LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (https://www.linuxquestions.org/questions/slackware-14/)
-   -   LXC 3.0 and Slackware (https://www.linuxquestions.org/questions/slackware-14/lxc-3-0-and-slackware-4175645954/)

PRNG 01-10-2019 02:48 PM
LXC 3.0 and Slackware
 
I saw "new" release of LXC https://discuss.linuxcontainers.org/...-released/1449
Is it possible to upgrade LXC from LTS branch to version 3 on Slackware current? The cgmanager is removed and I don't know if it is possible to use containers without systemd or cgmanager.

alex14641 01-11-2019 10:18 AM
I've created unprivileged Ubuntu containers, with networking, with LXC 3 on -current. There's some system configuration necessary to make it work, though. I don't think LXC needs cgmanager. Strange thing: removing cgmanager breaks the power manager applet in XFCE.

PRNG 01-12-2019 03:33 AM
Great! I will try LXC 3 ASAP.
If you can, write up what changes have you made in ored to make it work.

alex14641 01-13-2019 05:51 PM
Setting up LXC 3.x to run unprivileged containers.

As you:
1) Download the source for lxc-3.0.3.tar.gz and lxcfs-3.0.3.tar.gz.
2) Untar lxc-3.0.3 and lxcfs-3.0.3
3) cd lxc-3.0.3
4) ./configure --prefix=/usr --sysconfdir=/etc --libdir=/usr/lib64 --localstatedir=/var --mandir=/usr/man --docdir=/usr/doc/lxc-3.0.3 --infodir=/usr/info --infodir=/usr/info --with-global-conf=/etc/lxc/lxc.conf --with-rootfs-path=/var/lib/rootfs-lxc
5) make -j8
6) cd ../lxcfs-3.0.3
7) ./configure --prefix=/usr --sysconfdir=/etc --libdir=/usr/lib64 --localstatedir=/var --mandir=/usr/man --docdir=/usr/doc/lxcfs-3.0.3 --infodir=/usr/info --with-rootfs-path=/var/lib/rootfs-lxc
8) make -j8
9) Create the file $HOME/.config/lxc/default.conf with the following contents:
Code:
lxc.idmap = u 0 131072 65536
lxc.idmap = g 0 131072 65536
lxc.mount.auto = cgroup
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.name = eth0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
lxc.environment = PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin
lxc.environment = HOME=/root
lxc.environment = USER=root
As root:
10) removepkg lxc-2.0.9
11) cd lxc-3.0.3
12) make install
13) cd ../lxcfs-3.0.3
14) make install
15) Create the file /etc/subuid with the following contents:
Code:
root:65536:65536
<your uid>:131072:65536
Replace <your uid> with your user ID.
16) Create the file /etc/subgid with the following contents:
Code:
root:65536:65536
<your gid>:131072:65536
Replace <your gid> with your group ID.
17) mount -t cgroup -o rw,noexec,nosuid,nodev,none,name=systemd systemd /sys/fs/cgroup/systemd
18) cgcreate -g name=systemd:lxc -g *:lxc -a <your uid>:<your gid> -t <your uid>:<your gid>
Replace <your uid> and <your gid> with your user ID and your group ID, respectively.
19) /usr/libexec/lxc/lxc-net start
20) lxcfs -s -o allow_other /var/lib/lxcfs/ &
21) modprobe autofs4

As you:
22) cgexec -g *:lxc bash
23) Create a Debian container:
lxc-create -t download -n debian -- -d debian -r stretch -a amd64
24) Start the container:
lxc-start debian
25) Attach to the container:
lxc-attach debian
You should now be able to run 'apt install' to install packages.

PRNG 01-14-2019 01:16 AM
Thank you Alex!

I have fixed power manager applet in XFCE by recompiling ConsoleKit2 with
Code:
--enable-cgroups=no \

franzen 01-14-2019 04:08 AM
Quote:
Originally Posted by alex14641 (Post 5948697)
*) cd ../lxcfs-3.0.3
I didn't test, but it seems lxcfs has become optional even for systemd based containers/guests. From https://linuxcontainers.org/lxcfs/introduction/:
Quote:
The main driver for this[lxcfs] work was the need to run systemd based containers as a regular unprivileged user while still allowing systemd inside the container to interact with cgroups.
Now with the introduction of the cgroup namespace in the Linux kernel, that part is no longer necessary on recent kernels and focus is now on making containers feel more like a real independent system through the proc masking feature.

alex14641 01-14-2019 06:17 AM
Quote:
Originally Posted by franzen (Post 5948859)
I didn't test, but it seems lxcfs has become optional even for systemd based containers/guests. From https://linuxcontainers.org/lxcfs/ introduction/:
Lxcfs is still needed for containers to have their own copies of /proc/uptime and some other /proc files. Without lxcfs, running the uptime command in the containers returns the uptime of the host.

franzen 01-14-2019 06:39 AM
Quote:
Originally Posted by alex14641 (Post 5948889)
Lxcfs is still needed for containers to have their own copies of /proc/uptime and some other /proc files. Without lxcfs, running the uptime command in the containers returns the uptime of the host.
So it may be useful, but it's not a hard dependency.

alex14641 01-14-2019 05:09 PM
Quote:
Originally Posted by franzen (Post 5948891)
So it may be useful, but it's not a hard dependency.
Correct.

alex14641 01-20-2019 08:25 AM
I made some changes to the instructions to allow automatically starting the network when starting the container.

There is a Slackware LXC template, but currently it can only be run as a privileged container.


All times are GMT -5. The time now is 02:54 AM.