User Tools
docs:lxc
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
docs:lxc [2014-07-02 11:49] matkor |
docs:lxc [2015-10-05 11:15] glen |
||
|---|---|---|---|
| Line 21: | Line 21: | ||
| * [[package>lxc]] package | * [[package>lxc]] package | ||
| * cgroups mounted, use [[package>systemd]] or [[package>libcgroup]] for that (edit and enable most groups in ///etc/cgconfig.conf// except debug) | * cgroups mounted, use [[package>systemd]] or [[package>libcgroup]] for that (edit and enable most groups in ///etc/cgconfig.conf// except debug) | ||
| + | |||
| + | <note warning>Kernels with vserver support compiled in, do not work correctly with LXC | ||
| + | |||
| + | * [[http://lists.pld-linux.org/mailman/pipermail/pld-devel-en/2014-January/thread.html#23786]] | ||
| + | * http://www.paul.sladen.org/vserver/archives/201402/0015.html | ||
| + | </note> | ||
| ===== Guest creation ===== | ===== Guest creation ===== | ||
| Line 65: | Line 71: | ||
| ===== Common problems / Useful tricks ===== | ===== Common problems / Useful tricks ===== | ||
| + | |||
| + | ==== lxc-start has no output ==== | ||
| + | |||
| + | In case ''lxc-start -n test'' produces no output, ensure /dev/console is present in guest filesystem. | ||
| ==== lxc-stop is not graceful ==== | ==== lxc-stop is not graceful ==== | ||
| Line 126: | Line 136: | ||
| ==== general ==== | ==== general ==== | ||
| - | static networking, set ''VSERVER=yes'' and ''VSERVER_ISOLATION_NET=yes'' in guest ''/etc/sysconfig/system'' to disable all network configuration by guest, set RC_PROMPT=no to avoid hanging startaup scripts, in general it's good idea to turn off there most of things | + | static networking, set ''VSERVER=yes'' and ''VSERVER_ISOLATION_NET=yes'' in guest ''/etc/sysconfig/system'' to disable all network configuration by guest, set RC_PROMPT=no to avoid hanging startup scripts, in general it's good idea to turn off there most of things |
| ==== network using macvlan in bridge mode ==== | ==== network using macvlan in bridge mode ==== | ||
| Line 133: | Line 143: | ||
| - you can't filter guest straffic from host's firewall | - you can't filter guest straffic from host's firewall | ||
| - host can use seme default interface with and without guests running. | - host can use seme default interface with and without guests running. | ||
| - | - you HAVE to set mac. If not - on every container start you'll have different one (your router will not pass the traffic). | + | - one have better to set static MAC address. If not - on every container start you'll have different MAC generated and your router may have problems with passing traffic. |
| - | - iptables is initialized from lxc.hook.pre-mount hook (ran in the container's namespace and having macvlan interface visible) | + | - iptables is initialized from lxc.hook.pre-mount hook (ran in the container's namespace and having guest macvlan interface visible) |
| first boot with ''hwaddr'' line disabled, look what the random address was assigned, set it in config. | first boot with ''hwaddr'' line disabled, look what the random address was assigned, set it in config. | ||
docs/lxc.txt · Last modified: 2016-08-21 00:36 by glen
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
