LXC CLI Commands Cheet Sheat

Installation of LXC

RHEL / CentOS

Ubunt

Checking

Create Bridge Network

Create container

Method1 : Download Images

Method2 : create image from repo

Container's standard storage location

Configuraion

Network Namespace

How to use veth

How to use macvlan

Commands List

Operation

Check container

Change Passwd

Start

Auto-start

shutdown

Clone LXC Container

Snapshot LXC Container

Snapshot

Restore

Tips

Check the temporary root password

Reset the root password using the following command.

Change Kernel Parameters for many containers



Installation of LXC

RHEL / CentOS

# yum install epel-release
# yum update
# yum install lxc lxc-templates lxc-doc lxc-libs rsync debootstrap
# yum install lxc-extra
# yum install bridge-utils

Ubunt

# apt-get install lxc



Checking

# lxc-checkconfig



Create Bridge Network

/etc/sysconfig/network-scripts/ifcfg-lxcbr0

NAME=lxcbr0
DEVICE=lxcbr0
TYPE=Bridge
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.1.1
PREFIX=24
DEFROUTE=no
NM_CONTROLLED=no



Create container

Method1 : Download Images

# lxc-create -n cent-lxc1 -t download -- -d centos -r 7 -a amd64
# lxc-create -t download -n container1 -- -d ubuntu -r trusty -a amd64



Method2 : create image from repo

# ls /usr/share/lxc/templates/
lxc-alpine    lxc-archlinux  lxc-centos  lxc-debian    lxc-fedora  lxc-openmandriva  lxc-oracle  lxc-sshd    lxc-ubuntu-cloud
lxc-altlinux  lxc-busybox    lxc-cirros  lxc-download  lxc-gentoo  lxc-opensuse      lxc-plamo   lxc-ubuntu
# lxc-create -n centos7 -t centos -- --release 7
# lxc-create -t ubuntu -n test01
# lxc-create -n web01 -t download -- -d centos -r 7 -a amd64
# ls /var/lib/lxc/test01/

Container's standard storage location

PATH

Note

/var/lib/lxc

Container's standard storage location

/var/lib/lxcsnap

Standard snapshot storage location

/var/cache/lxc

Standard template cache location

$HOME/.local/share/lxc

Standard storage location for non-privileged containers

$HOME/.local/share/lxcsnap

Typical storage location for non-privileged snapshots

$HOME/.cache/lxc

Standard storage location of non-privileged template cache



Configuraion

Network Namespace

/var/lib/lxc/CONTAINER/config

How to use veth

lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = virbr0                  <- host NIC

How to use macvlan

lxc.network.type = macvlan
lxc.network.macvlan.mode = bridge
lxc.network.flags = up
lxc.network.link = eth0                  <- host NIC
lxc.network.type = macvlan
lxc.network.macvlan.mode = bridge
lxc.network.flags = up
lxc.network.link = ens192                  <- host NIC
lxc.network.hwaddr = fe:e1:e7:96:43:bc     <- container's MAC
lxc.rootfs = /var/lib/lxc/centos7/rootfs



Commands List

Commands

Note

lxc-ls
lxc-ls -f <- -f = --fancy

lxc-create -n CONTAINER -t XXXX -- --relese X

lxc-start -n CONTAINER
lxc-start -n CONTAINER -d ← start background

lxc-stop -n CONTAINER
lxc-stop -k -n CONTAINER ← stop force

lxc-console -n CONTAINER

<Ctrl+a q> to exit

lxc-attach -n CONTAINER

lxc-info -n CONTAINER

lxc-destroy -n container1
lxc-destroy -n container1 -f



Operation

Check container

# lxc-ls 
test-cent1
#
NAME        STATE    IPV4  IPV6  AUTOSTART  
---------------------------------------
test-cent1  STOPPED  -     -     NO    
#
# lxc-info -n  test-cent1
Name:           test-cent1
State:          STOPPED
#

Change Passwd

# chroot /var/lib/lxc/centos7/rootfs passwd

Start

# lxc-start -n test01 -d   <- start with damon
# lxc-console -n test01    <- connection with console

Auto-start

# vi /var/lib/lxc/CONTAINER/config
...
lxc.start.auto = 1      #enable
lxc.start.delay = 5     #delay in second to wait after starting the container
lxc.start.order = 100   #priority of the container, higher value means starts earlier

shutdown

# lxc-shutdown -n test-container-101



Clone LXC Container

# lxc-stop -n  ORIGINAL
# lxc-clone -o ORIGINAL -n NEW



Snapshot LXC Container

You don't snapshot with directory-backend.

Snapshot

# lxc-snapshot -n CONTAINER -L -C   <- Ceck
# lxc-snapshot -n CONTAINER -c COMMENT
# lxc-snapshot -n CONTAINER -L -C   <- Ceck

Restore

# lxc-snapshot -n CONTAINER -L -C   <- Ceck
# lxc-snapshot -n CONTAINER -r snap0
# lxc-snapshot -n CONTAINER -r snap0 NEWCONTAINER



Tips

Check the temporary root password

# cat /var/lib/lxc/centos_lxc/tmp_root_pass

Reset the root password using the following command.

# chroot /var/lib/lxc/centos_lxc/rootfs passwd

Change Kernel Parameters for many containers

# vi /etc/sysctl.conf

...
kernel.threads-max = 100000
kernel.pid_max  = 131072
vm.max_map_count = 300000  #65,530 default 
...
# vi /etc/security/limits.d/90-nproc.conf