This is a step-by-step tutorial on how to install LXC on Debian Squeeze (and possibly other versions). I wrote this down as a reminder to myself because I was unable to find one consistent example source that worked for me. I will not talk what LXC is or why is it good, it has been already done in numerous places.
- Installing required packages:
# apt-get install bridge-utils debootstrap
- Setting up a bridge interface:
As I already had bridge set up for OpenVPN, so I skipped this step.
For the most basic bridge add following configuration to /etc/network/interfaces:
# Bridge setup iface br0 inet static bridge_ports eth0 eth1 address 192.168.0.2 broadcast 192.168.0.255 netmask 255.255.255.0 gateway 192.168.0.1
bridge_ports – specify physical interfaces to be added to br0. You should not put any lines to configure the interfaces that will be used by the bridge, as this will be setup automatically by the scripts when bringing the bridge up.
- Installing LXC:
Assuming you’re running Debian Stable (squeeze (v6.0) at the time of writing), then the candidate LXC version should be <0.7.3:
apt-cache policy lxc | grep -i candidate
All versions up to 0.7.3 (see: bug #601422) by default uses debian lenny distribution for the VM containers. If you are ok with that, go directly to “Using lenny for the container”, otherwise, see below “Using squeeze for the container”.
- Using squeeze for the container:
The one possible way to get LXC >=0.7.3 with squeeze is to use testing repository, as backports do not include LXC yet. This is more a hack, than a good solution, but because LXC does not have many dependencies it works just fine for our purposes.
Add default release parameter for apt:
# echo "echo "APT::Default-Release \"stable\";" >> /etc/apt/apt.conf.d/70debconf
Add testing repositories to your sources list:
# echo "deb ftp://ftp.lt.debian.org/debian/ testing main non-free contrib" >> /etc/apt/sources.list # echo "deb-src ftp://ftp.lt.debian.org/debian/ testing main non-free contrib" >> /etc/apt/sources.list
Alternatively you can use any testing mirror. Now all is left to do, is to install LXC itself:
# apt-get update && apt-get -t testing install lxc
Just to be sure your stable system does not “drift” into testing packages, you can remove the testing repositories from sources.list. As newer LXC package moves into stable, apt should automatically catch that and update accordingly without breaking any dependencies.
- Using lenny for the container:
For using lenny as a VM container simply install LXC tools from stable repository:
# apt-get update && apt-get install lxc
After isntalling LXC tools, it is time to set up cgroups:
# echo "cgroup /sys/fs/cgroup cgroup defaults 0 0" >> /etc/fstab # mount cgroup
And a quick check to ensure everything is ok so far:
In output you should see everything enabled apart “Cgroup memory controller”. If you want memory control via cgroups then the Kernel recompilation is needed, which is beyond the scope of this tutorial.
Creating your first VM
- Creating root filesystem:
Create directory for VM and install Debian base system using lxc template:
# mkdir -p /lxc/vm0 # /usr/lib/lxc/templates/lxc-debian -p /lxc/vm0/
This will take longer to complete only the first time you run it, as the subsequent template creations will use debootstrap’s cache.
- Error “Failed getting release file”
If you get this error during first install, simply change mirror in /usr/lib/lxc/templates/lxc-debian file and repeat steps, e.g.:
- Error “Failed getting release file”
- Configuring VM:
We are nearly done. The last step is to configure our VM container. Edit the file /lxc/vm0/config while taking special attention to parameters:
lxc.network.ipv4 = 192.168.0.123/24 lxc.network.hwaddr = 4a:59:43:49:79:bf lxc.network.link = br0 lxc.network.type = veth lxc.network.veth.pair = veth_vm0
- IP (in lxc.network.ipv4) must end with CIDR notation of subnet. “/24″ means subnet mask of “255.255.255.0″
- MAC (in lxc.network.hwaddr) address must not be multicast
- Name of interface (in lxc.network.veth.pair) can be anything, but I prefer convention “veth_VM-NAME”
Do not forget to configure VM’s interface in file /lxc/vm0/rootfs/etc/network/interfaces to something like:
auto eth0 iface eth0 inet static address 192.168.0.123 netmask 255.255.255.0 gateway 192.168.0.1
- Starting VM:
Now the final step is to power on and start using your VM:
lxc-start -n vm0 -f /lxc/vm0/config
You will be attached to a VM console where you can login with user root:root. Do not forget to change the root’s password or disable the account altogether!
- Stopping VM:
lxc-stop -n vm0
- Attaching to VM’s console:
lxc-console -n vm0
- Auto-starting VMs when host starts:
- LXC <0.7.5:
Create config symlink:
# ln -s /lxc/vm0/conf /etc/lxc/vm0.conf
Then edit file /etc/default/lxc and include something like:
RUN=yes CONF_DIR=/etc/lxc CONTAINERS="vm0"
- LXC >=0.7.5:
# ln -s /lxc/vm0/config /etc/lxc/auto/vm0.conf
- LXC <0.7.5:
- Cloning VM:
This can be achieved by simply copying VM’s directory with:
# cp -r /lxc/vm0 /lxc/new_vm
After that do not forget to change /lxc/new_vm/config and /lxc/new_vm/rootfs/etc/network/interfaces files to reflect new changes of name, IP/MAC address and rootfs location.
- Sharing (binding) host’s directory in VM:
In VM’s config include lxc.mount.entry, e.g. for VM running Apache:
lxc.mount.entry = /var/www /lxc/vm0/rootfs/var/www none defaults,bind 0 0