Containers
We install containers to manage the transitional, finally LXE: https://wiki.debian.org/LXC
STEP 0 Install lxc
apt-get update
apt-get install lxc
STEP 1 Create Let's create a 'Transitional' virtual machine, a container
lxc-create -n transitional -t debian
Start the container,deattach the container from the root terminal and change password of the container
START
lxc-start -n transitional -d
OPEN
lxc-console -n transitional
CHANE PASSWD
$root@transitional:passwd
Check config files.
config file of the container: /var/lib/lxc/transitional/config
- Template used to create this container: /usr/share/lxc/templates/lxc-debian
- Parameters passed to the template:
- For additional config options, please look at lxc.container.conf(5)
lxc.network.type = empty lxc.rootfs = /var/lib/lxc/transitional/rootfs
- Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
- Container specific configuration
lxc.mount = /var/lib/lxc/transitional/fstab lxc.utsname = transitional lxc.arch = amd64 lxc.autodev = 1 lxc.kmsg = 0 ~
config files lxc system: /etc/lxc/default.conf
config files lxc template: /usr/share/lxc/config/debian.common.conf
ERRORS along the way
Could not find writable mount point for cgroup hierarchy 8 while trying to create cgroup.
We imagine that if we upgrade to jessie 8.8, that the Cgroup issue (=a subsystem in the linux kernell, which allows process separation) will be a resolved. For now we add the mountpoint. and follow this manual [1]
cat /etc/fstab
cgroup /sys/fs/cgroup cgroup defaults 0 0
We mount manually, we do it easy by mount all
mount -a
But it doesn't work.
lxc-checkconfig
So let's install all the packages ~ and see whether it works
apt-get install lxc libvirt0 libpam-cgroup libpam-cgfs bridge-utils
Check the configuration file
nano /var/lib/lxc/transitional/config
STEP 2 How can a container access the network?
A container, has MAC adress, we need a bridge for networking, via dhcp, So the container get an ip, and give access to the server's internal network
Do we opt for static of dynamic ip's? the dhcp server can have static ip via host/ it is anyhow setup to give a unique ip to the MAC address of the container (guest). So the choice is obsolete.
/var/lib/lxc/<name>/config.
lxc.network.type = veth lxc.network.flags = up lxc.network.link = lxc-nat-bridge lxc.network.name = eth0 lxc.network.ipv4 = 10.0.3.2 lxc.network.ipv4.gateway = 10.0.3.1
Using /etc/network/interfaces, the bridge could be created simply:
iface lxc-nat-bridge inet static
bridge_ports none bridge_fd 0 address 10.0.3.1 netmask 255.255.255.0
STEP 3 How can we access via the internet a container?
Setup routing / (reverse) proxy system for networking, so depending on the different services (Living data, Nekrocemetery, Transitional) we create subdomains which direct you to the correct container.