-
Hello viewers. Welcome to this video.
-
I'm Vagrant, and this is Just Me and Opensource channel. Right. In this video,
-
I'm going to talk about LXD containers.
-
What the LXD and LXC containers are, and how
-
to use them. I'll also show you a quick
-
demo of how you can get started with
-
using the LXD containers. As usual,
-
I've got my notes here to explain things
-
a little better. Okay. So we've got virtual machines, and the LXD
-
containers, and the application containers--basically Docker, RKT,
-
and so on. Okay. So how do LXD machine containers differ from a
-
virtual machine or application containers? So, basically, when you use
-
virtual machines, you've got your bare metal, and you've
-
got an operating system running on top
-
of it. It could be Linux, Windows, or macOS.
-
And you install a hypervisor on your
-
operating system. A typical example would be VirtualBox, and you create
-
virtual machines on top of it. So that's
-
the hypervisor bit, and each of the guest
-
operating systems is a complete operating
-
system. All the hardware attached to these guest virtual machines is
-
virtualized hardware. So the hypervisor is responsible for giving the
-
guest OS the hardware from your bare metal in a virtualized fashion.
-
So that's virtual machines, and we all are familiar
-
with Docker containers, or any
-
container platform. There is RKT and Docker. So similar to virtual machines,
-
you've got your bare metal, you've got your operating system installed--
-
Linux, Windows, or macOS--and you install a container runtime. It could be
-
Docker, RKT, or anything. And then you create these container images.
-
So these are not virtual machines.
-
You're not running a complete virtual machine.
-
It's just an application container. You grab
-
the libraries and the dependencies that your
-
application needs, package them as a container, and you start containers.
-
So containers are very lightweight compared to virtual machines.
-
You're not running an entire operating system, so it's just a set of files
-
your application requires.
-
You package them as a container, and the
-
container runtime is responsible for managing multiple containers.
-
So that's lightweight. You can have multiple
-
containers. They're all very lightweight.
-
So where do the machine containers sit?
-
They sit between the virtual machines
-
and the application containers.
-
They take the best of both worlds. So how is it
-
compared to virtual machines? The LXD containers that you create are a
-
complete operating system, not just an application container like Docker.
-
So it's a complete operating system similar
-
to virtual machines. And how is it compared to Docker?
-
It's very lightweight. It doesn't need a hypervisor or a container runtime.
-
It sits on top of the Linux OS. It uses the LXC libraries, and LXD is the REST
-
API. Your command line tool interacts with the LXD API to access the LXC
-
libraries, and you create your guest operating systems. It's a complete
-
operating system, and all the hardware--
-
whether it's CPU, memory, USB ports, and so on--is available to these
-
guest OS. It can start the container in a
-
matter of seconds, a complete operating
-
system. It's a very quick one. I've been recently using virtual
-
machines, and I used Vagrant to provision
-
virtual machines. But recently, I started
-
using...because of their simplicity and
-
lightweight nature. I started using
-
LXD machine containers. Okay. So you
-
can deploy a container--I mean, a machine
-
container--in a particular host machine,
-
or you could have a cluster of host machines running LXD on each of them.
-
And basically, that's a cluster. For this video, I'm not going to go into the
-
cluster mode. I'm just going to use a single
-
virtual machine to do that. Okay. The next
-
thing is comparing two virtual machines.
-
Say, for example, if you've got VirtualBox
-
or VMware or any hypervisor installed--
-
say, for example, your host memory has 16
-
GB of memory--and you're creating a couple
-
of virtual machines. So one is--each of
-
these virtual machines--you specify 4 GB.
-
So, basically, you're taking 8 GB
-
out of the 16 GB of your host memory.
-
So your host machine is left with just 8 GB. When you allocate 4 GB to a
-
virtual machine, you're allocating the
-
entire 4 GB to the machine. That's it.
-
So it's not available to your host machine.
-
Whereas in the LXC and LXD containers, you don't specify anything.
-
Although you can limit how much memory a
-
machine container can take, if you don't
-
specify anything, the entire host memory
-
is available for every single machine container that you create.
-
So when your host memory is 16 GB, inside your
-
container, if you look at your memory, the whole 16 GB is available for each
-
of these containers. But I'll show you in the demo how we can limit
-
the amount of memory that each container can take--limits.memory, limits.cpu--you can set limits.
-
Okay. So what we'll be doing in this quick
-
demo--I’ll show you some commonly used
-
commands, how to start and stop containers,
-
how to pull images, do a snapshot, apply certain profiles, and so on.
-
And also, there is a possibility to do nested containers. Say, you create a
-
machine--you create an LXD machine--and
-
inside that LXD machine, you create
-
another LXD environment and another LXD.
-
So basically, you can nest multiple levels.
-
Okay. So let's get into the business.
-
I've got an Ubuntu virtual machine. My host machine is Arch Linux,
-
and I've got a virtual machine.
-
Because most people are using Ubuntu, I thought
-
it would be useful to show this demo on an Ubuntu machine.
-
I've also got an LXD environment set up on my host machine, OS Linux.
-
If you're not aware, I'm also doing a series
-
on Kubernetes. So I'm using the LXD containers for Kubernetes. That's from
-
my host machine. But for this demo,
-
I'm going to use the Ubuntu 18.04 virtual machine.
-
lsb_release -a, which is 18.04. And this virtual machine is run
-
from VirtualBox. Okay. So that doesn't
-
matter. Okay. How do you install LXD?
-
In Ubuntu 18.04--I'm not sure about 16.04;
-
I haven't checked actually--but in 18.04, LXC and LXD are already installed.
-
If you do which lxc and which lxd, you'll find LXC and LXD installed.
-
So dpkg -l, you can check whether a
-
package is installed. grep lxd. So I've
-
got the LXD package installed. If not,
-
the command to install is sudo apt-get install lxd. That's it. Okay.
-
So once it's installed, there's a service, but it's not started.
-
If you look at the LXD service, that's the
-
service that needs to be running, and you
-
can see it's enabled, indirect. It's not
-
running at the moment. So the first thing
-
to do is to start the LXD service. sudo systemctl enable--no, that's already
-
enabled. Let's just start it--start lxd. So sudo systemctl status lxd.
-
It's running now. And the next thing we're going to
-
do is--there's a group called LXD.
-
And if you want to run LXC commands without prefixing sudo,
-
you need to add your user account to the LXD
-
group. I'm using Vagrant, so my user account is Vagrant. So I'm going to add
-
Vagrant to the LXD group. The command
-
to add is sudo gpasswd -a vagrant lxd. getent group lxd--
-
so now Vagrant is a member of the LXD
-
group. For the changes to take effect, you
-
can either do newgrp lxd, or you can just log out and log back in.
-
vagrant ssh. Okay. groups--so I'm part of the LXD group.
-
So now what I can do is, once you start the
-
service, the first thing to do is to initialize the LXD environment.
-
So the command to do this is lxd init.
-
Would you like to use LXD clustering? As I said, you
-
can set up an LXD cluster, but for
-
this video, I'm just going to install it
-
on one machine. So the default is no.
-
Do you want to configure a new storage pool?
-
So all the machine containers will use
-
this storage pool for storing the file
-
systems. Yes, definitely. Because this is a
-
plain installation, it won't have any
-
storage pool created. So let's create one.
-
Name of the new storage pool--it can be
-
any name. Let's leave it as default.
-
Name of the storage backend to use.
-
The default is Btrfs. It comes with lots of advantages.
-
You can do a snapshot.
-
You can do lots of volume management.
-
But for simplicity’s sake, I'm going to use the dir,
-
which is a directory on your host machine.
-
Would you like to connect to MAAS server,
-
which is Metal as a Service server? No.
-
Would you like to create a new local
-
network bridge? Yes. So again, this is the
-
same machine. If I do, the IP address is 172.24.24.101.
-
So that's the network interface--the active network interface--of the host
-
machine. And we need to create a network bridge so that all the machine
-
containers that we are going to create will use that network bridge to
-
communicate with the outside world.
-
So let's create the network bridge.
-
What should the network bridge be called?
-
By default, it's lxdbr0. You can call it any name.
-
Let's leave it to the default. IP address--what range do you want?
-
Let's leave it to default. Automatically assign IPv4, IPv6.
-
Would you like LXD to be available over the network?
-
No. I just want to access it from this machine.
-
I don't want to access it from other machines. Would you like stale cached
-
images to be updated automatically?
-
So when you first launch any of the
-
machine containers, it's going to pull
-
the machine image from a remote repository.
-
So once you pull that, every time you
-
start a machine, it's going to use the
-
image that it has pulled to your local machine.
-
This setting tells it to periodically check whether the local image is an
-
up-to-date image. If it's not, it will sync the image from the remote
-
repository. So let's leave it to default. Yes.
-
Would you like YAML init preseed to be printed out?
-
Basically, all these options that we just entered--do you want them to be printed out?
-
Default is no. That's all the questions. So we are all good to go.
-
And if you do lxc version--3.0.3--server version 3.0.3. Okay.
-
So it also gives you a command to start your container and do
-
an lxc launch. So before that, I want to
-
show you a few other things.
-
To show a list of available commands, do an lxc help.
-
lxc help | less. So there are lots of handy commands
-
that you can use, and I'll show you some
-
basic commands--most commonly used commands.
-
If you want to know more about a
-
particular command, you can use the help
-
option. For example, for storage, if you
-
want to look at an example for storage--lxc help <command>.
-
Okay. So you can create, delete, edit, get info, list, and so on.
-
lxc storage list--so that's the default storage.
-
The driver is directory--remember we did that during the lxc init
-
command. And that's the directory where
-
it's going to store all the machine images.
-
Okay. So where is it going to pull the machine
-
images from? lxc remote list.
-
So there are a couple of repositories that have
-
been added. So images:--that's the one.
-
And there are Ubuntu releases, Ubuntu containers.
-
So there are three repositories added. When you launch a
-
new machine, it's going to pull from these repositories. And local is just
-
the local repository. Whenever you pull it from the other three servers,
-
it's going to store it locally on this machine.
-
Okay. So let's try and search for a container.
-
Say, for example, if I want to start a CentOS machine--
-
how would you start it, or how would you find if
-
there is a machine image available for CentOS? lxc image list--
-
so that’s the list on your local machine.
-
I don’t have any images on my local machine. Okay.
-
lxc image list images:--if you just do images:, it's going to list all the
-
images available on that particular repository. There are lots of images--
-
Debian, Alpine, CentOS, and so on.
-
And if you want to search for a specific one,
-
you can start typing a few letters of it. So if I just do cent, you can see
-
CentOS 7, CentOS 7, and there should be lots.
-
If I pipe that to less, you can see CentOS 6, i386 version, CentOS 7,
-
ARM64, and so on. Okay. If I want to search
-
for Debian--there is Debian here: Debian 10, 9, and so on.
-
Okay. So that's how you search for the machine
-
images. So how would you start it? I want to start an image now. Okay.
-
So in this host machine, if I do uname, the kernel is 4.15.
-
So this kernel is for Ubuntu 18.04, and all the
-
machine containers--whether it's CentOS,
-
Debian, Alpine, or whatever--
-
are going to use the host kernel.
-
It's not the OS-specific kernel. It's whatever the host
-
kernel is, it’s going to use it. Okay.
-
So let's try and start an Ubuntu 16.04 container.
-
lxc launch is the command. Launch and
-
the container name--Ubuntu 16.04.
-
So if you're using any of the Ubuntu images,
-
you don’t have to prefix the remote repository part.
-
If I show you lxc remote list--So when you do ubuntu:16.04,
-
it's going to pull the image from this repository. So you don't have
-
to prefix ubuntu, but if it's anything else, you need to prefix images:. Okay.
-
So let's try and create an Ubuntu 16.04 image and a CentOS 7 image. lxc launch ubuntu:16.04
-
And if you don't specify a name, it's going to give you a
-
random name. So let's try--but before
-
that, if you want to see what machines
-
are available, what machines you've got,
-
you can do an lxc list. So at the moment, we don't have any machines--
-
we don’t have any containers started. lxc launch ubuntu:16.04
-
It's going to take--for the first time--a little while, maybe a couple of
-
minutes depending on your Internet speed.
-
So basically, it's pulling the file system to your local machine.
-
Once that's done, that's the base image, and all the other containers you're
-
going to start will start from the local
-
image. So the next time you launch a new container,
-
it will take less than 3 or 4 seconds to start it.
-
Right, it has started the container. Now if I do lxc
-
list, and there you go. The state is RUNNING, and it has got its own IP
-
address. And after we did the lxc init command, if I look at the network
-
interfaces, you will see lxdbr0.
-
So that's the network bridge for all the
-
machine containers this host is going to
-
create. It has got the IP address 10.149.213.1, and all the machines will get
-
the IP address from this bridge--10.149.213.165.
-
So that's in the range of this IP address. And for
-
each machine container you create, you're
-
going to see a virtual Ethernet interface
-
on your host machine. So that one is for this machine. I forgot to give the
-
machine a name, so it defined a random name.
-
Okay. Let's delete it. lxc delete <container-name>--horse.
-
You'll see an error here. It won't be able to
-
delete it while the container is running.
-
If you want to delete it, you need to stop the container before deleting it.
-
lxc stop sweet-horse. Or, if you want,
-
you can pass the--force option--that will stop the container for you and delete it.
-
So let's do the stop. lxc list--so the container is stopped.
-
And if you want to start the container: lxc start <container-name>, lxc start sweet-horse.
-
lxc list--see how quick that is? lxc list. Okay, the container is running.
-
Let's delete it. Let's delete it with the force option:
-
lxc delete--force sweet-horse.
-
Okay. That's deleted.
-
lxc list, that's gone. lxc image list--so that's the local
-
image that we downloaded: Ubuntu 16.04.
-
And the total size that I downloaded is 158 MB.
-
It's so lightweight. And now if I do lxc launch, if I launch a new Ubuntu
-
16.04 container, it's going to be very quick
-
because we've got an image already on our local machine.
-
lxc launch ubuntu:16.04 and give it a name--
-
myubuntu. Creating myubuntu, and then it will start it. Okay.
-
The container has been created. lxc list. Okay, there you go.
-
It has got a different IP address now. Okay, cool.
-
lxc list. If you want to copy this machine container, you can do lxc copy
-
myubuntu myanotherubuntu. lxc list.
-
So now we have got another machine,
-
which is stopped. You can start it with lxc start myanotherubuntu.
-
Okay, that's started. lxc list. I can see both these VMs--both these, not VMs, both these machine containers--are running.
-
They each got their own IP address. Right. lxc list.
-
So that's copy. Let's delete it. lxc delete --force myanotherubuntu.
-
Okay. Before deleting it, I just want to
-
show you how you can reach one container from another container.
-
Okay, let's keep that for a moment. And if you
-
want to rename a container or if you
-
want to move a container--say if you've
-
got an LXD cluster (obviously we don't
-
have a cluster at the moment)--but if
-
you've got a cluster, you can use the lxc move
-
command to move the container from one
-
host to another host. And to do that, lxc move is the command--myubuntu --
-
and give it another name. If it's on another host machine, you need to give
-
the hostname followed by a colon and the path, but
-
I'm going to move it within this host.
-
So I'm going to give it another name--myubuntu to myvm.
-
Okay. Renaming a container is not allowed while it's running.
-
lxc stop myubuntu, and then we do the lxc move command. That's done.
-
lxc list, and you can see myvm. It's been moved to myvm. lxc start myvm.
-
Okay, that started. lxc list. Good. So we've
-
got two VMs. Okay, so we've got the machine
-
containers. How would we log in to the
-
container, or how can we use the container?
-
So if you have used the Ubuntu container, there is a default Ubuntu user
-
account in these machine images.
-
But if you want to log in as root, you can do lxc exec <container-name> -- bash, e.g., lxc exec myvm -- bash.
-
Okay, so I'm inside the myvm container.
-
If I do hostname, the hostname
-
is myvm. That's cool. lsb_release--so that's Ubuntu 16.04, the machine that
-
we started. It's a complete operating
-
system--a very quick way to spin up a
-
virtual machine. And if I do free -m,
-
so it's 2 GB. Basically, my host machine
-
(I mean the virtual machine) has 2 GB, and
-
the container can see the complete
-
memory. So I've got one CPU, and one CPU
-
here. Okay. And if I do uname -r--4.15.0-45--
-
which is the host kernel on my Ubuntu 18.04.
-
Right. And you can ping the machine containers. You can ping
-
between the machine containers using the
-
DNS name. So when you create the LXD
-
bridge, you can ping the other containers
-
using .lxd naming convention.
-
So our other container was--I need to log out and log back in.
-
lxc list. myanotherubuntu. So if I want to ping it:
-
ping myanotherubuntu.lxd. Okay, so I'm
-
getting ping responses back from the
-
container. And if I want to log in to myanotherubuntu as user ubuntu, what
-
you can do is: su - ubuntu. Okay. hostname, I'm inside my Ubuntu virtual machine.
-
lsb_release--there, okay, 16.04. ping myvm.lxd--I'm getting ping response.
-
Okay, cool. So what else can we try? We did an image.
-
We did launch, start, stop. We did delete,
-
list, exec. So we've completed all these
-
commands. So let's go to these sets of commands.
-
So, config info. If you want to look at the details of a machine
-
container, you can do lxc info <container-name>--lxc info myvm.
-
Let me pipe that to less. So you can see remote (I mean
-
where it's running from). It will give you the path of the machine the
-
container is running, when it was created,
-
what architecture, and the current status of the machine--it's running.
-
Profiles--I’ll come to profiles in a minute.
-
PID is 7629. If I search for ps -p 7629, okay--so that's
-
the process isolation. Ethernet interface,
-
the address of the Ethernet interface,
-
how many processes it’s running--28 processes,
-
CPU usage, memory usage--it’s only using
-
about 50 MB of memory. Network bytes and some stats--so that's lxc info.
-
And there is also machine configuration if you want to
-
look at the machine configuration--lxc
-
config show myvm. So that’s the complete
-
configuration of the machine. Right? And it's using the default profile.
-
Okay, so I’ll come to the profile in a minute.
-
We've also done the copy and the move command. Okay, let's go to the profile.
-
lxc profile list--so we've got only one profile, and it's used by two
-
containers. So as we've got two machine
-
containers and we didn't assign any custom profile, by default, it uses the
-
default profile. So what's in the default profile? lxc profile show default.
-
So it hasn’t got any configuration--it's just a description and name, and the
-
storage pool is the default storage pool,
-
which we created during our lxd init command. And the type is disk.
-
What’s the ethernet interface? And what's the network bridge?
-
We're going to use lxdbr0. So that's the default profile.
-
And if you want to create a new profile, you can
-
copy the existing profile--lxc profile copy default custom. And if I do
-
lxc profile list, you can see the custom profile, and it's used by zero
-
containers. And if you want to launch a
-
container and use this profile, you have
-
to use: lxc launch <container-image> <name> --profile custom. For example: lxc launch ubuntu:16.04 myvm2 --profile custom.
-
So at the moment, the custom profile is the same as the default profile, but
-
I want to show you some options that you
-
can set in the profile. Okay, before that--
-
how can you restrict the memory? (It's going to be the same for CPU.)
-
Okay, let me log in to one of the machines:
-
lxc exec myvm -- bash. Okay, I'm in here--free -m.
-
So I'm seeing the complete 2 GB of memory that was on my host machine,
-
inside this container. So if I want this machine to use not more than 512 MB--
-
half a gig of RAM--because if you don't
-
set any limits, there are possibilities that any process inside your machine
-
might be resource intensive, and it could
-
end up using all your host memory, leaving your host
-
system in danger. So it's always a good
-
practice to limit the amount of memory and
-
number of CPUs on your machine
-
containers so that they won’t be able to use
-
more than the amount that you specify. This is all done using cgroups.
-
Okay, so free--now it has got 2 GB. Let's set it to half a gig.
-
You could do it dynamically or you can set it in the profile.
-
So I’ll show you both ways.
-
lxc config set myvm limits.memory 512MB.
-
Permission denied.
-
Okay. Let me log out and log back in.
-
lxc list, lxc config set myVM--so I'm going to set the configuration for my
-
VM, which is dynamic. The container is running. I haven't stopped the
-
container, so whatever change I'm going to
-
do is dynamic. lxc config set myVM limits.memory 512MB--that's done.
-
And if I do lxc config show myVM | less, you can see the configuration is
-
set here: limits.memory is 512.
-
Okay, so back inside the machine container, if
-
I do free -m now, you can see the memory
-
that it can use is only half a gig.
-
It can't go more than half a gig.
-
And I can change it again to one gig, 1GB.
-
And if you do free -m, you can see the change taking place, taking effect.
-
So that's dynamic. What if you want to set it in a profile?
-
Okay. Let's delete that VM. lxc delete --force myVM, and let's edit the custom profile that we just created:
-
lxc profile edit custom. Okay. So in the config section,
-
just remove the curly braces and type in limits.memory 512MB.
-
Save it. That's the profile. Now, if you try and create a virtual machine
-
applying that profile, then you will get those configuration details from the
-
profile: lxc launch ubuntu:16.04 myVM2 --profile custom.
-
Creating myVM2, and it's going to use the custom
-
profile that we created. And the only change we made was to set a default
-
memory limit of 512MB, half a gig.
-
Okay. lxc exec myVM2 bash--we are inside the container.
-
hostname--okay. ip a--the IP address is .1. free -m--now you can see it's half a gig of memory.
-
So, setting the CPU is going to be the same. Since I'm on
-
my virtual machine, I forgot to set the
-
number of CPUs. So my virtual machine has
-
got just one CPU. If I had, like, two or more CPUs, I could set in the profile
-
limits.cpu to 1. For example: lxc config set myVM2 limits.cpu 1.
-
If you've got, like, two CPUs and you want to assign just one CPU to the
-
machine container, you can use that command.
-
Okay. We've covered all these. Let's go to the
-
snapshot, restore, and file operations.
-
Okay. So if you want to push a file to the
-
container or if you want to pull a file
-
from the container to your host machine, you can use the file command.
-
Okay. lxc exec myVM2 bash--I don't have any files in there.
-
Okay. On my host machine, I'm going to create a file:
-
echo hello there > myfile.
-
And if you want to push this file into the
-
container, into that machine, I'm going to use: lxc file push myfile myVM2/root/.
-
So the container name is going to be myVM2, and it's not
-
semicolon or colon--it has to be in this format:
-
name slash and the part inside the
-
container name, slash, and the path inside the container, whether it's /etc, blah, blah, blah, or /root. Okay?
-
And if I do ls, you've got the file there. cat myfile--okay.
-
So the file is in the container. I'm going to delete the file
-
on my host machine--I don't have it here.
-
Now let's pull the file from the container to the host machine.
-
It's just the other way around.
-
lxc file pull myVM2/root/myfile ./ cat myfile--okay?
-
So that's how you use the file commands.
-
Okay. So let's quickly do the snapshot and restore capabilities. Let's snapshot the machine first. Okay.
-
I'm going to create some directories: for i in $(seq 5); do mkdir $i; done.
-
Okay. So I've created five directories named 1, 2, 3, 4, 5, and let's
-
exit out of the container. I'm going to
-
create a snapshot of this container.
-
The command to do it is: lxc snapshot myVM2 snap1.
-
So basically, it's going to copy the entire file system. As you saw
-
earlier, the size of the image is 158MB.
-
So when I say it's going to snapshot it, it's going to copy the
-
entire file system. Okay, so that's done.
-
And if I log into the VM and delete all
-
these directories: rm -rf * --I haven't got any directories.
-
Say, for example, I accidentally deleted all these
-
files--what I could do is: lxc restore myVM2 snap1.
-
If you want to see what snapshots are available, if I do lxc
-
list, in the snapshots column you can see there is one snapshot for this
-
container. lxc help snapshot--lxc snapshot and the name--creates snapshots.
-
I'm just seeing if there is a way to find out the name of the snapshots.
-
lxc help restore--snapshot. Okay, less--restore containers from the snapshot. lxc help snapshot--yes.
-
Okay. When you create a snapshot, you can also pass --stateful.
-
That saves the running state of the container as well.
-
I don't think we've got an option to list the snapshots. I don't know.
-
Okay. Let's not worry about it. The command to restore a snapshot is:
-
lxc restore myVM2 snap1.
-
So it's restoring the snapshot that we
-
created earlier. lxc exec myVM2 bash--and we can see all those directories there.
-
So basically, we've restored the
-
machine from the snapshot. Okay, cool.
-
And what else am I going to show you? Nested
-
containers. Let's do a quick demo on nested containers.
-
So, we've got a virtual machine--forget about the virtual machine--
-
so it's a machine, and you have the LXD machine containers.
-
I'm going to log in to one of the machine containers:
-
lxc exec myVM2 bash. So I'm inside the LXD container.
-
Inside this container, I'm going to create another LXD environment.
-
So what we do is see if there are lxc and lxd packages installed
-
which lxd--it's there. systemctl status lxd--it's not started, so let's
-
start it: systemctl start lxd. systemctl status lxd--so that's running.
-
The other thing to note is security.privileged and security.nesting.
-
We haven't set those things up for the myVM2 machine
-
container. So if you want to create a container inside a
-
container, you need to set the security.nesting configuration as well as security.privileged.
-
I'll show you what happens if you don't set those options.
-
Okay. So the LXD is running. It's not a privileged container--it's an
-
unprivileged machine container, myVM2, and it's going to show us some warnings.
-
I'm going to show you what it looks like.
-
lxd init. Do you want to configure a new
-
storage pool? Yes. Name of the storage pool--use default as dir.
-
Okay. And that's the warning: "We detected that you are
-
running inside an unprivileged container. There might be some issues."
-
Okay, Ctrl+C, Ctrl+D. Let's stop the container and set these options.
-
Okay? So, these are not dynamic like limits.memory, limits.cpu, etc.
-
So we need to stop the container, make the
-
configuration change, and then start the container again.
-
lxc list. lxc stop myVM2. Okay.
-
lxc config set myVM2 security.privileged true. lxc config set myVM2 security.nesting true.
-
By the way, you can also do lxc profile edit custom and set these there:
-
security.privileged true. security.nesting true. Save that.
-
And for any--okay, there's some syntax error.
-
Yep, I missed the colon bit. Ctrl+X.
-
Okay. So that's done. And for any new
-
containers you start, if you use this custom profile, it will be a privileged container.
-
Okay. lxc list. Let's start it: lxc start myVM2. See how quick it was?
-
It just took less than a couple of seconds to start the container.
-
lxc exec myVM2 bash. lxd init.
-
Do you want to configure a new storage pool? Yes.
-
Backend: directory. A new network bridge? Yes.
-
Would you like to set up a network bridge? Yes.
-
The name of the interface--everything is going to be default. Okay. Okay. Okay. Okay.
-
So that's all done. And if I do--I'm inside the machine
-
container, and there is another bridge inside that container.
-
And if I do lxc list, you can see that.
-
There you go. So that's my machine container.
-
And apart from the 88, we've also got the network bridge, because
-
basically, this is an LXC host now. It can also
-
host nested containers within it.
-
lxd --version--LXD. So that's the LXD version.
-
On my Ubuntu 18.04 machine, if you noticed, the LXD version was 3.0.3.
-
And on Ubuntu 16.04, the LXC version is 20.11.
-
Okay. lxc remote list--generating a client certificate. This may
-
take a minute or so. Okay. So that's the basic
-
difference between 16.04 and 18.04.
-
And you see all those--remote list.
-
lxc list--you don't have any machines.
-
If you want, you can start: lxc launch images:centos/7 x86_64 or i386, or whatever you want.
-
So basically, that is the nested containers--container within container within container.
-
Okay. I think that's all I wanted to show you.
-
Okay. Yep. lxc list--right. Okay. Right. I think I haven't missed anything.
-
Okay, cool. Thank you so much for your time watching this video.
-
I hope you found it useful.
-
Please share it with your friends.
-
And if you haven't already subscribed to my
-
channel, please, please subscribe to my channel.
-
And if you don't understand anything, or if you're having problems--if
-
you're having some issues following this
-
tutorial--please leave me a comment.
-
I should be able to help you.
-
And if you're trying this out on a different distribution, I can help you out as well.
-
Okay. Let me exit out of the virtual machine.
-
So that's my host machine, which
-
is Manjaro, Arch Linux-based.
-
And if you want to install LXC in your Arch Linux, the command to do is:
sudo pacman -S lxc--to install the LXC libraries.
-
And to install LXD, I have to install LXD from the community
-
repository--AUR, Arch User Repository. So yay -S--usually it will be yay -S.
-
Previously, I've got a package called yay--
-
yet another AUR helper, I think. Yeah, yay -S lxd. So lxd is available from the
-
community repository. lxc--from the default Pacman repository.
-
Cool. And I'll see you in my next video.
-
Thank you so much for watching this video. Bye bye.
