${varrun}/ --conf-file= \
  --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} \
  --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override \
  --except-interface=lo --interface=${LXC_BRIDGE} || cleanup


dnsmasq -u lxc-dnsmasq --strict-order --bind-interfaces \
  --pid-file=${varrun}/ --conf-file=/etc/lxc/dnsmasq.conf \
  --listen-address ${LXC_ADDR} --dhcp-range ${LXC_DHCP_RANGE} \
  --dhcp-lease-max=${LXC_DHCP_MAX} --dhcp-no-override \
  --except-interface=lo --interface=${LXC_BRIDGE} || cleanup

Then find the MAC address from your container’s configuration:

# grep /var/lib/lxc/*/config
/var/lib/lxc/lxctutorial/ = 00:16:3e:32:9a:a4
/var/lib/lxc/webserver/ = 00:16:3e:0c:5b:1b
/var/lib/lxc/mailserver/ = 00:16:3e:ca:cb:02

Now you can put the fixed address you want into your new configuration file /etc/lxc/dnsmasq.conf, e.g. if you wanted for the lxctutorial container:

# static leases

Make sure you shut down all LXC containers and restart LXC for this to take effect:

# /etc/init.d/lxc-net stop
# /etc/init.d/lxc stop
# /etc/init.d/lxc start
# /etc/init.d/lxc-net start

In Ubuntu 14.04 Trusty the start/stop jobs are:

# initctl stop lxc-net
# kill dnsmasq daemon
# ifconfig lxcbr0 down
# brctl delbr lxcbr0
# initctl stop lxc
# initctl start lxc
# initctl start lxc-net

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: