[Lxc-users] File sharing between host and container during startup

Daniel Lezcano daniel.lezcano at free.fr
Sun Jun 6 20:31:21 UTC 2010


On 06/06/2010 09:57 PM, Nirmal Guhan wrote:
> On Sun, Jun 6, 2010 at 11:16 AM, Daniel Lezcano<daniel.lezcano at free.fr>wrote:
>
>    
>> On 06/04/2010 05:44 PM, Nirmal Guhan wrote:
>>
>>      
>>> Hi,
>>>
>>> I tried to extend the fstab as below:
>>>
>>> /etc/resolv.conf  /lxc/lenny/rootfs.lenny/etc/
>>> resolv.conf none bind 0 0
>>> /test          /testdir  none bind 0 0<--- I added this line
>>>
>>>        
>>>>  From the host :
>>>>          
>>> # ls /testdir
>>> a  b  c
>>>
>>>        
>>>>  From the container :
>>>>          
>>> [root at test-fedora lenny]# chroot rootfs.lenny/
>>> test-fedora:/# ls /test
>>> test-fedora:/#
>>>
>>> But when I do lxc-start I get an error as :
>>> #lxc-start -n lencon
>>> lxc-start: No such file or directory - failed to mount '/test' on
>>> '/testdir'
>>>
>>> Basically what am trying to do is to share the host library files (/lib)
>>> between the containers.
>>>
>>> Any clues on the error above? Please let me know. Also, any better way to
>>> share the files between host and container will be helpful.
>>>
>>>
>>>        
>> Hi Nimal,
>>
>> I am not sure to understand what you are trying to achieve. You created a
>> system container, but you want to launch it as an application container. Can
>> you give your use case if possible, so I may be able to give more clues on
>> how to set ip up.
>>
>> Thanks
>>   -- Daniel
>>
>>      
> Hi Daniel,
>
> I want to run my application on fedora as a container and use the libraries
> (/lib, /usr/lib) from the host (so my application container size is small).
> I did lxc-create but lxc-execute failed (I had sent a mail earlier on this).
> Suggestion was to use lxc-start itself and run as system container.
>
> I changed the fstab file and could share the lib directory.
>
> Please let me know if there are better solution for my use case. I would
> like to try it too.
>    

What do you want to isolate ?

AFAICS, you would like to share the filesystem, maybe you not need to 
specify a rootfs.

I suggest you remove the containers you previously created in order to 
restart on a sane base. In case, list them with "lxc-ls" to make sure 
you have no remaining containers set on your system.

Then just do without any previous creation:

lxc-execute -n foo <myapplication>

Your application will run with its own private mount points, pids, ipcs, 
uts and setup with a cgroup.

If you need more isolation like the network:

create a configuration file "eg. lxc.conf"

lxc.utsname = myapplication
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.ipv4 = 1.2.3.5/24

and launch it with the command lxc-execute -n foo -f lxc.conf 
<myapplication>

Or alternatively without a configuration file,

lxc-execute -n foo -s lxc.utsname=myapplication -s lxc.network.type=veth 
-s lxc.network.flags=up -s lxc.network.link=br0 -s 
lxc.network.ipv4=1.2.3.5/24 <myapplication>

At this point, if you need to be more secure or the application you are 
launching is writing to a directory and this is conflicting with another 
instance of the same application, let me know, I will give you a more 
complex configuration.

What is needed are informations about the application (a web server, a 
sshd, an autistic application, etc ...).

Thanks
   -- Daniel










More information about the lxc-users mailing list