lxc - centos

最後更新: 2018-04-16

介紹

 

 


Centos7: Epel

 

Install Package

yum lxc-extra lxc lxc-templates

yum install bridge-utils

Check & Start

lxc-checkconfig

service lxc start

Checking

mount | grep cgroup

Auto Start

chkconfig lxc on

 


Host System Setting

 

/etc/sysctl.conf

net.ipv4.ip_forward = 1

sysctl -p

# checking

sysctl net.ipv4.ip_forward

 


Host Bridge For VPS

 

/etc/sysconfig/network-scripts/ifcfg-virbr0

DEVICE=virbr0
TYPE=Bridge
IPADDR=192.168.200.254
NETMASK=255.255.255.0
NETWORK=192.168.200.0
ONBOOT=yes
BOOTPROTO=none
NM_CONTROLLED=no
DELAY=0

service network restart
 


LXC Data Storage

 

UUID="3fcc2a73-b8cd-4fc9-8d59-0fecdcdd7391"   /mnt/lxc        ext4    noatime 0 0
/mnt/lxc/cache                                /var/cache/lxc  none    bind    0 0
/mnt/lxc/vps                                  /var/lib/lxc    none    bind    0 0

 


VPS Templates

 

# templates 的 help

/usr/share/lxc/templates/lxc-centos -h

...
-R,--release      CentOS release for the new container.
-a,--arch         Define what arch the container will be [i686,x86_64]

位置

 - Cache - /var/cache/lxc

 - VPS   - /var/lib/lxc

# 建立與 system 一樣的 VPS

lxc-create -n vm01 -t centos

# 建立 Centos 6 i386 的 VPS ( size: 351M) # 這 template 沒有 sshd service

lxc-create -n test-centos6  -t centos -- -a i386 -R 6

 


Centos6 Template

 

# first time start vps

lxc-start -n test-centos6

lxc-start -n test-centos6 -d

# 第一次 login 的 password

/var/lib/lxc/test-centos6/tmp_root_pass

# reset password

chroot /var/lib/lxc/test-centos6/rootfs passwd

lxc-console -n test-centos6

Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself

lxc-ls -f

 


VPS Network Config

 

/var/lib/lxc/test-centos6/config

lxc.network.veth.pair = test-centos6
lxc.network.name = eth0
lxc.network.ipv4 = 192.168.200.11/24
lxc.network.ipv4.gateway = 192.168.200.254

 


NAT

 

Masquerade

firewall-cmd --zone=public --remove-interface=virbr0 --permanent
firewall-cmd --zone=internal --add-interface=virbr0 --permanent
firewall-cmd --zone=public --add-masquerade --permanent
firewall-cmd --reload
firewall-cmd --zone=public --query-masquerade
firewall-cmd --get-active-zone

Port Forward

firewall-cmd --zone=public \
  --add-forward-port=port=2222:proto=tcp:toport=22:toaddr=192.168.200.11 \
  --permanent

 


 

Creative Commons license icon Creative Commons license icon