[lxc-users] Use image file for unprivileged containers

Christian Brauner christian at brauner.io
Fri Jun 15 16:20:36 UTC 2018


On Fri, Jun 15, 2018 at 06:03:06PM +0200, Dr. Todor Dimitrov wrote:
> >> but it will have to be idshifted before the start.
> 
> So the id shifting will be also done automatically? Once or on each start?

No, the id shifting is *not* done by LXC. Only the *mount*.

> 
> What about the format of the image file? Is there any documentation or samples on this? I assume a dd img with a single partition (e.g. ext4) should be OK?

We don't really handle partitions, I think. You can setup a privileged
container with:

sudo lxc-create ttt -t download -B loop -- -d alpine -r edge -a amd64

and then take a look at the loop file that got created. This is the
format we support.

Christian

> 
> Thanks,
> Todor
> 
> > On 15. Jun 2018, at 17:50, Christian Brauner <christian at brauner.io> wrote:
> > 
> > On Fri, Jun 15, 2018 at 05:02:50PM +0200, Dr. Todor Dimitrov wrote:
> >> Hallo Christian,
> >> 
> >> do I have to manually perform the loop mount? I thought this was done by the LXC runtime.
> > 
> > Yes, the mount is performed. If you have manually prepared an image you
> > can do:
> > 
> > lxc.rootfs.path = loop:/path/to/file
> > 
> >> 
> >> What is actually meant by “image file” inside the documentation:
> >> 
> >> “
> >> lxc.rootfs.path - specify the root file system for the container. It can be an image file, a directory or a block device. If not specified, the container shares its root file system with the host.
> >> "
> >> 
> >> Todor
> >> 
> >>> On 15. Jun 2018, at 16:39, Christian Brauner <christian at brauner.io> wrote:
> >>> 
> >>> On Fri, Jun 15, 2018 at 10:28:34AM +0200, Dr. Todor Dimitrov wrote:
> >>>> Hallo,
> >>>> 
> >>>> is it possible to use an image file with “lxc.rootfs.path” for an
> >>>> unprivileged container? If possible, is it necessary to have the
> >>>> correct file ownerships within the image or are these automatically
> >>>> adjusted on start, e.g. on mount.
> >>> 
> >>> If by image you mean something you can mount on a loop device then yes
> >>> but it will have to be idshifted before the start.
> >>> 
> >>> Christian
> >>> 
> >>>> 
> >>>> Thanks in advance,
> >>>> Todor
> >>>> 
> >>> 
> >>> 
> >>> 
> >>>> _______________________________________________
> >>>> lxc-users mailing list
> >>>> lxc-users at lists.linuxcontainers.org
> >>>> http://lists.linuxcontainers.org/listinfo/lxc-users
> >>> 
> >>> _______________________________________________
> >>> lxc-users mailing list
> >>> lxc-users at lists.linuxcontainers.org
> >>> http://lists.linuxcontainers.org/listinfo/lxc-users
> >> 
> > 
> > 
> > 
> >> _______________________________________________
> >> lxc-users mailing list
> >> lxc-users at lists.linuxcontainers.org
> >> http://lists.linuxcontainers.org/listinfo/lxc-users
> > 
> > _______________________________________________
> > lxc-users mailing list
> > lxc-users at lists.linuxcontainers.org
> > http://lists.linuxcontainers.org/listinfo/lxc-users
> 



> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users



More information about the lxc-users mailing list