[lxc-devel] Building NST under LXC

Serge Hallyn serge.hallyn at ubuntu.com
Mon Mar 31 23:11:29 UTC 2014


Quoting Michael H. Warfield (mhw at WittsEnd.com):
> Hey Paul, Ron...
> 
> Been a while, no chat...  Last time was almost a year ago over problems
> building Network Security Tookit 18 over root/sudo/user.  I've recently
> started building some custom NST 20 (Fedora 20) builds.  Couple of minor
> gotcha's but nothing I couldn't work out for myself.  Good work as usual
> on the NST front.
> 
> You do need to update the web pages on "Building NST" to reflect the
> update to Fedora 20.  It still says Fedora 18.  :-)=)  Just saying...
> 
> I've lately been involved in the LXC project (Linux Containers) and been
> contributing heavily to the Fedora and CentOS templates there.  The LXC
> devel group is cc'ed on this.  I wouldn't mind creating an NST template
> if things work out right.  Incorporating LXC into NST on an NST host
> would also be a desirable target.
> 
> It's been a standing goal for me to be able to build NST iso images from
> within LXC light weight containers.  To date, I have had a dedicated
> i686 tower and an x86_64 tower just for building custom NST builds.
> Being able to build NST from within a container would allow me to retire
> two entire tower systems and consolidate them onto a big rack server I
> have.  I have a beefy 2U x86_64 system with 16 processors, 64G of RAM
> and several TB of disk that can take over those tasks without even
> flinching the load average.  So, that's been a goal for a while now...
> 
> I've largely achieved that goal now (and this is for some of the LXC
> gang)...  The LXC container must have loop devices available to it and
> created (and I'm sure Serge and Stéphane over at the LXC group are
> immediately going "well duh") and must also have the "setfcap"

Fwiw Seth is working on kernel support for loop devices in containers
through a loopfs.  Stay tuned...

-serge


More information about the lxc-devel mailing list