[lxc-users] lxc / lxd I'm lost somewhere
Benoit GEORGELIN - Association Web4all
benoit.georgelin at web4all.fr
Tue Mar 1 23:48:44 UTC 2016
Thanks for your answer.
Looks like profiles will be the best way to keep LXD in the loop :)
About nesting containers, that would not be needed if multiple LXD daemon could run at the same time as normal system user. Not sure if possible.
So each system user could have their own LXD to tallk to.
Cordialement,
Benoît
De: "Mark Constable" <markc at renta.net>
À: "lxc-users" <lxc-users at lists.linuxcontainers.org>
Envoyé: Mardi 1 Mars 2016 18:34:29
Objet: Re: [lxc-users] lxc / lxd I'm lost somewhere
On 02/03/16 01:34, Benoit GEORGELIN - Association Web4all wrote:
> User A will have his own space for containers
> User B will have his own space for containers
>
> They should do "lxc-ls -f" or "lxc list" and see only their own containers
>
> Maybe this is not a typical use case ?
I think the best way to achieve this level of user isolation would be to
use nested containers so that each user is assigned to and logged into
a "parent" container and then they have full control of and can only view
their own (nested) containers. I'm not sure how well containers within
containers is supported these days but it does work to some degree.
As for a LXD version of this...
lxc-create -n test -t ubuntu -B lvm --lvname test --vgname vg_node1 --fstype ext4 --fssize 1GB
it could be as simple as...
lxc launch unbuntu test
where extra settings may need a custom profile according to...
https://github.com/lxc/lxd/blob/master/specs/configuration.md
_______________________________________________
lxc-users mailing list
lxc-users at lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160302/c11cf3f0/attachment.html>
More information about the lxc-users
mailing list