以下僅是個人在5年前的工作筆記,難免有誤之處,如果參考,請辯證的參考:
一 :linux container basic command
o lxc-checkconfig # verifies that needed kernel config options are on
o lxc-ls # lists all containers on the system
o lxc-info # shows the current state of all containers
o lxc-freeze
o lxc-unfreeze
o lxc-ps
o lxc-kill sdk_v1.6 does not support this command.
o lxc-monitor
o lxc-netstat
o lxc-wait
reference to other test case:
o lxc-create # creates containers : TC-2101
o lxc-destroy # deletes containers : TC-2101
o lxc-start # starts/boots a container : TC-2101
o lxc-stop # stops a container : TC-2101
o lxc-unshare:TC-2555
o lxc-execute:TC-2545, TC-2546, TC-2548
1. Create network bridge on host os with the net interface used to link to NW.(It can save network resource)
~# brctl addbr br0
~# brctl addif br0 ethx or fm1-gb1
~# ifconfig br0 192.168.2.XXX/24 up
~# ifconfig ethx or fm1-gb1 0.0.0.0
~# brctl show
2. Create, start linux container on ssh console:
~# lxc-create -n vm1 -t busybox -f /usr/share/doc/lxc/examples/lxc-veth.conf
~# lxc-start -n vm1 -d
~# lxc-console -n vm1
vm1 login: root
Password: (root)
~ #
3.On host os:
Enable udhcpc for linux contianer on host os:
~# lxc-attach -n vm1 -- udhcpc
udhcpc (v1.20.2) started
Sending discover...
Sending select for 192.168.0.58...
Lease of 192.168.0.58 obtained, lease time 600
~# lxc-attach -n vm1 -- ifconfig
Start ssh function for linu container on host os
~# lxc-attach -n vm1 -- dropbear
~# ping 192.168.2.1 -c 3
4. ssh to container:
[email protected]'s password:
~ #
ps
PID USER VSZ STAT COMMAND
1 root 3784 S init
4 root 3784 S /bin/syslogd
6 root 3788 S -sh
7 root 3784 S init
15 root 3784 S udhcpc
18 root 2884 S dropbear
19 root 3384 R dropbear
20 root 3788 S -sh
21 root 3788 R ps
~ # exit
二:share device with host in lxc
1. mount cgroup subsystems
2. modiy busybox
3.
Creating device files into container rootfs
Edit /usr/share/lxc/templates/lxc-busybox
In install_busybox() add:
# device zero
mknod zero c 1 5
chmod 666 zero
# hdd
4.
In ssh console , create ctx1 lxc.
# lxc-create -n ctx1 -t busybox -f /usr/share/doc/lxc/examples/lxc-no-netns.conf
5.
Startup ctx1 lxc:
# lxc-start -n ctx1
udhcpc: applet not found
Please press Enter to activate this console.
6.
Do hdparm test 3 times on hard disk and get the average value.
#hdparm -t /dev/sdb
7.
stop and destroy ctx1 lxc as lxc_startup
三:assign a physical network interface to a container
One approach to providing networking capability to a container is to directly assign an available, unused network interface to the container. The interface is not shared, it becomes the private resource of the container.
1. edit a config file as below:
lxc-phys.conf
# Container with network virtualized using a physical network device with name # 'eth0' lxc.utsname = gamma lxc.network.type = phys lxc.network.flags = up lxc.network.link = eth0 lxc.network.hwaddr = 4a:49:43:49:79:ff lxc.network.ipv4 = 10.2.3.6/24 lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3297
Note: The network type is set to: phys. Make a copy of the example config file and update it with the name of the Ethernet interface to be assigned, an appropriate IP address, and any other appropriate changes (e.g. mac address). For example, the change (in universal diff format) to set the interface fm2-gb0 and IP address 192.168.10.3 would look like: etc
四:configure network with macvlan
An LXC container can be provided with a virtual network interface using the "MAC-VLAN" feature of the Linux kernel (see kernel config option CONFIG_MACVLAN). MAC-VLAN allows virtual interfaces to be created that route packets to or from a MAC address to a physical network interface.
1.The example configuration file lxc-veth.conf demonstrates this approach:
/usr/share/doc/lxc/examples/lxc-macvlan.conf
The contents of the provided lxc-phys.conf example configuration file are show below:
# Container with network virtualized using the macvlan device driver lxc.utsname = alpha lxc.network.type = macvlan lxc.network.flags = up lxc.network.link = eth0 lxc.network.hwaddr = 4a:49:43:49:79:bd lxc.network.ipv4 = 10.2.3.4/24 lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3596modify items as:
lxc.network.link = fmX-gbX
2.
configure network on right host.
# ifconfig fmX-gbX 192.2.1.13
# ifconfig fmX-gbX promisc
3.
In right ssh console, create ctx1 lxc with busybox template
# lxc-create -n ctx1 -t busybox -f /usr/share/doc/lxc/examples/lxc-macvlan.conf4.
Startup ctx1 lxc:
#lxc-start -n ctx1
5. do test.
五:configure network using vlan
A container can be provided with a virtual network interface using VLANs.
See the vlan description in LXC Configuration File Reference for some additional details on this approach to networking.
The example configuration file lxc-veth.conf demonstrates this approach:
/usr/share/doc/lxc/examples/lxc-vlan.conf
The contents of the provided lxc-vlan.conf example configuration file are show below:
# Container with network virtualized using the vlan device driver lxc.utsname = alpha lxc.network.type = vlan lxc.network.vlan.id = 1234 lxc.network.flags = up lxc.network.link = eth0 lxc.network.hwaddr = 4a:49:43:49:79:bd lxc.network.ipv4 = 10.2.3.4/24 lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3596
Make a copy of the example config file and update it with the physical network interface to be used and the vlan ID, an appropriate IP address, and any other appropriate changes. For example, the change (in universal diff format) to specify the fm2-gb0 interface, a VLAN id of 2, and an IP address of 192.168.30.2 would look like:
--- /usr/share/doc/lxc/examples/lxc-vlan.conf 2013-05-30 14:22:14.980406375 +0300 +++ lxc-vlan.conf 2013-06-03 13:26:38.477580000 +0300 @@ -1,9 +1,9 @@ # Container with network virtualized using the vlan device driver lxc.utsname = alpha lxc.network.type = vlan -lxc.network.vlan.id = 1234 +lxc.network.vlan.id = 2 lxc.network.flags = up -lxc.network.link = eth0 +lxc.network.link = fm2-gb0 lxc.network.hwaddr = 4a:49:43:49:79:bd -lxc.network.ipv4 = 10.2.3.4/24 +lxc.network.ipv4 = 192.168.30.2/24 lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3596
In this setup, the host is connected to a test machine through physical interface fm2-gb0. On the test machine, the following commands have been issued (interface p7p1 on this machine has physical link to fm2-gb0):
[root@everest][~]# modprobe 8021q [root@everest][~]# lsmod | grep 8021q 8021q 23476 0 garp 13763 1 8021q [root@everest][~]# vconfig add p7p1 2 Added VLAN with VID == 2 to IF -:p7p1:- [root@everest][~]# ifconfig p7p1.2 192.168.30.1 up
Test the VLAN interface by starting an application container running /bin/bash:
# lxc-execute -n mytest -f lxc-vlan.conf -- /bin/bash bash-4.2#
Test the interface in the now running container:
bash-4.2# /sbin/ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.30.2 netmask 255.255.255.0 broadcast 192.168.30.255
inet6 fe80::21e:c9ff:fe49:bb93 prefixlen 64 scopeid 0x20<link>
ether 00:1e:c9:49:bb:93 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6 bytes 468 (468.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 16436
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 4 bytes 200 (200.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 200 (200.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
bash-4.2# ping -c 3 192.168.30.1
PING 192.168.30.1 (192.168.30.1) 56(84) bytes of data.
64 bytes from 192.168.30.1: icmp_req=1 ttl=64 time=0.338 ms
64 bytes from 192.168.30.1: icmp_req=2 ttl=64 time=0.372 ms
64 bytes from 192.168.30.1: icmp_req=3 ttl=64 time=0.355 ms
--- 192.168.30.1 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.338/0.355/0.372/0.013 ms所以根本不知道怎樣去喚醒它。到lxc-1.0.0 有了lxc-snapshot,或者另外一個tools , 在將來container 可以實現遷移。