[lxc-users] lxc / lxd I'm lost somewhere
Fajar A. Nugraha
list at fajar.net
Tue Mar 15 03:27:40 UTC 2016
On Fri, Mar 11, 2016 at 9:05 AM, Benoit GEORGELIN - Association
Web4all <benoit.georgelin at web4all.fr> wrote:
> 1- subuid /subgid
> Can I have different id/gid mapping
> for this daemon ?
>
> Exemple :
> Container A: 100000:65536
> Container B: 165536:65536
I don't think so. Even setting with raw.lxc won't work.
> 2- IP address and mac address
> Is the only way to get the mac address assigne to the container is to go
> inside de container ? No lxc command to get the info ?
# lxc config get c1 volatile.eth0.hwaddr
volatile.eth0.hwaddr: 00:16:3e:90:7d:e2
> 3- config vs profile
> what it the best option to set container configuration ?
> Can I keep the config file as generated by the first launch and make my own
> profile configuration or should I edit the config of the container and only
> apply profile to share same custom configuration ?
>
> Let's say if I wanna custom container configuration (from script) and add a
> device type nic (eth0)
> Should I use "lxc config device add ......." or
> should I dump the initial configuration to a yml file , add the device
> information , reload config from stdin
> should I keep the initial configuration file and create a new template ,
> custom the template and finally apply the template ?
Probably use whatever easiest.
For small changes, "lxc config ..." might be your best choice.
> 4- Veth / Bridged
>
> In LXC i could not have a specific name for the nic in unpriv container.
> (veth)
You could, if the container is started as root but have lxc.id_map.
Which is basically what lxd does.
> Looks like now with LXD it's possible (bridged) ?
lxc config device add c1 eth0 nic nictype=bridged parent=lxcbr0
name=eth0 host_name=veth-c1-0
> 5- Unpriv container
> If the init process from the host point of view is running with specific
> uid/gid means that the container is well running as unpriv ?
yes
> lxd monitor process runs as the user who launch lxd daemon right ?
AFAIK lxd daemon should be launched by root. lxc-monitor also runs as root
> 6- Any openvswitch integration (or other virtual switch ) sheduled ?
> Not full integration , just basic settings and some open flow rules for
> security
No idea, sorry.
>
> 7- Quota with btrfs
> I saw LXD support quota with some backend storage. How using it with BTRFS ?
> Is it part from LXD container configuration or does it rely on FS
> configuration . No information about it on the doc
> https://github.com/lxc/lxd/blob/master/specs/configuration.md
This works with zfs:
- lxc config edit c1
- add 'size: 10GB' after 'path: /'
- save
If that doesn't work, you probably need to set quotas manually using
btrfs tools. Last time I check it's complicated.
--
Fajar
More information about the lxc-users
mailing list