Nurupoga

Posted on: by Ken Rimlinger

Tags: archlinux, lxc

Archlinux on LXC with netctl

Not so long ago I discovered an interesting project while reading some documentation about chrooting: Linux Containers. Linux Containers (LXC) is a virtualization method based on a pretty recent feature of the Linux kernel: cgroups. While technologies like VirtualBox or XEN provides full-system virtualization, LXC is more like FreeBSD jails: the goal is to compartmentalize the guest systems to seal them from each others and from the host. LXC is still under development and the documentation is often lacking, lame or outdated. Your only hope is the man page or the source code. This article’s purpose is to show the configuration of an Archlinux container using netctl for network management.

Installing the right things

To create our container we will use the lxc-archlinux script distributed with lxc on Archlinux. This script needs a tool to bootstrap a new system: pacstrap and a working bridged network interface. The command to install everything needed is:

$ sudo pacman -Sy lxc bridge-utils arch-install-scripts netctl

Configuring the host network

As I said, containers connect to the host with a bridged network. You can see a bridge network as some king of virtual network interface linking other interfaces together. The bridge-utils package gives us everything we need to create and add interfaces to a bridge. Let’s create a new bridge netctl profile and connect our main network interface enp3s0 (with access to the internet) to it. We will use static IP addresses.

# /etc/netctl/bridge
Description="Bridge connection"
Interface=br0
Connection=bridge
BindsToInterfaces=(enp3s0)
IP=static
Address=('192.168.42.5/24')
Gateway='192.168.42.254'
DNS=('192.168.42.254')

Now start the bridge profile.

$ sudo netctl start bridge

Creating our first container

Creating a container with the lxc-archlinux script is as easy as pie. Here I create a test container with vim and netctl preinstalled.

$ sudo lxc-create -n test -t lxc-archlinux -- -P vim,netctl

The container is created by default into /var/lib/lxc/. To start it, use:

$ sudo lxc-start -n test

The system should quickly start and prompt for a login. Log as root and start playing with your LXC VPS.

Configuring the container’s network

The container configuration is managed by a config file located in the container’s directory. Before configuring any network on the guest we need to check some details.

If we want to use netcfg on the container, we need to make sure that the interface is not set up. If it is, netctl will be seriously mad. We comment the corresponding line.

# /var/lib/lxc/test/config
#lxc.network.flags=up

Next you may want to change the name of the guest network interface. By default it is set to eth0 but you can change that if you want.

# /var/lib/lxc/test/config
lxc.network.name=myinterfacename

I keep the default name for the rest of the article. Configuring the network profile on the guest is now dead easy. First I create a new static netcl profile.

# /etc/netctl/static
Description='A basic static ethernet connection'
Interface=eth0
Connection=ethernet
IP=static
Address=('192.168.42.6/24')
Gateway='192.168.42.254'
DNS=('192.168.42.254')

Then I make it start on boot and activate it.

$ sudo netctl enable static
$ sudo netctl start static

Your guest network should now be working and be available from the host at the address you entered previously (here 192.168.42.6).

I created a modified lxc-archlinux script to configure everything I talked about. It is available here and you can use it like this.

$ sudo lxc-create -n test -t lxc-arch-netctl -- -a 192.168.42.5/24