Virtualization – Introduction – (Containerization)-setup-LXC

Introduction:-

What does Virtualization mean?

The simple explanation is that you create a virtual version of something that’s generally used for some type of execution. For example, if you were to partition a basic hard drive to create two hard drives, then they would be two ‘virtualized hard drives,’ as the hardware is technically a single hard drive that was digitally separated into two.Virtualization refers to the creation of a virtual resource such as a server, desktop, operating system, file, storage or network.

what are Containers?

Containers are a lightweight virtualization technology.In IT it is all about the need to run an application, not a virtual machine.In the end, it is the application user that has a need.This need is to run the application and no user will ever ask for a virtual machine.That is exactly one of the major design goals of the container technology.

A container is a virtualization method at the OS level.This allows multiple instances of an os to be running on the same kernel, which allows for a more efficient usage of available resources.

Try Container Online Click Here 

Using containers should make it easy for the end users to run applications on different platforms. Container technologies, like Docker, take away the need to consider different platform characteristics. The container just runs as an isolated environment on top of the platform. Everything specific to the application is bundled in a package that runs on top of any hardware platform. This allows the developer to focus on the application, not on the underlying platform.

How Do Containers Work?

 

The starting point of a container is an image. An image contains everything that is needed to run a container:

    • Application
    • User space dependencies
    • Libraries.

container1.jpg

The kernel space components are provided by the host operating system. When the container is created from an image, it runs its processes on the host kernel.

Container Components

Every running container has three essential components:

    • Namespaces
      They are global system resources like network, PIDs, mounts, and more, that are presented as such that the process in the instance thinks it is the only one accessing the resource.
    • CGroups
      They are used to reserve and allocate isolated resources to containers.
    • A Union file system
      The Union file system merges different file systems into one virtual filesystem.
What Are the Differences between Containers and Virtualization?

Containers and virtualization are used in different contexts:

    • We use containers if we want to run multiple copies of a single application.
    • We use virtual machines if we need the flexibility of running multiple applications.
    • We use virtual machines if we need to be able to run on any operating system.
    • Both containers and virtual machines can run together in a IaaS Cloud.
Container Limitations:-

Even though containers are offering great benefits, they have limitations as well:

    • By default, containers are not cross-platform. The container contents depend on the underlying kernel.
      • Type of containers that can be installed on the host should work with the kernel of the host. Hence, you cannot install a Windows container on a Linux host or vice-versa.
    • Dependencies may require a container to run on a specific platform.
    • Isolation on containers is weaker, as they all run on the same kernel. If the kernel goes down, all the containers running on top of it will go down, as well.
    • There is potential for sprawl. As it is relatively easy to deploy a new container, we risk ending up in an environment where some many containers have been deployed and where nobody really knows what is running where anymore.
Containers Technologies:-

1)LXC       2)LXD             3)Docker   4)LXCFS etc

Today we will focus on LXC Setup

What’s LXC?

LXC is a userspace interface for the Linux kernel containment features.
Through a powerful API and simple tools, it lets Linux users easily create
and manage system or application containers.

Features

Current LXC uses the following kernel features to contain processes:

  • Kernel namespaces (ipc, uts, mount, pid, network and user)
  • Apparmor and SELinux profiles
  • Seccomp policies
  • Chroots (using pivot_root)
  • Kernel capabilities
  • CGroups (control groups)

LXC containers are often considered as something in the middle between a chroot and
a full fledged virtual machine. The goal of LXC is to create an environment as close as possible
to a standard Linux installation but without the need for a separate kernel.

Components

LXC is currently made of a few separate components:

  • The liblxc library
  • Several language bindings for the API:
    • python3 (in-tree, long term support in 1.0.x and 2.0.x)
    • lua (in tree, long term support in 1.0.x and 2.0.x)
    • Go
    • ruby
    • python2
    • Haskell
  • A set of standard tools to control the containers
  • Distribution container templates

Licensing

LXC is free software, most of the code is released under the terms of the GNU LGPLv2.1+ license.

LXC VS LXD VS Docker
  • LXD is like LXC wrapper.
  • LXD is a daemon service that exposes REST API and manages the containers via liblxc.
  • The difference between LXD and Docker is that Docker is an application container, LXD is a system container. LXD use upstart/systemd like principal process inside the container and by default is ready to be a full VM environment with very light memory/cpu usage. Yes, you can build your docker with supervisorctl/runit, but you need to do manually this process.
  • LXD and Docker are different things. LXD gives you a “full OS” in a container and you can use any deployment tool that works in a VM for deploying applications in LXD. With Docker, your application is inside the container and you need different tools for deploying applications in Docker and do metric for performance.
  • LXD is based on,liblxc its purpose is to control some lxc with added capabilities, like snapshots or live migration. LXD is linked to andLXC they are OS centered.
  • Docker is much more application centered, based at the beginning on LXC but now independent from LXC, it can use openvz or whatever. Docker only focuses on application with lib and dependency, not on OS.
  • LXD is more like docker host.
  • Docker specializes in deploying apps

a5Neb.png

Setup of LXC :-

Experimented on – Ubuntu 16.04 with 2 GB Ram.

LXC is available on Ubuntu default repositories.

sudo apt-get install lxc lxctl lxc-templates

Now, enter the following command to check everything OK.

root@rupin-desktop:~# lxc-checkconfig

output:
Kernel configuration not found at /proc/config.gz; searching…
Kernel configuration found at /boot/config-4.4.0-64-generic
— Namespaces —
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Multiple /dev/pts instances: enabled

— Control groups —
Cgroup: enabled
Cgroup clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled

— Misc —
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
Bridges: enabled
Advanced netfilter: enabled
CONFIG_NF_NAT_IPV4: enabled
CONFIG_NF_NAT_IPV6: enabled
CONFIG_IP_NF_TARGET_MASQUERADE: enabled
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled
FUSE (for use with lxcfs): enabled

Creating Linux Containers

LXC is usage very simple, and easy. By default, LXC has many ready made templates. To list all available templates, enter the following command:

sudo ls /usr/share/lxc/templates/

lscontainer

list images:-

root@rupin-desktop:~# lxc-create --name ubuntu -t  download

lxc-create.png

To download Image from repository

Syntax:

sudo lxc-create -n <container-name> -t <template> -r <release>

Example:

lxc-create -n <name> -t debian -- -r jessie
sudo lxc-create -n ubuntu1 -t ubuntu

The above command will create a ubuntu container with name “ubuntu1″.

ubuntulxc

create a centos container, enter the following command.you should install “yum” package in order to create RPM based virtual units.

sudo apt-get install yum
sudo lxc-create -n centos01 -t centos

To create, opensuse container:

sudo lxc-create -n opensuse1 -t opensuse

List the Containers

lscontainerssss

Starting Containers

After creating the containers, start it using the following command.

lxc-start --name centos01

lxcstart

 lxc-start --name centos01 -d

To start a container in the background

Troubleshooting : – If it doesn’t start

lxc-start --name centos01 --logfile $HOME/lxc_ubuntu.log --logpriority DEBUG

As it, if things go wrong, you will be able to track them in the log file.

Login In

lxc-console -n ubuntu01

lxcconsole

lxccentos

Now, start using the new virtual unit (container). You can now install, remove, configure packages in this new container as the way you do in a normal physical machine.

Similarly, you can create virtual hosts as many as you want to.

To Logout the Console of Container :-

To exit from the container’s console, and return back to your original host computer, press “ctrl+a” followed by the letter “q” from your keyboard. Now, you’ll be returned back to the original host computer’s Terminal.

Details of any container:-

sudo lxc-info -n centos01

lxcinfo

View the IP Address:-

sudo lxc-ls --fancy centos01

lxcipinfo

Stopping Containers

sudo lxc-stop -n centos

Cloning Containers

sudo lxc-stop -n centos01
sudo lxc-clone centos01 centos02
sudo lxc-ls

snapshot of a container

lxc-stop -n centos01
lxc-snapshot -n centos01

the snapshots will be stored in /var/lib/lxc/ directory of your original host computer.

Restoring Snapshots

To restore a container from the snapshot, use the following command.

sudo lxc-snapshot -n centos01 -r snap0

Deleting Containers

To destroy a container completely from you original host, enter the following command:

sudo lxc-destroy -n centos01

Freeze / Unfreeze a container

 lxc-freeze -n centos01
 lxc-unfreeze -n centos01

Managing Containers using LXC web console

If you not happy with LXC command line console, you can use LXC web panel to manage containers easily through your web browser.

To install LXC web panel, run the following command:

wget http://lxc-webpanel.github.io/tools/install.sh -O - | sudo bash

Then, access the LXC web panel using URL: http://ip-address:5000. The default username/password is admin/admin.

snapshots will be stored

  • /var/lib/lxc/

Network setup Config File:-

  • /etc/lxc/default.conf

Debian system is installed on your rootfs location:-

  • /var/lib/lxc/<container>/rootfs

adapt network configuration for a container :-

  • /var/lib/lxc/centos01

 

Command

Synopsis

lxc-attach

(NOT SUPPORTED) Run a command in a running container

lxc-backup

Back up the root filesystems for all lvm-backed containers

lxc-cgroup

View and set container control group settings

lxc-checkconfig

Verify host support for containers

lxc-checkpoint

(NOT SUPPORTED) Checkpoint a running container

lxc-clone

Clone a new container from an existing one

lxc-console

Open a console in a running container

lxc-create

Create a new container

lxc-destroy

Destroy an existing container

lxc-execute

Run a command in a (not running) application container

lxc-freeze

Freeze a running container

lxc-info

Print information on the state of a container

lxc-kill

Send a signal to a container’s init

lxc-list

List all containers

lxc-ls

List all containers with shorter output than lxc-list

lxc-monitor

Monitor state changes of one or more containers

lxc-netstat

Execute netstat in a running container

lxc-ps

View process info in a running container

lxc-restart

(NOT SUPPORTED) Restart a checkpointed container

lxc-restore

Restore containers from backups made by lxc-backup

lxc-setcap

(NOT RECOMMENDED) Set file capabilities on LXC tools

lxc-setuid

(NOT RECOMMENDED) Set or remove setuid bits on LXC tools

lxc-shutdown

Safely shut down a container

lxc-start

Start a stopped container

lxc-start-ephemeral

Start an ephemeral (one-time) container

lxc-stop

Immediately stop a running container

lxc-unfreeze

Unfreeze a frozen container

lxc-unshare

Testing tool to manually unshare namespaces

lxc-version

Print the version of the LXC tools

lxc-wait

Wait for a container to reach a particular state

Resouces: –

https://help.ubuntu.com/12.04/serverguide/lxc.html

edx.org

https://linuxcontainers.org

http://unix.stackexchange.com/questions/254956/what-is-the-difference-between-docker-lxd-and-lxc.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s