LXC
Revision as of 11:00, 18 September 2012 by Avagin (talk | contribs) (→Prepare a Linux Container (CT))
Prepare a Linux Container
Requirements
- A console should be disabled (lxc.console = none)
- udev should not run inside containers ($ mv /sbin/udevd{,.bcp})
Preparing a host environment
- Mount cgroupfs
$ mount -t cgroup c /cgroup
- Create a network bridge
# cat /etc/sysconfig/network-scripts/ifcfg-br0 DEVICE=br0 TYPE=Bridge BOOTPROTO=dhcp ONBOOT=yes DELAY=5 NM_CONTROLLED=n $ cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE="eth0" NM_CONTROLLED="no" ONBOOT="yes" BRIDGE=br0
Create and start a container
- Download an OpenVZ template and extract it.
curl http://download.openvz.org/template/precreated/centos-6-x86_64.tar.gz | tar -xz -C test-lxc
- Create config files
$ cat ~/test-lxc.conf lxc.console=none lxc.utsname = test-lxc lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.name = eth0 lxc.mount = /root/test-lxc/etc/fstab lxc.rootfs = /root/test-lxc-root/
$ cat /root/test-lxc/etc/fstab none /root/test-lxc-root/dev/pts devpts defaults 0 0 none /root/test-lxc-root/proc proc defaults 0 0 none /root/test-lxc-root/sys sysfs defaults 0 0 none /root/test-lxc-root/dev/shm tmpfs defaults 0 0
- Register the container
$ lxc-create -n test-lxc -f test-lxc.conf
- Start the container
$ mount --bind test-lxc test-lxc-root/ $ lxc-start -n test-lxc
Dump/Restore a Linux Container
Installation
The installation process is described here.
Example
We have an application test to test dump/restore of a Linux Container.
This test contains two files: run.sh and network-script.sh.
The script run.sh is a main script, which executes crtools two times for dumping and restoring CT. This scripts contains actual options for crtools.
The script network-script.sh is used to lock and unlock CT's network. During dump a state of CT should not be changed, so CR tools freezes processes and executes an external script to freeze network. On restore CR tools restores states of processes and resumes the CT, which includes resume of processes and network). An external script is used to unlock CT's network.