LXD works with a directory based storage backend. LXD is lxc with strong security. We can install LXD, ZFS and Bridge-Utils on Ubuntu 16.04 and configure that LXD to use a physical ZFS partition or loopback device combined with a bridged networking setup allowing for containers to pick up IP addresses via DHCP on the vLAN. For a dedicated server which runs multiple web sites with Linux containers, each web site can be set up in its own container and own web server. Using LXD, we can bundle application and its dependencies in a container without affecting the rest of the system. Here is How to Install and Set Up LXD on Ubuntu 16.04. Official information around LXD can be found on :
1 2 3 | https://help.ubuntu.com/lts/serverguide/lxd.html https://insights.ubuntu.com https://linuxcontainers.org/lxd/try-it/ |
How to Install and Set Up LXD on Ubuntu 16.04
LXD normally installed on Ubuntu, but we need to configure and check before we can use it on a going to be production server :
1 2 3 4 | apt update apt upgrade apt install lxd zfsutils-linux bridge-utils sudo zfs list |
After running the last command, you’ll get an output like below :
---
1 2 3 | NAME USED AVAIL REFER MOUNTPOINT blahblah 744K 461G 192K /blahblah blahblah/lxdvms 192K 461G 192K /blahblah/lxdvms |
Open /etc/network/interfaces :
1 | nano /etc/network/interfaces |
The file should be configured like this at minimum :
1 2 3 4 5 6 7 8 9 10 11 12 13 | ... # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto br0 iface br0 inet dhcp bridge_ports eth0 iface eth0 inet manual ... ... |
Run :
1 | sudo ifdown eth0 && sudo ifup eth0 && sudo ifup br0 |
Run ifconfig command to make sure that the system took the changes. We used a dedicated hard drive for the ZFS storage. For who will use a loopback file, the procedure is somewhat different. We can run :
1 | sudo fdisk -l |
to check the disk spaces and remove any fstab entry. Open sysctl.conf :
1 | nano /etc/sysctl.conf |
change some config like below :
1 2 3 4 5 | ... fs.inotify.max_queued_events = 1048576 fs.inotify.max_user_instances = 1048576 fs.inotify.max_user_watches = 1048576 ... |
Open limits.conf file :
1 | nano /etc/security/limits.conf |
change some config like below :
1 2 | * soft nofile 100000 * hard nofile 100000 |
Soft reboot and SSH back on console :
1 | reboot |
Then run :
1 | sudo lxd init |
It will ask lot of questions, keep everything at default except few. Example :
1 2 3 4 5 6 7 8 9 10 11 | sudo lxd init Name of the storage backend to use (dir or zfs): zfs Create a new ZFS pool (yes/no)? yes Name of the new ZFS pool: lxd Would you like to use an existing block device (yes/no)? yes Path to the existing block device: /dev/sdb1 Would you like LXD to be available over the network (yes/no)? no Do you want to configure the LXD bridge (yes/no)? yes Warning: Stopping lxd.service, but it can still be activated by: lxd.socket LXD has been successfully configured. |
After completing lxd init step like above, add the br0 interface to the default profile with :
1 | lxc network attach-profile br0 default eth0 |
Exactly like Docker, LXD is also image based which provides three main options for obtaining images – remote, built-in, and local imports. In order to see which sources are available, run :
1 | lxc remote list |
We can use the official Ubuntu image repo to spin up a Ubuntu container with the command :
1 | lxc launch ubuntu:xenial testcontainer |
Or CenOS with this command :
1 | lxc launch images:centos/7/amd64 testcenots |
To check the status of the container, run :
1 | lxc list |
You’ll get something like :
1 2 3 4 5 | +---------------+---------+----------------------+------+------------+-----------+ | NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | +---------------+---------+----------------------+------+------------+-----------+ | testcontainer | RUNNING | 192.168.0.197 (eth0) | | PERSISTENT | 0 | +---------------+---------+----------------------+------+------------+-----------+ |
To start and stop containers run :
1 2 | lxc stop name-of-container lxc start name-of-container |
