[lxc-users] Status of LXC on Ubuntu

Fajar A. Nugraha list at fajar.net
Wed Feb 25 11:27:14 UTC 2015 

On Wed, Feb 25, 2015 at 4:56 PM, Mark Clarkson
<mark.clarkson at smorg.co.uk> wrote:
> Hi,
> I'm not sure if this is the right place to ask but please point me in
> the right direction if not.
>
> I've done some quick tests with Ubuntu hosts in Virtual Box and have
> found the status of LXC in the hosts as follows:
>
>  Ubuntu Trusty 14.04 - comes with LXC 1.0 - Works
>  Ubuntu Utopic 14.10 - comes with LXC 1.1 - Doesn't work

Where did you find that?

>  Ubuntu Vivid - 15.04 - comes with LXC 1.1 - Works
>
> From information gathered from the Web it seems that the Utopic systemd

which "web", exactly?

> is too old to support LXC 1.1.

# cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.10
DISTRIB_CODENAME=utopic
DISTRIB_DESCRIPTION="Ubuntu 14.10"

# apt-cache policy lxc
lxc:
  Installed: 1.1.0+master~20150224-0137-0ubuntu1~utopic
  Candidate: 1.1.0+master~20150224-0137-0ubuntu1~utopic
  Version table:
 *** 1.1.0+master~20150224-0137-0ubuntu1~utopic 0
        500 http://ppa.launchpad.net/ubuntu-lxc/daily/ubuntu/
utopic/main amd64 Packages
        100 /var/lib/dpkg/status
     1.1.0~alpha2-0ubuntu3.1 0
        500 http://archive.ubuntu.com/ubuntu/ utopic-updates/main amd64 Packages
     1.1.0~alpha2-0ubuntu3 0
        500 http://archive.ubuntu.com/ubuntu/ utopic/main amd64 Packages

# lxc-ls -f
NAME      STATE    IPV4             IPV6  GROUPS  AUTOSTART
-----------------------------------------------------------
build-t   RUNNING  192.168.124.168  -     -       NO
c7v       STOPPED  -                -     -       NO
loop      STOPPED  -                -     -       NO
s10       STOPPED  -                -     -       NO
s11       STOPPED  -                -     -       NO
template  STOPPED  -                -     -       NO
trusty    STOPPED  -                -     -       NO
utopic    STOPPED  -                -     -       NO

# lxc-ls -f
NAME      STATE    IPV4             IPV6  GROUPS  AUTOSTART
-----------------------------------------------------------
build-t   RUNNING  192.168.124.168  -     -       NO
c7v       STOPPED  -                -     -       NO


Not sure about the bundled version, but at least the one from
https://launchpad.net/~ubuntu-lxc/+archive/ubuntu/daily works fine

>
> I would prefer to use Trusty for LTS but systemd is too old for the
> other software I need on the host so Utopic would be the next best

which "software" is that? Trusty is still the recommended version
(http://www.ubuntu.com/download/server)

And if it's a common FOSS (e.g. nginx, php), you DO know that there
are ppas providing a more updated version of that software, right?
e.g. https://launchpad.net/~ondrej/+archive/ubuntu/php5-5.6 for
php-5.6.

Plus, it's best to keep services on the host (e.g. running trusty) at
minimum, and run most "software" on the container instead, where you
can run trusty/utopic/centos/whatever.

> thing. Ubuntu Vivid works but I'm a little worried about using it in
> production.

If it's PRODUCTION, then the more reason for you to use trusty. That's
what I use on my servers.

The snippet pasted above (utopic) is from my laptop, which also runs
lxc-1.1 just fine, but I wouldn't recommend it for production servers.

> So, is LXC in Utopic supposed to work out-of-the-box the way the others
> do? Have I missed something [hopefully] simple?
>
> With Utopic I get
>
> # lxc-create -t download -n priv1 -- -d ubuntu -r trusty -a amd64

> # lxc-start -F -n priv1
> lxc-start: conf.c: remount_all_slave: 3884 Permission denied - Failed to
> make / rslave
> lxc-start: conf.c: remount_all_slave: 3885 Continuing...
> ... ... lots more of Permission denied ... ...


# lxc-create -t download -n t1 -B zfs --zfsroot rpool/lxc -- -d ubuntu
-r trusty -a amd64
Setting up the GPG keyring
Downloading the image index
Downloading the rootfs
Downloading the metadata
The image cache is now ready
Unpacking the rootfs

---
You just created an Ubuntu container (release=trusty, arch=amd64,
variant=default)

To enable sshd, run: apt-get install openssh-server

For security reason, container images ship without user accounts
and without a root password.

Use lxc-attach or chroot directly into the rootfs to set a root password
or create user accounts.


# zfs get compression,compressratio,used,logicalused rpool/lxc/t1
NAME          PROPERTY       VALUE     SOURCE
rpool/lxc/t1  compression    lz4       inherited from rpool
rpool/lxc/t1  compressratio  2.05x     -
rpool/lxc/t1  used           181M      -
rpool/lxc/t1  logicalused    369M      -


# lxc-start -F -n t1
 * Starting Mount filesystems on boot   ...done.
 * Stopping Send an event to indicate plymouth is up   ...done.
 * Starting Signal sysvinit that the rootfs is mounted   ...done.
 * Starting Populate /dev filesystem   ...done.
 * Starting Clean /tmp directory   ...done.
 * Starting Populate and link to /run filesystem   ...done.
 * Starting Track if upstart is running in a container   ...done.

Ubuntu 14.04.2 LTS t1 console

t1 login:



I still recommend trusty for production though.

Lastly, you might notice that it integratest nicely with zfs as well :)
Here's a howto for ubuntu on zfs root, if you're interested:
https://github.com/zfsonlinux/pkg-zfs/wiki/HOWTO-install-Ubuntu-14.04-or-Later-to-a-Native-ZFS-Root-Filesystem

-- 
Fajar

More information about the lxc-users mailing list