[Lxc-users] Ubuntu template questions
Serge Hallyn
serge.hallyn at canonical.com
Wed Mar 28 17:34:30 UTC 2012
Quoting Papp Tamas (tompos at martos.bme.hu):
> On 03/13/2012 08:02 PM, Serge Hallyn wrote:
>
> I'm sorry for the late answer.
>
> >Hm, perhaps /etc/network/if-up.d/ntpdate should be updated to not run
> >in a container.
> >
> >It also might be worth removing CAP_SYS_TIME from the container's
> >rights.
>
> Yes, that's true.
>
> >You mean to run after the container has been created? That'd be a
> >nice features, yes. Stéphane has also suggested pre- and
> >post-start scripts for container start/stop.
>
> Yes, exactly. Right now there is a lot of hardcoded option (eg.
> ubuntu user, network setup.. etc.)
>
> >4. I always wanted to ask, why lxc-create command has a switch '-n' if
> >it defined in the configuration anyway?
> >Hmm? I never put the hostname in my configuration manually.
>
> lxc configuration contains lxc.utsname = NAME.
> Than it's needed to setup the container with lxc-create -n NAME -f config
>
> >Well, these templates are used by people doing juju, openstack,
> >and launchpad/buildd stuff. Yes we've never really discussed how
> >we should go about deciding good defaults. We probably should.
>
> If there is an pre/post script solution, it's getting not so important.
>
> >>6. How can I deploy it to a custom directory? With the switch '-B' I was
> >>not successful. Anyway, many times I just want to create a container
> >>with no individual partition (volume). Now I copied it from /var/lib/lxc.
> >Not sure what you mean. -B only really supports lvm right now. It should
> >be made to support loopback qemu-nbd images.
> >
> >In the lxc server guide (a rough draft is at
> >https://code.launchpad.net/~serge-hallyn/serverguide/serverguide-lxc
> >with a rougher but pdf draft at
> >http://people.canonical.com/~serge/lxc.serverguide.pdf)
> >I strongly recommend against picking custom locations. Rather, if you
> >need more space, symlink or bind-mount in another filesystem to
> >/var/lib/lxc and /var/cache/lxc.
>
> Why
Because of the way lxc-create interacts with the templates. It is very
hard to make it do the right thing if you specify a custom path, and
when it's not right it can harm your host.
-serge
More information about the lxc-users
mailing list