[Lxc-users] LXC on RHEL/CenOS 5.5 Host?
Noah Campbell
noahcampbell at gmail.com
Fri Jan 14 17:58:16 UTC 2011
I was also looking at a similar configuration.
If you can upgrade your kernel, you have a shot. http://lxc.sourceforge.net/index.php/about/kernel-namespaces/ gives the minimum kernel for a particular configuration.
-Noah
On Jan 14, 2011, at 8:59 AM, Cal Webster wrote:
>
> [Platform]
>
> Hardware:
>
> Dell PowerEdge T300
> -------------------
> CPU: Core Duo 1.86 GHz w/ 1066 FSB, 2M cache
> Memory: 4G DIMM RAM 667MHz
> Storage: 1 TB RAID 5
> -------------------
>
> Software:
>
> OS: CentOS 5.5
> kernel-2.6.18-194.26.1.el5
> gcc-4.1.2-48.el5
> glibc-2.5-49.el5_5.7
>
>
> [Background]
>
> I've got a "svelt" CentOS 5 development server (outlined above) where as
> many as five developers need to periodically run instances of a
> real-time application, possibly as many as 3 or 4 simultaneously. Each
> instance expects to be the only one running on the machine. Multiple
> instances will collide.
>
> I've looked at OpenVZ but it apparently cannot coexist with SELinux,
> which is a deal-breaker for us. Our security policy requires an active,
> targeted and customized SELinux policy. I have been unable to get any
> OpenVZ users or developers to explain the nature of the SELinux
> compatibility issues, however. Instead they suggested I look at LXC.
>
> LXC appears to have everything we need, including isolation of resources
> and processes as well as SELinux protection. After looking over the LXC
> project it appears that it is available only to kernels starting with
> 2.6.29. CentOS 5.5 is currently running 2.6.18-194.26.1.el5.
>
>
> [Questions]
>
> First, can anyone tell me if it's possible to install and use Linux
> Containers on a RHEL/CentOS 5 host?
>
> Next, are there RPMs, SRPMs, or even kernel patches and tar-ball sources
> available to accomplish this?
>
> Finally, if it is not possible (or reasonably feasable) to host LXC on
> CentOS 5, can someone tell me whether it might be possible to develop a
> functional SELinux policy within which OpenVZ could operate? If not, why
> not?
>
> Otherwise, I'll probably have to settle for KVM virtual machines and
> just try to minimize their resource footprint.
>
>
> Thanks in advance for any information, suggestions, useful links, etc.
>
> Cal Webster
>
>
>
> ------------------------------------------------------------------------------
> Protect Your Site and Customers from Malware Attacks
> Learn about various malware tactics and how to avoid them. Understand
> malware threats, the impact they can have on your business, and how you
> can protect your company and customers by using code signing.
> http://p.sf.net/sfu/oracle-sfdevnl
> _______________________________________________
> Lxc-users mailing list
> Lxc-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-users
More information about the lxc-users
mailing list