[Lxc-users] An application container for apache?
Dean Mao
deanmao at gmail.com
Wed Jan 26 16:12:23 UTC 2011
Yeah, the only thing you really can't bind-mount as read-only is probably
the /var directory since all kinds of runtime stuff goes into there.
However, that directory is usually pretty small anyway (mine is only 4MB).
If you use a debian based distro it's probably important to remove any
cached deb files & package listings.
On Wed, Jan 26, 2011 at 6:33 AM, Patrick Westphal <
patrick.westphal at inqbus.de> wrote:
>
> > Here's mine, if it helps anyone. I use this for all my containers so
> > that I don't need to have a bunch of duplicated files for every lxc
> > container running on my system:
> >
> > lxc.mount.entry=proc /var/lib/lxc/squeeze1/rootfs/proc proc
> > nodev,noexec,nosuid 0 0
> > lxc.mount.entry=devpts /var/lib/lxc/squeeze1/rootfs/dev/pts devpts
> > defaults 0 0
> > lxc.mount.entry=sysfs /var/lib/lxc/squeeze1/rootfs/sys sysfs defaults 0
> 0
> > lxc.mount.entry=/opt /var/lib/lxc/squeeze1/rootfs/opt none bind,ro 0 0
> > lxc.mount.entry=/lessfs/squeeze/rootfs/bin
> > /var/lib/lxc/squeeze1/rootfs/bin none bind,ro 0 0
> > lxc.mount.entry=/lessfs/squeeze/rootfs/boot
> > /var/lib/lxc/squeeze1/rootfs/boot none bind,ro 0 0
> > lxc.mount.entry=/lessfs/squeeze/rootfs/lib
> > /var/lib/lxc/squeeze1/rootfs/lib none bind,ro 0 0
> > lxc.mount.entry=/lessfs/squeeze/rootfs/lib64
> > /var/lib/lxc/squeeze1/rootfs/lib64 none bind,ro 0 0
> > lxc.mount.entry=/lessfs/squeeze/rootfs/sbin
> > /var/lib/lxc/squeeze1/rootfs/sbin none bind,ro 0 0
> > lxc.mount.entry=/lessfs/squeeze/rootfs/usr
> > /var/lib/lxc/squeeze1/rootfs/usr none bind,ro 0 0
> >
> > For my system in /lessfs/squeeze/rootfs, I can upgrade it and simply
> > reboot one of my containers and have all their binaries upgraded as well.
> >
> Ah - k. See the point. Having a master (skeleton) container gives an
> even better decoupling of the host and a container (than I have
> bind-mounting the host binaries). Didn't think of that. Thanks!
>
>
> ------------------------------------------------------------------------------
> Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)!
> Finally, a world-class log management solution at an even better
> price-free!
> Download using promo code Free_Logger_4_Dev2Dev. Offer expires
> February 28th, so secure your free ArcSight Logger TODAY!
> http://p.sf.net/sfu/arcsight-sfd2d
> _______________________________________________
> Lxc-users mailing list
> Lxc-users at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20110126/a02b1dcc/attachment.html>
More information about the lxc-users
mailing list