[lxc-devel] Building NST under LXC
Serge Hallyn
serge.hallyn at ubuntu.com
Mon Mar 31 23:11:29 UTC 2014
Quoting Michael H. Warfield (mhw at WittsEnd.com):
> Hey Paul, Ron...
>
> Been a while, no chat... Last time was almost a year ago over problems
> building Network Security Tookit 18 over root/sudo/user. I've recently
> started building some custom NST 20 (Fedora 20) builds. Couple of minor
> gotcha's but nothing I couldn't work out for myself. Good work as usual
> on the NST front.
>
> You do need to update the web pages on "Building NST" to reflect the
> update to Fedora 20. It still says Fedora 18. :-)=) Just saying...
>
> I've lately been involved in the LXC project (Linux Containers) and been
> contributing heavily to the Fedora and CentOS templates there. The LXC
> devel group is cc'ed on this. I wouldn't mind creating an NST template
> if things work out right. Incorporating LXC into NST on an NST host
> would also be a desirable target.
>
> It's been a standing goal for me to be able to build NST iso images from
> within LXC light weight containers. To date, I have had a dedicated
> i686 tower and an x86_64 tower just for building custom NST builds.
> Being able to build NST from within a container would allow me to retire
> two entire tower systems and consolidate them onto a big rack server I
> have. I have a beefy 2U x86_64 system with 16 processors, 64G of RAM
> and several TB of disk that can take over those tasks without even
> flinching the load average. So, that's been a goal for a while now...
>
> I've largely achieved that goal now (and this is for some of the LXC
> gang)... The LXC container must have loop devices available to it and
> created (and I'm sure Serge and Stéphane over at the LXC group are
> immediately going "well duh") and must also have the "setfcap"
Fwiw Seth is working on kernel support for loop devices in containers
through a loopfs. Stay tuned...
-serge
More information about the lxc-devel
mailing list