<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
On 01/22/2016 04:09 PM, Steve Hayman wrote:<br>
<blockquote
cite="mid:CAM3N3wBaP3nkMdeAOtFFRDri1GJA9G7AcrEXOdZrBWJjS-z-qg@mail.gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<div dir="ltr">I'm currently running 1270 LXC containers in my
production environment, all serving a similar function to that
which you describe.<br>
</div>
</blockquote>
<br>
Hello Steve,<br>
<br>
Nice, I suppose you're happy with the stability, considering the
number of containers you run :)<br>
<br>
<blockquote
cite="mid:CAM3N3wBaP3nkMdeAOtFFRDri1GJA9G7AcrEXOdZrBWJjS-z-qg@mail.gmail.com"
type="cite">
<div dir="ltr">3.Ansible/bash and the LXC clone function are
extremely useful for this!<br>
4.We specifically have some ansible scripts that create the base
container on each new host, pre-seeded with all the other keys
and setup scripts. When we need a new container we clone this
one and then execute the setup scripts passing in the relevant
variables. <br>
</div>
</blockquote>
<br>
Seems like a sane approach, I like it. Do you do the pre-seed of all
the necessary packages by means of a series of "lxc-execute"
commands on the host, by chance? <br>
I was thinking of pushing a bash script to the container and running
it from inside, but that becomes a bit unreadable. I'd rather have
the "lxc-execute" commands listed one by one in ansible and run the
playbook against the host, if possible. I wonder if that's the
approach you use.<br>
<br>
Thanks for the helpful reply, I'll be happily get in contact with
you in case of questions!<br>
<br>
<br>
<blockquote
cite="mid:CAM3N3wBaP3nkMdeAOtFFRDri1GJA9G7AcrEXOdZrBWJjS-z-qg@mail.gmail.com"
type="cite">
<div dir="ltr"><br>
I'd be happy to go into greater detail if you were interested in
hearing more granular details about how we make it all work! <br>
<br>
Thanks,<br>
-SteveĀ </div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Jan 22, 2016 at 4:46 AM, Nicola
Volpini <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:nicola.volpini@kambi.com" target="_blank">nicola.volpini@kambi.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hello,<br>
<br>
I've been closely observing LXC's development and I'm
thrilled by how<br>
fast it grew. Well done!<br>
<br>
We are currently planning to deploy a software load balancer
solution.<br>
The LB will serve various VIPs, some exposed to the
internet, some used<br>
internally.<br>
Based on this, we would like to use LXC unprivileged
containers to<br>
isolate the load balancer processes, in a setup like this:<br>
<br>
Host:<br>
Br0 - connected to the internal network<br>
Br1 - exposed to the internet<br>
<br>
Container0:<br>
eth0 - attached to br0<br>
<br>
Container1 (internet facing):<br>
eth0 - attached to br0<br>
eth1 - attached to br1<br>
<br>
I initially ruled out LXD since it's apparently very young
and wanted to<br>
base everything on LXC, solid and tested.<br>
Playing with LXD, though, I realized how much more
convenient it is from<br>
an automation point of view: we could configure our
containers in<br>
non-modal mode via ansible instead of creating/editing
files, and stuff<br>
like that.<br>
<br>
So, a few questions:<br>
1. would the setup layout described above make sense?<br>
2. would it be a risky bet to base the project on LXD
instead of pure<br>
LXC? Since LXD uses LXC, I can't see any big
security/stability risks. I<br>
suppose the only concern would be related to changes in the
file format<br>
or in the CLI in later versions.<br>
3. would it be convenient to build our own templates? I need
to be able<br>
to preseed certain files like the monitoring agent, the
authentication,<br>
and so on into the containers during the installation. An
alternative<br>
would be to use Ansible but that would require me to specify
the initial<br>
users anyway, one way or another.<br>
4. related to templates: I can't find any documentation in
the wild. Any<br>
good resource you can point me to, so I can start studying?<br>
<br>
Thank you!<br>
<br>
<br>
CONFIDENTIALITY NOTICE: This email message (and any
attachment) is intended only for the individual or entity to
which it is addressed. The information in this email is
confidential and may contain information that is legally
privileged or exempt from disclosure under applicable law.
If you are not the intended recipient, you are strictly
prohibited from reading, using, publishing or disseminating
such information and upon receipt, must permanently delete
the original and destroy any copies. We take steps to
protect against viruses and other defects but advise you to
carry out your own checks and precautions as Kambi does not
accept any liability for any which remain. Thank you for
your co-operation.<br>
_______________________________________________<br>
lxc-users mailing list<br>
<a moz-do-not-send="true"
href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.linuxcontainers.org</a><br>
<a moz-do-not-send="true"
href="http://lists.linuxcontainers.org/listinfo/lxc-users"
rel="noreferrer" target="_blank">http://lists.linuxcontainers.org/listinfo/lxc-users</a></blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<p><a moz-do-not-send="true"
name="UNIQUE_ID_SafeHtmlFilter_UNIQUE_ID_SafeHtmlFilter__MailAutoSig"><span
style="font-size:10.5pt">Stephen Hayman | Zoey
Commerce | Ops</span></a></p>
<p><a moz-do-not-send="true"
href="http://www.zoeycommerce.com"
style="font-size:14px" target="_blank">http://www.zoeycommerce.com</a><br>
</p>
</div>
</div>
</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>