[Lxc-users] File sharing between host and container during startup
Daniel Lezcano
daniel.lezcano at free.fr
Sun Jun 6 20:31:21 UTC 2010
On 06/06/2010 09:57 PM, Nirmal Guhan wrote:
> On Sun, Jun 6, 2010 at 11:16 AM, Daniel Lezcano<daniel.lezcano at free.fr>wrote:
>
>
>> On 06/04/2010 05:44 PM, Nirmal Guhan wrote:
>>
>>
>>> Hi,
>>>
>>> I tried to extend the fstab as below:
>>>
>>> /etc/resolv.conf /lxc/lenny/rootfs.lenny/etc/
>>> resolv.conf none bind 0 0
>>> /test /testdir none bind 0 0<--- I added this line
>>>
>>>
>>>> From the host :
>>>>
>>> # ls /testdir
>>> a b c
>>>
>>>
>>>> From the container :
>>>>
>>> [root at test-fedora lenny]# chroot rootfs.lenny/
>>> test-fedora:/# ls /test
>>> test-fedora:/#
>>>
>>> But when I do lxc-start I get an error as :
>>> #lxc-start -n lencon
>>> lxc-start: No such file or directory - failed to mount '/test' on
>>> '/testdir'
>>>
>>> Basically what am trying to do is to share the host library files (/lib)
>>> between the containers.
>>>
>>> Any clues on the error above? Please let me know. Also, any better way to
>>> share the files between host and container will be helpful.
>>>
>>>
>>>
>> Hi Nimal,
>>
>> I am not sure to understand what you are trying to achieve. You created a
>> system container, but you want to launch it as an application container. Can
>> you give your use case if possible, so I may be able to give more clues on
>> how to set ip up.
>>
>> Thanks
>> -- Daniel
>>
>>
> Hi Daniel,
>
> I want to run my application on fedora as a container and use the libraries
> (/lib, /usr/lib) from the host (so my application container size is small).
> I did lxc-create but lxc-execute failed (I had sent a mail earlier on this).
> Suggestion was to use lxc-start itself and run as system container.
>
> I changed the fstab file and could share the lib directory.
>
> Please let me know if there are better solution for my use case. I would
> like to try it too.
>
What do you want to isolate ?
AFAICS, you would like to share the filesystem, maybe you not need to
specify a rootfs.
I suggest you remove the containers you previously created in order to
restart on a sane base. In case, list them with "lxc-ls" to make sure
you have no remaining containers set on your system.
Then just do without any previous creation:
lxc-execute -n foo <myapplication>
Your application will run with its own private mount points, pids, ipcs,
uts and setup with a cgroup.
If you need more isolation like the network:
create a configuration file "eg. lxc.conf"
lxc.utsname = myapplication
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.ipv4 = 1.2.3.5/24
and launch it with the command lxc-execute -n foo -f lxc.conf
<myapplication>
Or alternatively without a configuration file,
lxc-execute -n foo -s lxc.utsname=myapplication -s lxc.network.type=veth
-s lxc.network.flags=up -s lxc.network.link=br0 -s
lxc.network.ipv4=1.2.3.5/24 <myapplication>
At this point, if you need to be more secure or the application you are
launching is writing to a directory and this is conflicting with another
instance of the same application, let me know, I will give you a more
complex configuration.
What is needed are informations about the application (a web server, a
sshd, an autistic application, etc ...).
Thanks
-- Daniel
More information about the lxc-users
mailing list