John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 1 | .. _containerCreation: |
| 2 | |
| 3 | .. toctree:: |
| 4 | |
| 5 | Creating Containers |
| 6 | ___________________ |
| 7 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 8 | Make sure you have gone through :ref:`installingVPP` on the system you want to create containers on. |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 9 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 10 | After VPP is installed, get root privileges with: |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 11 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 12 | .. code-block:: console |
| 13 | |
| 14 | $ sudo bash |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 15 | |
| 16 | Then install packages for containers such as lxc: |
| 17 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 18 | .. code-block:: console |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 19 | |
| 20 | # apt-get install bridge-utils lxc |
| 21 | |
| 22 | As quoted from the `lxc.conf manpage <https://linuxcontainers.org/it/lxc/manpages/man5/lxc.conf.5.html>`_, "container configuration is held in the config stored in the container's directory. |
| 23 | A basic configuration is generated at container creation time with the default's recommended for the chosen template as well as extra default keys coming from the default.conf file." |
| 24 | |
| 25 | "That *default.conf* file is either located at /etc/lxc/default.conf or for unprivileged containers at ~/.config/lxc/default.conf." |
| 26 | |
| 27 | Since we want to ping between two containers, we'll need to **add to this file**. |
| 28 | |
| 29 | Look at the contents of *default.conf*, which should initially look like this: |
| 30 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 31 | .. code-block:: console |
Nathan Skrzypczak | 9ad39c0 | 2021-08-19 11:38:06 +0200 | [diff] [blame] | 32 | |
John DeNisco | a14c166 | 2018-08-01 10:38:23 -0400 | [diff] [blame] | 33 | # cat /etc/lxc/default.conf |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 34 | lxc.network.type = veth |
| 35 | lxc.network.link = lxcbr0 |
| 36 | lxc.network.flags = up |
| 37 | lxc.network.hwaddr = 00:16:3e:xx:xx:xx |
| 38 | |
| 39 | As you can see, by default there is one veth interface. |
| 40 | |
| 41 | Now you will *append to this file* so that each container you create will have an interface for a Linux bridge and an unconsumed second interface. |
| 42 | |
Nathan Skrzypczak | 9ad39c0 | 2021-08-19 11:38:06 +0200 | [diff] [blame] | 43 | You can do this by piping *echo* output into *tee*, where each line is separated with a newline character *\\n* as shown below. Alternatively, you can manually add to this file with a text editor such as **vi**, but make sure you have root privileges. |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 44 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 45 | .. code-block:: console |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 46 | |
| 47 | # echo -e "lxc.network.name = veth0\nlxc.network.type = veth\nlxc.network.name = veth_link1" | sudo tee -a /etc/lxc/default.conf |
| 48 | |
| 49 | Inspect the contents again to verify the file was indeed modified: |
| 50 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 51 | .. code-block:: console |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 52 | |
John DeNisco | a14c166 | 2018-08-01 10:38:23 -0400 | [diff] [blame] | 53 | # cat /etc/lxc/default.conf |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 54 | lxc.network.type = veth |
| 55 | lxc.network.link = lxcbr0 |
| 56 | lxc.network.flags = up |
| 57 | lxc.network.hwaddr = 00:16:3e:xx:xx:xx |
| 58 | lxc.network.name = veth0 |
| 59 | lxc.network.type = veth |
| 60 | lxc.network.name = veth_link1 |
| 61 | |
| 62 | |
| 63 | After this, we're ready to create the containers. |
| 64 | |
| 65 | Creates an Ubuntu Xenial container named "cone". |
| 66 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 67 | .. code-block:: console |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 68 | |
| 69 | # lxc-create -t download -n cone -- --dist ubuntu --release xenial --arch amd64 --keyserver hkp://p80.pool.sks-keyservers.net:80 |
| 70 | |
| 71 | |
| 72 | If successful, you'll get an output similar to this: |
| 73 | |
| 74 | .. code-block:: console |
Nathan Skrzypczak | 9ad39c0 | 2021-08-19 11:38:06 +0200 | [diff] [blame] | 75 | |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 76 | You just created an Ubuntu xenial amd64 (20180625_07:42) container. |
| 77 | |
| 78 | To enable SSH, run: apt install openssh-server |
| 79 | No default root or user password are set by LXC. |
| 80 | |
| 81 | |
| 82 | Make another container "ctwo". |
| 83 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 84 | .. code-block:: console |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 85 | |
| 86 | # lxc-create -t download -n ctwo -- --dist ubuntu --release xenial --arch amd64 --keyserver hkp://p80.pool.sks-keyservers.net:80 |
| 87 | |
| 88 | |
| 89 | List your containers to verify they exist: |
| 90 | |
| 91 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 92 | .. code-block:: console |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 93 | |
| 94 | # lxc-ls |
| 95 | cone ctwo |
| 96 | |
| 97 | |
| 98 | Start the first container: |
| 99 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 100 | .. code-block:: console |
Nathan Skrzypczak | 9ad39c0 | 2021-08-19 11:38:06 +0200 | [diff] [blame] | 101 | |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 102 | # lxc-start --name cone |
| 103 | |
| 104 | And verify its running: |
| 105 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 106 | .. code-block:: console |
Nathan Skrzypczak | 9ad39c0 | 2021-08-19 11:38:06 +0200 | [diff] [blame] | 107 | |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 108 | # lxc-ls --fancy |
Nathan Skrzypczak | 9ad39c0 | 2021-08-19 11:38:06 +0200 | [diff] [blame] | 109 | NAME STATE AUTOSTART GROUPS IPV4 IPV6 |
| 110 | cone RUNNING 0 - - - |
| 111 | ctwo STOPPED 0 - - - |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 112 | |
| 113 | |
| 114 | .. note:: |
| 115 | |
| 116 | Here are some `lxc container commands <https://help.ubuntu.com/lts/serverguide/lxc.html.en-GB#lxc-basic-usage>`_ you may find useful: |
| 117 | |
| 118 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 119 | .. code-block:: console |
John DeNisco | 06dcd45 | 2018-07-26 12:45:10 -0400 | [diff] [blame] | 120 | |
andrew | df50b45 | 2018-08-09 13:23:59 -0400 | [diff] [blame] | 121 | $ sudo lxc-ls --fancy |
| 122 | $ sudo lxc-start --name u1 --daemon |
| 123 | $ sudo lxc-info --name u1 |
| 124 | $ sudo lxc-stop --name u1 |
| 125 | $ sudo lxc-destroy --name u1 |