Rainsbrook

User Tools

Site Tools

Trace:
linux:containers:lxc

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
linux:containers:lxc [23/12/2024 14:38] – created andrewlinux:containers:lxc [23/07/2025 14:38] (current) andrew
Line 4: Line 4:
 ===== Installation ===== ===== Installation =====
  
-Standard install of Ubuntu 14.04, additional packages installed are:- lxc lxctl lxc-templates, +Standard install of Ubuntu 22.04, additional packages installed are:- lxc lxctl lxc-templates, 
  
 ==== Disk layout ==== ==== Disk layout ====
Line 37: Line 37:
  
 ==== Creating a new container ==== ==== Creating a new container ====
 +
 +''lxc-create:-'' \\
 +''-n - -name, Name of the container''\\
 +''-t - -template, Template to use to set up container''\\
 + 
  
 <code> <code>
Line 199: Line 204:
  
 </code> </code>
 +
 +
 +
 +
 +==== Create Unprivileged Containers as Root with Shared UID and GID Ranges ====
 +
 +
 +Creating system-wide unprivileged containers (that is, unprivileged containers created and started by root) requires only a few extra steps to organize subordinate user IDs (uid) and subordinate group IDs (gid).
 +
 +Specifically, you need to manually allocate the subordinate uid and gid ranges to root in ''/etc/subuid'' and ''/etc/subgid'' and then set those ranges in ''/etc/lxc/default.conf'' using lxc.idmap entries.
 +
 +For example, if you have not done anything on your host related to subordinate uid and gid ranges, the following commands may be all you need. Before doing the following, take a look in /etc/subuid and /etc/subgid to see that the range 100000:65536 is not already in use on your host. If the range is in use, you can use another range.
 +
 +  echo "root:100000:65536" >>/etc/subuid
 +  echo "root:100000:65536" >>/etc/subgid
 +  echo "lxc.idmap = u 0 100000 65536" >>/etc/lxc/default.conf
 +  echo "lxc.idmap = g 0 100000 65536" >>/etc/lxc/default.conf
 +
 +That's it! Any container you create as root from now on will be running unprivileged. 
 +
  
 ===== Networking ===== ===== Networking =====
Line 224: Line 249:
  
 ''/etc/init/lxc-net.conf'' sets the default network config. This uses a NAT to a ''lxcbr0'' bridge device. ''/etc/init/lxc-net.conf'' sets the default network config. This uses a NAT to a ''lxcbr0'' bridge device.
 +
 +Or....
 +
 +''/etc/default/lxc-net.conf'' Ubuntu 18.04
 +
  
 Specific configs are kept in /var/lib/lxc/<HOSTNAME>/config Specific configs are kept in /var/lib/lxc/<HOSTNAME>/config
linux/containers/lxc.1734964698.txt.gz · Last modified: by andrew
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki