[lxc-users] User Mode Linux within a Linux Container

Pablo Pessolani ppessolani at hotmail.com
Wed Jan 31 12:19:47 UTC 2018


Thanks Fajar.

I am doing this for research purposes.

I will report the results.

Regards.

PAP



________________________________
De: lxc-users <lxc-users-bounces at lists.linuxcontainers.org> en nombre de Fajar A. Nugraha <list at fajar.net>
Enviado: martes, 30 de enero de 2018 07:16 p.m.
Para: LXC users mailing-list
Asunto: Re: [lxc-users] User Mode Linux within a Linux Container

On Wed, Jan 31, 2018 at 2:54 AM, Pablo Pessolani <ppessolani at hotmail.com> wrote:
> Does anybody has run User Mode Linux (UML) within a Linux Container?
>
> And several UMLs within several Containers? (one UML  by Container)
>
> Is there any limitation so that this can not be done?


If you're doing this for research purposes, I say 'try it and report
the result'. I've had success running openvpn (which use tun/tap
adapter that UML also need) even inside unprivileged container, with
minor changes to the systemd unit to enable autostart. I've also run
virtualbox in privileged containers (although in this case IIRC I had
to disable/modify apparmor/seccomp/dropped capabilities, which would
make it undesirable for 'production' uses). My GUESS is that UML will
behave similar to openvpn (since it doesn't require any special kernel
module other than tun/tap).

If you're doing this for performance / security / privilege separation
purposes, I suggest don't do that. Possibly look into nested
containers instead.

--
Fajar
_______________________________________________
lxc-users mailing list
lxc-users at lists.linuxcontainers.org
http://lists.linuxcontainers.org/listinfo/lxc-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20180131/06554041/attachment.html>


More information about the lxc-users mailing list