Posted on: by
Tags: archlinux, lxc
Not so long ago I discovered an interesting project while reading some documentation about chrooting: Linux Containers. Linux Containers (LXC) is a virtualization method based on a pretty recent feature of the Linux kernel: cgroups. While technologies like VirtualBox or XEN provides full-system virtualization, LXC is more like FreeBSD jails: the goal is to compartmentalize the guest systems to seal them from each others and from the host. LXC is still under development and the documentation is often lacking, lame or outdated. Your only hope is the man page or the source code. This article’s purpose is to show the configuration of an Archlinux container using netctl for network management.
To create our container we will use the
lxc-archlinux script distributed with lxc on Archlinux. This script needs a tool to bootstrap a new system:
pacstrap and a working bridged network interface. The command to install everything needed is:
$ sudo pacman -Sy lxc bridge-utils arch-install-scripts netctl
As I said, containers connect to the host with a bridged network. You can see a bridge network as some king of virtual network interface linking other interfaces together. The
bridge-utils package gives us everything we need to create and add interfaces to a bridge. Let’s create a new bridge netctl profile and connect our main network interface
enp3s0 (with access to the internet) to it. We will use static IP addresses.
# /etc/netctl/bridge Description="Bridge connection" Interface=br0 Connection=bridge BindsToInterfaces=(enp3s0) IP=static Address=('192.168.42.5/24') Gateway='192.168.42.254' DNS=('192.168.42.254')
Now start the bridge profile.
$ sudo netctl start bridge
Creating a container with the lxc-archlinux script is as easy as pie. Here I create a test container with vim and netctl preinstalled.
$ sudo lxc-create -n test -t lxc-archlinux -- -P vim,netctl
The container is created by default into
/var/lib/lxc/. To start it, use:
$ sudo lxc-start -n test
The system should quickly start and prompt for a login. Log as root and start playing with your LXC VPS.
The container configuration is managed by a config file located in the container’s directory. Before configuring any network on the guest we need to check some details.
If we want to use netcfg on the container, we need to make sure that the interface is not set up. If it is, netctl will be seriously mad. We comment the corresponding line.
# /var/lib/lxc/test/config #lxc.network.flags=up
Next you may want to change the name of the guest network interface. By default it is set to eth0 but you can change that if you want.
# /var/lib/lxc/test/config lxc.network.name=myinterfacename
I keep the default name for the rest of the article. Configuring the network profile on the guest is now dead easy. First I create a new static netcl profile.
# /etc/netctl/static Description='A basic static ethernet connection' Interface=eth0 Connection=ethernet IP=static Address=('192.168.42.6/24') Gateway='192.168.42.254' DNS=('192.168.42.254')
Then I make it start on boot and activate it.
$ sudo netctl enable static $ sudo netctl start static
Your guest network should now be working and be available from the host at the address you entered previously (here 192.168.42.6).
I created a modified
lxc-archlinux script to configure everything I talked about. It is available here and you can use it like this.
$ sudo lxc-create -n test -t lxc-arch-netctl -- -a 192.168.42.5/24