[lxc-users] lxc / lxd I'm lost somewhere

Benoit GEORGELIN - Association Web4all benoit.georgelin at web4all.fr
Tue Mar 15 13:57:52 UTC 2016 

Thanks for you inputs Fajar , really appreciated. 

Cordialement, 

Benoît 
Afin de contribuer au respect de l'environnement, merci de n'imprimer ce mail qu'en cas de nécessité 


De: "Fajar A. Nugraha" <list at fajar.net> 
À: "lxc-users" <lxc-users at lists.linuxcontainers.org> 
Envoyé: Lundi 14 Mars 2016 23:27:40 
Objet: Re: [lxc-users] lxc / lxd I'm lost somewhere 

On Fri, Mar 11, 2016 at 9:05 AM, Benoit GEORGELIN - Association 
Web4all <benoit.georgelin at web4all.fr> wrote: 
> 1- subuid /subgid 
> Can I have different id/gid mapping 
> for this daemon ? 
> 
> Exemple : 
> Container A: 100000:65536 
> Container B: 165536:65536 

I don't think so. Even setting with raw.lxc won't work. 


> 2- IP address and mac address 
> Is the only way to get the mac address assigne to the container is to go 
> inside de container ? No lxc command to get the info ? 

# lxc config get c1 volatile.eth0.hwaddr 
volatile.eth0.hwaddr: 00:16:3e:90:7d:e2 


> 3- config vs profile 
> what it the best option to set container configuration ? 
> Can I keep the config file as generated by the first launch and make my own 
> profile configuration or should I edit the config of the container and only 
> apply profile to share same custom configuration ? 
> 
> Let's say if I wanna custom container configuration (from script) and add a 
> device type nic (eth0) 
> Should I use "lxc config device add ......." or 
> should I dump the initial configuration to a yml file , add the device 
> information , reload config from stdin 
> should I keep the initial configuration file and create a new template , 
> custom the template and finally apply the template ? 

Probably use whatever easiest. 
For small changes, "lxc config ..." might be your best choice. 


> 4- Veth / Bridged 
> 
> In LXC i could not have a specific name for the nic in unpriv container. 
> (veth) 

You could, if the container is started as root but have lxc.id_map. 
Which is basically what lxd does. 


> Looks like now with LXD it's possible (bridged) ? 

lxc config device add c1 eth0 nic nictype=bridged parent=lxcbr0 
name=eth0 host_name=veth-c1-0 


> 5- Unpriv container 
> If the init process from the host point of view is running with specific 
> uid/gid means that the container is well running as unpriv ? 

yes 


> lxd monitor process runs as the user who launch lxd daemon right ? 

AFAIK lxd daemon should be launched by root. lxc-monitor also runs as root 


> 6- Any openvswitch integration (or other virtual switch ) sheduled ? 
> Not full integration , just basic settings and some open flow rules for 
> security 

No idea, sorry. 


> 
> 7- Quota with btrfs 
> I saw LXD support quota with some backend storage. How using it with BTRFS ? 
> Is it part from LXD container configuration or does it rely on FS 
> configuration . No information about it on the doc 
> https://github.com/lxc/lxd/blob/master/specs/configuration.md 

This works with zfs: 
- lxc config edit c1 
- add 'size: 10GB' after 'path: /' 
- save 

If that doesn't work, you probably need to set quotas manually using 
btrfs tools. Last time I check it's complicated. 

-- 
Fajar 
_______________________________________________ 
lxc-users mailing list 
lxc-users at lists.linuxcontainers.org 
http://lists.linuxcontainers.org/listinfo/lxc-users 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20160315/0e556ed2/attachment.html>

More information about the lxc-users mailing list