Instalación Linux Containers (LXC) en Centos 7
Hoy vamos a enseñaros más tecnologías de Containers, esta vez sobre Centos 7. Vamos a intentar explicaros qué es LXC, qué diferencias hay con, por ejemplo Docker, componentes, cómo se instala y otros apuntes interesantes.
Por cierto, está desarrollado por Canonical, creo que os sonará de un tal Ubuntu 🙂
La página oficial es: https://linuxcontainers.org
DOCKER vs LXC (Linux Containers)
Vamos a decir que son dos tipos de virtualización de containers diferentes, pero que pueden convivir ya que tienen misiones diferentes.
¿Qué diferencia hay entre Docker y LXC? Con Docker se generan containers de aplicación, y con LXC generamos containers de sistema.
LXC es una tecnología de virtualización de Containers sobre Linux. Se basa en una API y herramientas sencillas, utilizando Cgroups y Namespaces de Linux para proporcionar el aislamiento necesario.
Cgroups, desarrollado por Google e integrado en el kernel de linux versión 2.6.24, permite priorizar recursos o controlar grupo de procesos, por ejemplo.
Namespaces permite que varios procesos de sistema pueden coexistir en un espacio, y separados de otros.
Volviendo a LXC, comparte el kernel con el host, y existe menos aislamiento con respecto al sistema principal que con Docker. Aunque con Cgroups y Namespace, como hemos hablado, se palia esto.
Docker, como ya hemos hablado en otras entradas, se trata de containers de aplicaciones y es multiplataforma, donde sólo tenemos un proceso en el sistema que lo identifica.
Normalmente, con Docker necesitaremos varios containers para que una aplicación como, por ejemplo, un wordpress, funcione.
Instalando Linux Containers en Centos 7
Después de dar una pequeña pincelada sobre LXC, vamos a ver como los instalamos sobre Centos 7.
Para instalar LXC sobre Centos 7 utilizaremos el repo EPEL:
1 |
[root@centos ~]# yum install epel-release |
Paquetes necesarios para la instalación:
1 |
[root@centos ~]# yum install debootstrap perl libvirt |
Para instalar LXC:
1 |
[root@centos ~]# yum install lxc lxc-templates |
Verificamos el estado del servicio:
1 2 3 4 |
[root@centos ~]# systemctl status lxc.service ● lxc.service - LXC Container Initialization and Autoboot Code Loaded: loaded (/usr/lib/systemd/system/lxc.service; disabled; vendor preset: disabled) Active: inactive (dead) |
Arrancamos los servicios necesarios:
1 2 |
[root@centos ~]# systemctl start lxc.service [root@centos ~]# systemctl start libvirtd |
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 |
Y volvemos a comprobar: [root@centos ~]# systemctl status lxc.service ● lxc.service - LXC Container Initialization and Autoboot Code Loaded: loaded (/usr/lib/systemd/system/lxc.service; disabled; vendor preset: disabled) Active: active (exited) since vie 2019-04-26 22:23:15 CEST; 1min 6s ago Process: 11469 ExecStart=/usr/libexec/lxc/lxc-autostart-helper start (code=exited, status=0/SUCCESS) Process: 11444 ExecStartPre=/usr/libexec/lxc/lxc-devsetup (code=exited, status=0/SUCCESS) Main PID: 11469 (code=exited, status=0/SUCCESS) Tasks: 0 Memory: 0B CGroup: /system.slice/lxc.service abr 26 22:23:14 centos.negu.local systemd[1]: Starting LXC Container Initialization and Autoboot Code... abr 26 22:23:14 centos.negu.local lxc-devsetup[11444]: Creating /dev/.lxc abr 26 22:23:14 centos.negu.local lxc-devsetup[11444]: /dev is devtmpfs abr 26 22:23:14 centos.negu.local lxc-devsetup[11444]: Creating /dev/.lxc/user abr 26 22:23:15 centos.negu.local lxc-autostart-helper[11469]: Starting LXC autoboot containers: [ OK ] abr 26 22:23:15 centos.negu.local systemd[1]: Started LXC Container Initialization and Autoboot Code. |
Verificamos el estado en el sistema de la virtualización:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 |
[root@centos ~]# lxc-checkconfig Kernel configuration not found at /proc/config.gz; searching... Kernel configuration found at /boot/config-3.10.0-957.10.1.el7.x86_64 --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled newuidmap is not installed newgidmap is not installed Network namespace: enabled Multiple /dev/pts instances: enabled --- Control groups --- Cgroup: enabled Cgroup clone_children flag: enabled Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: enabled Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled Bridges: enabled Advanced netfilter: enabled CONFIG_NF_NAT_IPV4: enabled CONFIG_NF_NAT_IPV6: enabled CONFIG_IP_NF_TARGET_MASQUERADE: enabled CONFIG_IP6_NF_TARGET_MASQUERADE: enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled --- Checkpoint/Restore --- checkpoint restore: enabled CONFIG_FHANDLE: enabled CONFIG_EVENTFD: enabled CONFIG_EPOLL: enabled CONFIG_UNIX_DIAG: enabled CONFIG_INET_DIAG: enabled CONFIG_PACKET_DIAG: enabled CONFIG_NETLINK_DIAG: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig |
Con esto ya tenemos instalado LXC en Centos 7.
Administración de Containers sobre LXC
La ruta de las imágenes de containers disponibles en el sistema podéis encontrarla en:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 |
[root@centos ~]# ls -alh /usr/share/lxc/templates/ total 340K drwxr-xr-x 2 root root 331 abr 26 22:21 . drwxr-xr-x 6 root root 106 abr 26 22:21 .. -rwxr-xr-x 1 root root 11K mar 7 21:30 lxc-alpine -rwxr-xr-x 1 root root 14K mar 7 21:30 lxc-altlinux -rwxr-xr-x 1 root root 11K mar 7 21:30 lxc-archlinux -rwxr-xr-x 1 root root 9,5K mar 7 21:30 lxc-busybox -rwxr-xr-x 1 root root 30K mar 7 21:30 lxc-centos -rwxr-xr-x 1 root root 11K mar 7 21:30 lxc-cirros -rwxr-xr-x 1 root root 18K mar 7 21:30 lxc-debian -rwxr-xr-x 1 root root 18K mar 7 21:30 lxc-download -rwxr-xr-x 1 root root 49K mar 7 21:30 lxc-fedora -rwxr-xr-x 1 root root 28K mar 7 21:30 lxc-gentoo -rwxr-xr-x 1 root root 14K mar 7 21:30 lxc-openmandriva -rwxr-xr-x 1 root root 14K mar 7 21:30 lxc-opensuse -rwxr-xr-x 1 root root 35K mar 7 21:30 lxc-oracle -rwxr-xr-x 1 root root 12K mar 7 21:30 lxc-plamo -rwxr-xr-x 1 root root 6,7K mar 7 21:30 lxc-sshd -rwxr-xr-x 1 root root 24K mar 7 21:30 lxc-ubuntu -rwxr-xr-x 1 root root 12K mar 7 21:30 lxc-ubuntu-cloud |
Podéis crear un container de la siguiente forma. El primer parámetro es el nombre del container y el segundo el nombre de la template. Veréis que el comportamiento no es como con Docker, sino que es algo intermedio entre una máquina virtual y generar un container con docker:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498 499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 547 548 549 550 551 552 553 554 555 556 557 558 559 560 |
[root@centos ~]# lxc-create -n container01 -t debian debootstrap is /usr/sbin/debootstrap Checking cache download in /var/cache/lxc/debian/rootfs-stretch-amd64 ... gpg: directorio `/root/.gnupg' creado gpg: creado un nuevo fichero de configuración `/root/.gnupg/gpg.conf' gpg: AVISO: las opciones en `/root/.gnupg/gpg.conf' no están aún activas en esta ejecución gpg: anillo `/root/.gnupg/secring.gpg' creado gpg: anillo `/var/cache/lxc/debian/archive-key.gpg' creado gpg: /root/.gnupg/trustdb.gpg: se ha creado base de datos de confianza gpg: clave 2B90D010: clave pública "Debian Archive Automatic Signing Key (8/jessie) <ftpmaster@debian.org>" importada gpg: Cantidad total procesada: 1 gpg: importadas: 1 (RSA: 1) gpg: no se encuentran claves absolutamente fiables Downloading debian minimal ... I: Retrieving InRelease I: Retrieving Release I: Retrieving Release.gpg I: Checking Release signature I: Valid Release signature (key id 126C0D24BD8A2942CC7DF8AC7638D0442B90D010) I: Retrieving Packages I: Validating Packages I: Resolving dependencies of required packages... I: Resolving dependencies of base packages... I: Checking component main on http://deb.debian.org/debian... I: Retrieving libacl1 2.2.52-3+b1 I: Validating libacl1 2.2.52-3+b1 I: Retrieving adduser 3.115 I: Validating adduser 3.115 I: Retrieving libapparmor1 2.11.0-3+deb9u2 I: Validating libapparmor1 2.11.0-3+deb9u2 I: Retrieving apt 1.4.9 I: Validating apt 1.4.9 I: Retrieving libapt-pkg5.0 1.4.9 I: Validating libapt-pkg5.0 1.4.9 I: Retrieving libattr1 1:2.4.47-2+b2 I: Validating libattr1 1:2.4.47-2+b2 I: Retrieving libaudit-common 1:2.6.7-2 I: Validating libaudit-common 1:2.6.7-2 I: Retrieving libaudit1 1:2.6.7-2 I: Validating libaudit1 1:2.6.7-2 I: Retrieving base-files 9.9+deb9u8 I: Validating base-files 9.9+deb9u8 I: Retrieving base-passwd 3.5.43 I: Validating base-passwd 3.5.43 I: Retrieving bash 4.4-5 I: Validating bash 4.4-5 I: Retrieving libdns-export162 1:9.10.3.dfsg.P4-12.3+deb9u4 I: Validating libdns-export162 1:9.10.3.dfsg.P4-12.3+deb9u4 I: Retrieving libisc-export160 1:9.10.3.dfsg.P4-12.3+deb9u4 I: Validating libisc-export160 1:9.10.3.dfsg.P4-12.3+deb9u4 I: Retrieving libbz2-1.0 1.0.6-8.1 I: Validating libbz2-1.0 1.0.6-8.1 I: Retrieving libdebconfclient0 0.227 I: Validating libdebconfclient0 0.227 I: Retrieving coreutils 8.26-3 I: Validating coreutils 8.26-3 I: Retrieving libcryptsetup4 2:1.7.3-4 I: Validating libcryptsetup4 2:1.7.3-4 I: Retrieving dash 0.5.8-2.4 I: Validating dash 0.5.8-2.4 I: Retrieving libdb5.3 5.3.28-12+deb9u1 I: Validating libdb5.3 5.3.28-12+deb9u1 I: Retrieving debconf 1.5.61 I: Validating debconf 1.5.61 I: Retrieving debian-archive-keyring 2017.5 I: Validating debian-archive-keyring 2017.5 I: Retrieving debianutils 4.8.1.1 I: Validating debianutils 4.8.1.1 I: Retrieving dialog 1.3-20160828-2 I: Validating dialog 1.3-20160828-2 I: Retrieving diffutils 1:3.5-3 I: Validating diffutils 1:3.5-3 I: Retrieving dpkg 1.18.25 I: Validating dpkg 1.18.25 I: Retrieving e2fslibs 1.43.4-2 I: Validating e2fslibs 1.43.4-2 I: Retrieving e2fsprogs 1.43.4-2 I: Validating e2fsprogs 1.43.4-2 I: Retrieving libcomerr2 1.43.4-2 I: Validating libcomerr2 1.43.4-2 I: Retrieving libss2 1.43.4-2 I: Validating libss2 1.43.4-2 I: Retrieving libelf1 0.168-1 I: Validating libelf1 0.168-1 I: Retrieving findutils 4.6.0+git+20161106-2 I: Validating findutils 4.6.0+git+20161106-2 I: Retrieving gcc-6-base 6.3.0-18+deb9u1 I: Validating gcc-6-base 6.3.0-18+deb9u1 I: Retrieving libgcc1 1:6.3.0-18+deb9u1 I: Validating libgcc1 1:6.3.0-18+deb9u1 I: Retrieving libstdc++6 6.3.0-18+deb9u1 I: Validating libstdc++6 6.3.0-18+deb9u1 I: Retrieving libc-bin 2.24-11+deb9u4 I: Validating libc-bin 2.24-11+deb9u4 I: Retrieving libc-l10n 2.24-11+deb9u4 I: Validating libc-l10n 2.24-11+deb9u4 I: Retrieving libc6 2.24-11+deb9u4 I: Validating libc6 2.24-11+deb9u4 I: Retrieving locales 2.24-11+deb9u4 I: Validating locales 2.24-11+deb9u4 I: Retrieving multiarch-support 2.24-11+deb9u4 I: Validating multiarch-support 2.24-11+deb9u4 I: Retrieving gpgv 2.1.18-8~deb9u4 I: Validating gpgv 2.1.18-8~deb9u4 I: Retrieving grep 2.27-2 I: Validating grep 2.27-2 I: Retrieving gzip 1.6-5+b1 I: Validating gzip 1.6-5+b1 I: Retrieving hostname 3.18+b1 I: Validating hostname 3.18+b1 I: Retrieving ifupdown 0.8.19 I: Validating ifupdown 0.8.19 I: Retrieving init 1.48 I: Validating init 1.48 I: Retrieving init-system-helpers 1.48 I: Validating init-system-helpers 1.48 I: Retrieving iproute 1:4.9.0-1+deb9u1 I: Validating iproute 1:4.9.0-1+deb9u1 I: Retrieving iproute2 4.9.0-1+deb9u1 I: Validating iproute2 4.9.0-1+deb9u1 I: Retrieving libip4tc0 1.6.0+snapshot20161117-6 I: Validating libip4tc0 1.6.0+snapshot20161117-6 I: Retrieving isc-dhcp-client 4.3.5-3+deb9u1 I: Validating isc-dhcp-client 4.3.5-3+deb9u1 I: Retrieving libkeyutils1 1.5.9-9 I: Validating libkeyutils1 1.5.9-9 I: Retrieving libkmod2 23-2 I: Validating libkmod2 23-2 I: Retrieving libgssapi-krb5-2 1.15-1+deb9u1 I: Validating libgssapi-krb5-2 1.15-1+deb9u1 I: Retrieving libk5crypto3 1.15-1+deb9u1 I: Validating libk5crypto3 1.15-1+deb9u1 I: Retrieving libkrb5-3 1.15-1+deb9u1 I: Validating libkrb5-3 1.15-1+deb9u1 I: Retrieving libkrb5support0 1.15-1+deb9u1 I: Validating libkrb5support0 1.15-1+deb9u1 I: Retrieving libbsd0 0.8.3-1 I: Validating libbsd0 0.8.3-1 I: Retrieving libcap-ng0 0.7.7-3+b1 I: Validating libcap-ng0 0.7.7-3+b1 I: Retrieving libcap2 1:2.25-1 I: Validating libcap2 1:2.25-1 I: Retrieving libedit2 3.1-20160903-3 I: Validating libedit2 3.1-20160903-3 I: Retrieving libgcrypt20 1.7.6-2+deb9u3 I: Validating libgcrypt20 1.7.6-2+deb9u3 I: Retrieving libgpg-error0 1.26-2 I: Validating libgpg-error0 1.26-2 I: Retrieving libidn11 1.33-1 I: Validating libidn11 1.33-1 I: Retrieving libmnl0 1.0.4-2 I: Validating libmnl0 1.0.4-2 I: Retrieving libseccomp2 2.3.1-2.1+deb9u1 I: Validating libseccomp2 2.3.1-2.1+deb9u1 I: Retrieving libselinux1 2.6-3+b3 I: Validating libselinux1 2.6-3+b3 I: Retrieving libsemanage-common 2.6-2 I: Validating libsemanage-common 2.6-2 I: Retrieving libsemanage1 2.6-2 I: Validating libsemanage1 2.6-2 I: Retrieving libsepol1 2.6-2 I: Validating libsepol1 2.6-2 I: Retrieving lsb-base 9.20161125 I: Validating lsb-base 9.20161125 I: Retrieving dmsetup 2:1.02.137-2 I: Validating dmsetup 2:1.02.137-2 I: Retrieving libdevmapper1.02.1 2:1.02.137-2 I: Validating libdevmapper1.02.1 2:1.02.137-2 I: Retrieving liblz4-1 0.0~r131-2+b1 I: Validating liblz4-1 0.0~r131-2+b1 I: Retrieving mawk 1.3.3-17+b3 I: Validating mawk 1.3.3-17+b3 I: Retrieving libncurses5 6.0+20161126-1+deb9u2 I: Validating libncurses5 6.0+20161126-1+deb9u2 I: Retrieving libncursesw5 6.0+20161126-1+deb9u2 I: Validating libncursesw5 6.0+20161126-1+deb9u2 I: Retrieving libtinfo5 6.0+20161126-1+deb9u2 I: Validating libtinfo5 6.0+20161126-1+deb9u2 I: Retrieving ncurses-base 6.0+20161126-1+deb9u2 I: Validating ncurses-base 6.0+20161126-1+deb9u2 I: Retrieving ncurses-bin 6.0+20161126-1+deb9u2 I: Validating ncurses-bin 6.0+20161126-1+deb9u2 I: Retrieving net-tools 1.60+git20161116.90da8a0-1 I: Validating net-tools 1.60+git20161116.90da8a0-1 I: Retrieving netbase 5.4 I: Validating netbase 5.4 I: Retrieving openssh-client 1:7.4p1-10+deb9u5 I: Validating openssh-client 1:7.4p1-10+deb9u5 I: Retrieving openssh-server 1:7.4p1-10+deb9u5 I: Validating openssh-server 1:7.4p1-10+deb9u5 I: Retrieving openssh-sftp-server 1:7.4p1-10+deb9u5 I: Validating openssh-sftp-server 1:7.4p1-10+deb9u5 I: Retrieving libssl1.0.2 1.0.2q-1~deb9u1 I: Validating libssl1.0.2 1.0.2q-1~deb9u1 I: Retrieving libpam-modules 1.1.8-3.6 I: Validating libpam-modules 1.1.8-3.6 I: Retrieving libpam-modules-bin 1.1.8-3.6 I: Validating libpam-modules-bin 1.1.8-3.6 I: Retrieving libpam-runtime 1.1.8-3.6 I: Validating libpam-runtime 1.1.8-3.6 I: Retrieving libpam0g 1.1.8-3.6 I: Validating libpam0g 1.1.8-3.6 I: Retrieving libpcre3 2:8.39-3 I: Validating libpcre3 2:8.39-3 I: Retrieving perl-base 5.24.1-3+deb9u5 I: Validating perl-base 5.24.1-3+deb9u5 I: Retrieving libprocps6 2:3.3.12-3+deb9u1 I: Validating libprocps6 2:3.3.12-3+deb9u1 I: Retrieving procps 2:3.3.12-3+deb9u1 I: Validating procps 2:3.3.12-3+deb9u1 I: Retrieving sed 4.4-1 I: Validating sed 4.4-1 I: Retrieving sensible-utils 0.0.9+deb9u1 I: Validating sensible-utils 0.0.9+deb9u1 I: Retrieving login 1:4.4-4.1 I: Validating login 1:4.4-4.1 I: Retrieving passwd 1:4.4-4.1 I: Validating passwd 1:4.4-4.1 I: Retrieving libsystemd0 232-25+deb9u8 I: Validating libsystemd0 232-25+deb9u8 I: Retrieving libudev1 232-25+deb9u8 I: Validating libudev1 232-25+deb9u8 I: Retrieving systemd 232-25+deb9u8 I: Validating systemd 232-25+deb9u8 I: Retrieving systemd-sysv 232-25+deb9u8 I: Validating systemd-sysv 232-25+deb9u8 I: Retrieving sysvinit-utils 2.88dsf-59.9 I: Validating sysvinit-utils 2.88dsf-59.9 I: Retrieving tar 1.29b-1.1 I: Validating tar 1.29b-1.1 I: Retrieving libwrap0 7.6.q-26 I: Validating libwrap0 7.6.q-26 I: Retrieving tzdata 2018i-0+deb9u1 I: Validating tzdata 2018i-0+deb9u1 I: Retrieving ucf 3.0036 I: Validating ucf 3.0036 I: Retrieving libustr-1.0-1 1.0.4-6 I: Validating libustr-1.0-1 1.0.4-6 I: Retrieving bsdutils 1:2.29.2-1+deb9u1 I: Validating bsdutils 1:2.29.2-1+deb9u1 I: Retrieving libblkid1 2.29.2-1+deb9u1 I: Validating libblkid1 2.29.2-1+deb9u1 I: Retrieving libfdisk1 2.29.2-1+deb9u1 I: Validating libfdisk1 2.29.2-1+deb9u1 I: Retrieving libmount1 2.29.2-1+deb9u1 I: Validating libmount1 2.29.2-1+deb9u1 I: Retrieving libsmartcols1 2.29.2-1+deb9u1 I: Validating libsmartcols1 2.29.2-1+deb9u1 I: Retrieving libuuid1 2.29.2-1+deb9u1 I: Validating libuuid1 2.29.2-1+deb9u1 I: Retrieving mount 2.29.2-1+deb9u1 I: Validating mount 2.29.2-1+deb9u1 I: Retrieving util-linux 2.29.2-1+deb9u1 I: Validating util-linux 2.29.2-1+deb9u1 I: Retrieving liblzma5 5.2.2-1.2+b1 I: Validating liblzma5 5.2.2-1.2+b1 I: Retrieving zlib1g 1:1.2.8.dfsg-5 I: Validating zlib1g 1:1.2.8.dfsg-5 I: Chosen extractor for .deb packages: dpkg-deb I: Extracting libacl1... I: Extracting libattr1... I: Extracting libaudit-common... I: Extracting libaudit1... I: Extracting base-files... I: Extracting base-passwd... I: Extracting bash... I: Extracting libbz2-1.0... I: Extracting libdebconfclient0... I: Extracting coreutils... I: Extracting dash... I: Extracting libdb5.3... I: Extracting debconf... I: Extracting debianutils... I: Extracting diffutils... I: Extracting dpkg... I: Extracting e2fslibs... I: Extracting e2fsprogs... I: Extracting libcomerr2... I: Extracting libss2... I: Extracting findutils... I: Extracting gcc-6-base... I: Extracting libgcc1... I: Extracting libc-bin... I: Extracting libc6... I: Extracting multiarch-support... I: Extracting grep... I: Extracting gzip... I: Extracting hostname... I: Extracting init-system-helpers... I: Extracting libcap-ng0... I: Extracting libgcrypt20... I: Extracting libgpg-error0... I: Extracting libselinux1... I: Extracting libsemanage-common... I: Extracting libsemanage1... I: Extracting libsepol1... I: Extracting lsb-base... I: Extracting liblz4-1... I: Extracting mawk... I: Extracting libncursesw5... I: Extracting libtinfo5... I: Extracting ncurses-base... I: Extracting ncurses-bin... I: Extracting libpam-modules... I: Extracting libpam-modules-bin... I: Extracting libpam-runtime... I: Extracting libpam0g... I: Extracting libpcre3... I: Extracting perl-base... I: Extracting sed... I: Extracting sensible-utils... I: Extracting login... I: Extracting passwd... I: Extracting libsystemd0... I: Extracting libudev1... I: Extracting sysvinit-utils... I: Extracting tar... I: Extracting tzdata... I: Extracting libustr-1.0-1... I: Extracting bsdutils... I: Extracting libblkid1... I: Extracting libfdisk1... I: Extracting libmount1... I: Extracting libsmartcols1... I: Extracting libuuid1... I: Extracting mount... I: Extracting util-linux... I: Extracting liblzma5... I: Extracting zlib1g... I: Installing core packages... I: Unpacking required packages... I: Unpacking libacl1:amd64... I: Unpacking libattr1:amd64... I: Unpacking libaudit-common... I: Unpacking libaudit1:amd64... I: Unpacking base-files... I: Unpacking base-passwd... I: Unpacking bash... I: Unpacking libbz2-1.0:amd64... I: Unpacking libdebconfclient0:amd64... I: Unpacking coreutils... I: Unpacking dash... I: Unpacking libdb5.3:amd64... I: Unpacking debconf... I: Unpacking debianutils... I: Unpacking diffutils... I: Unpacking dpkg... I: Unpacking e2fslibs:amd64... I: Unpacking e2fsprogs... I: Unpacking libcomerr2:amd64... I: Unpacking libss2:amd64... I: Unpacking findutils... I: Unpacking gcc-6-base:amd64... I: Unpacking libgcc1:amd64... I: Unpacking libc-bin... I: Unpacking libc6:amd64... I: Unpacking multiarch-support... I: Unpacking grep... I: Unpacking gzip... I: Unpacking hostname... I: Unpacking init-system-helpers... I: Unpacking libcap-ng0:amd64... I: Unpacking libgcrypt20:amd64... I: Unpacking libgpg-error0:amd64... I: Unpacking libselinux1:amd64... I: Unpacking libsemanage-common... I: Unpacking libsemanage1:amd64... I: Unpacking libsepol1:amd64... I: Unpacking lsb-base... I: Unpacking liblz4-1:amd64... I: Unpacking mawk... I: Unpacking libncursesw5:amd64... I: Unpacking libtinfo5:amd64... I: Unpacking ncurses-base... I: Unpacking ncurses-bin... I: Unpacking libpam-modules:amd64... I: Unpacking libpam-modules-bin... I: Unpacking libpam-runtime... I: Unpacking libpam0g:amd64... I: Unpacking libpcre3:amd64... I: Unpacking perl-base... I: Unpacking sed... I: Unpacking sensible-utils... I: Unpacking login... I: Unpacking passwd... I: Unpacking libsystemd0:amd64... I: Unpacking libudev1:amd64... I: Unpacking sysvinit-utils... I: Unpacking tar... I: Unpacking tzdata... I: Unpacking libustr-1.0-1:amd64... I: Unpacking bsdutils... I: Unpacking libblkid1:amd64... I: Unpacking libfdisk1:amd64... I: Unpacking libmount1:amd64... I: Unpacking libsmartcols1:amd64... I: Unpacking libuuid1:amd64... I: Unpacking mount... I: Unpacking util-linux... I: Unpacking liblzma5:amd64... I: Unpacking zlib1g:amd64... I: Configuring required packages... I: Configuring gcc-6-base:amd64... I: Configuring lsb-base... I: Configuring sensible-utils... I: Configuring ncurses-base... I: Configuring libsemanage-common... I: Configuring libaudit-common... I: Configuring libc6:amd64... I: Configuring libbz2-1.0:amd64... I: Configuring libgpg-error0:amd64... I: Configuring libc-bin... I: Configuring libdebconfclient0:amd64... I: Configuring diffutils... I: Configuring libcomerr2:amd64... I: Configuring libcap-ng0:amd64... I: Configuring libsepol1:amd64... I: Configuring libgcc1:amd64... I: Configuring libustr-1.0-1:amd64... I: Configuring libsmartcols1:amd64... I: Configuring libaudit1:amd64... I: Configuring libtinfo5:amd64... I: Configuring libudev1:amd64... I: Configuring libattr1:amd64... I: Configuring libss2:amd64... I: Configuring liblzma5:amd64... I: Configuring base-passwd... I: Configuring e2fslibs:amd64... I: Configuring liblz4-1:amd64... I: Configuring debianutils... I: Configuring libgcrypt20:amd64... I: Configuring libncursesw5:amd64... I: Configuring libdb5.3:amd64... I: Configuring zlib1g:amd64... I: Configuring hostname... I: Configuring multiarch-support... I: Configuring mawk... I: Configuring libpcre3:amd64... I: Configuring base-files... I: Configuring libselinux1:amd64... I: Configuring findutils... I: Configuring libacl1:amd64... I: Configuring ncurses-bin... I: Configuring sed... I: Configuring libsystemd0:amd64... I: Configuring coreutils... I: Configuring tar... I: Configuring libsemanage1:amd64... I: Configuring dpkg... I: Configuring perl-base... I: Configuring grep... I: Configuring debconf... I: Configuring tzdata... I: Configuring gzip... I: Configuring bsdutils... I: Configuring dash... I: Configuring init-system-helpers... I: Configuring libpam0g:amd64... I: Configuring libpam-modules-bin... I: Configuring bash... I: Configuring libpam-modules:amd64... I: Configuring libpam-runtime... I: Configuring passwd... I: Configuring login... I: Configuring libuuid1:amd64... I: Configuring libblkid1:amd64... I: Configuring libmount1:amd64... I: Configuring mount... I: Configuring libfdisk1:amd64... I: Configuring util-linux... I: Configuring e2fsprogs... I: Configuring sysvinit-utils... I: Configuring libc-bin... I: Unpacking the base system... I: Unpacking apt... I: Unpacking libapt-pkg5.0:amd64... I: Unpacking libdns-export162... I: Unpacking libisc-export160... I: Unpacking debian-archive-keyring... I: Unpacking dialog... I: Unpacking libelf1:amd64... I: Unpacking libstdc++6:amd64... I: Unpacking libc-l10n... I: Unpacking locales... I: Unpacking gpgv... I: Unpacking ifupdown... I: Unpacking init... I: Unpacking iproute... I: Unpacking iproute2... I: Unpacking isc-dhcp-client... I: Unpacking libkeyutils1:amd64... I: Unpacking libgssapi-krb5-2:amd64... I: Unpacking libk5crypto3:amd64... I: Unpacking libkrb5-3:amd64... I: Unpacking libkrb5support0:amd64... I: Unpacking libbsd0:amd64... I: Unpacking libedit2:amd64... I: Unpacking libmnl0:amd64... I: Unpacking net-tools... I: Unpacking netbase... I: Unpacking openssh-client... I: Unpacking openssh-server... I: Unpacking openssh-sftp-server... I: Unpacking libssl1.0.2:amd64... I: Unpacking libwrap0:amd64... I: Unpacking ucf... I: Configuring the base system... I: Configuring libisc-export160... I: Configuring dialog... I: Configuring init... I: Configuring libelf1:amd64... I: Configuring gpgv... I: Configuring libbsd0:amd64... I: Configuring ucf... I: Configuring libssl1.0.2:amd64... I: Configuring debian-archive-keyring... I: Configuring libc-l10n... I: Configuring libstdc++6:amd64... I: Configuring libkeyutils1:amd64... I: Configuring net-tools... I: Configuring libmnl0:amd64... I: Configuring locales... I: Configuring libwrap0:amd64... I: Configuring netbase... I: Configuring libedit2:amd64... I: Configuring libapt-pkg5.0:amd64... I: Configuring libdns-export162... I: Configuring iproute2... I: Configuring libkrb5support0:amd64... I: Configuring isc-dhcp-client... I: Configuring apt... I: Configuring libk5crypto3:amd64... I: Configuring ifupdown... I: Configuring iproute... I: Configuring libkrb5-3:amd64... I: Configuring libgssapi-krb5-2:amd64... I: Configuring openssh-client... I: Configuring openssh-sftp-server... I: Configuring openssh-server... I: Configuring libc-bin... I: Configuring systemd... I: Base system installed successfully. Download complete. Copying rootfs to /var/lib/lxc/container01/rootfs...Generating locales (this might take a while)... es_ES.UTF-8... done es_ES.UTF-8... done Generation complete. update-rc.d: error: cannot find a LSB script for checkroot.sh update-rc.d: error: cannot find a LSB script for umountfs update-rc.d: error: cannot find a LSB script for hwclockfirst.sh Creating SSH2 RSA key; this may take some time ... 2048 SHA256:PUHQCgJHhHUnel5NONC6dbf72IiThsX6XeYBmzvWuOU root@centos.negu.local (RSA) Creating SSH2 ECDSA key; this may take some time ... 256 SHA256:0ZQUVehuLPICpOlkNfpMuawJhpiPSJY9NJFp1VBiLjk root@centos.negu.local (ECDSA) Creating SSH2 ED25519 key; this may take some time ... 256 SHA256:fip2XzwJnHPwD8j3bADiViGGDU7R2nNc1rU7ce7BfZw root@centos.negu.local (ED25519) invoke-rc.d: could not determine current runlevel invoke-rc.d: policy-rc.d denied execution of start. Timezone in container is not configured. Adjust it manually. Root password is 'root', please change ! |
Otros parámetros para crear containers LXC:
1 2 3 4 5 |
-n = nombre -t = plantilla -d = distribución -a = arquitectura -r = versión |
Ya disponemos del container creado, y como veis al final, nos dice la contraseña de root. Que normalmente, cambiaremos cuando arranquemos una sesión en ese container. Ahora lo arrancamos:
1 |
[root@centos ~]# lxc-start -n container01 -d |
Y comprobamos:
1 2 3 4 5 |
[root@centos ~]# lxc-top Container CPU CPU CPU BlkIO Mem Name Used Sys User Total Used container01 0.06 0.04 0.02 0.00 688.00 KB TOTAL (1 ) 0.06 0.04 0.02 0.00 688.00 KB |
Para entrar en él para gestionarlo podemos utilizar:
1 2 3 4 5 6 7 8 9 |
[root@centos ~]# lxc-console -n container01 Connected to tty 1 Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself Debian GNU/Linux 9 container01 tty1 container01 login: root Password: |
Y una vez dentro trabajar con él:
1 2 3 4 5 6 7 8 9 10 11 |
Linux container01 3.10.0-957.10.1.el7.x86_64 #1 SMP Mon Mar 18 15:06:45 UTC 2019 x86_64 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. root@container01:~# cd / bin/ dev/ home/ lib64/ mnt/ proc/ run/ selinux/ sys/ usr/ boot/ etc/ lib/ media/ opt/ root/ sbin/ srv/ tmp/ var/ |
Pararlo:
[root@centos ~]# lxc-stop -n container01O clonarlo:
1 2 |
[root@centos ~]# lxc-clone container01 container02 Created container container02 as copy of container01 |
O destruirlo:
1 |
[root@centos ~]# lxc-destroy -n container02 |
Los containers LXC se guardan por defecto en:
1 2 |
[root@centos ~]# ls /var/lib/lxc/ container01 |
¿Te ha gustado la entrada SÍGUENOS EN TWITTER?
Te ha gustado la entrada SGUENOS EN TWITTER O INVITANOS A UN CAFE?
Que tal, tengo este error:
Downloading debian minimal …
I: Retrieving InRelease
I: Checking Release signature
E: Release signed by unknown key (key id DCC9EFBF77E11517)
The specified keyring /var/cache/lxc/debian/archive-key.gpg may be incorrect or out of date.
You can find the latest Debian release key at https://ftp-master.debian.org/keys.html
Failed to download the rootfs, aborting.
Failed to download ‘debian base’
failed to install debian
lxc_container: lxccontainer.c: create_run_template: 1092 container creation template for container01 failed