[[PageOutline]] * LinuX Container * [http://gihyo.jp/admin/serial/01/ubuntu-recipe/0226 Ubuntu Weekly Recipe:第226回 LXCで軽量仮想環境の活用|gihyo.jp … 技術評論社] * [http://www.stgraber.org/2012/05/04/lxc-in-ubuntu-12-04-lts/ LXC in Ubuntu 12.04 LTS | Stéphane Graber's website] * [http://www.slideshare.net/mkouhei/lxc-cf201207presen LXC 再入門] * [http://www.slideshare.net/masahide_yamamoto/osc2011-nagoya LXC入門 - Osc2011 nagoya] * lxcコンテナから(外側の)ホストOSを操作できる点について具体的に解説がある * https://wiki.ubuntu.com/LxcSecurity Ubuntu 12.04での情報 * mitty@precise:~$ lxc-create -t ubuntu -h {{{ usage: lxc-create -n [-f configuration] [-t template] [-h] -- [template_options] usage: lxc-create -n [-f configuration] [-t template] [-h] [fsopts] -- [template_options] fsopts: -B none fsopts: -B lvm [--lvname lvname] [--vgname vgname] [--fstype fstype] [--fssize fssize] fsopts: -B btrfs flag is not necessary, if possible btrfs support will be used creates a lxc system object. Options: name : name of the container configuration: lxc configuration template : lxc-template is an accessible template script The container backing store can be altered using '-B'. By default it is 'none', which is a simple directory tree under /var/lib/lxc//rootfs Otherwise, the following option values may be relevant: lvname : [for -lvm] name of lv in which to create lv, container-name by default vgname : [for -lvm] name of vg in which to create lv, 'lxc' by default fstype : name of filesystem to create, ext4 by default fssize : size of filesystem to create, 1G by default template-specific help follows: (these options follow '--') /usr/lib/lxc/templates/lxc-ubuntu -h|--help [-a|--arch] [-b|--bindhome ] [--trim] [-d|--debug] [-F | --flush-cache] [-r|--release ] [ -S | --auth-key ] release: the ubuntu release (e.g. precise): defaults to host release on ubuntu, otherwise uses latest LTS trim: make a minimal (faster, but not upgrade-safe) container bindhome: bind 's home into the container The ubuntu user will not be created, and will have sudo access. arch: the container architecture (e.g. amd64): defaults to host arch auth-key: SSH Public key file to inject into container }}} = Ubuntu 12.04 = * mitty@precise:~$ sudo aptitude install lxc {{{ The following NEW packages will be installed: bridge-utils{a} cgroup-lite{a} cloud-utils{a} debootstrap{a} dnsmasq-base{a} euca2ools{a} libapparmor1{a} libcap2-bin{a} libgmp10{a} libnetfilter-conntrack3{a} libpam-cap{a} libyaml-0-2{a} lxc python-boto{a} python-crypto{a} python-m2crypto{a} python-paramiko{a} python-yaml{a} 0 packages upgraded, 18 newly installed, 0 to remove and 0 not upgraded. Need to get 2,873 kB of archives. After unpacking 16.1 MB will be used. }}} == lxcbr0 == * mitty@precise:~$ ifconfig lxcbr0 {{{ lxcbr0 Link encap:Ethernet HWaddr 12:5e:23:12:4a:0f inet addr:10.0.3.1 Bcast:10.0.3.255 Mask:255.255.255.0 inet6 addr: fe80::105e:23ff:fe12:4a0f/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:7 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:0 (0.0 B) TX bytes:554 (554.0 B) }}} * /etc/default/lxc {{{ USE_LXC_BRIDGE="true" LXC_BRIDGE="lxcbr0" LXC_ADDR="10.0.3.1" LXC_NETMASK="255.255.255.0" LXC_NETWORK="10.0.3.0/24" LXC_DHCP_RANGE="10.0.3.2,10.0.3.254" LXC_DHCP_MAX="253" }}} * /etc/lxc/lxc.conf {{{ lxc.network.type=veth lxc.network.link=lxcbr0 lxc.network.flags=up }}} * /etc/dnsmasq.d/lxc {{{ bind-interfaces except-interface=lxcbr0 }}} * /etc/init/lxc-net.conf も参考になる