Centos上安装LXD

以下安装仅适用于自己本地测试玩玩~

机器环境

操作系统：Centos7
内核版本：3.10.0-1160.36.2.el7.x86_64
操作用户：root

开始安装

1. 安装并启动snapd

[root@lxc ~]# yum install epel-release yum-plugin-copr -y
[root@lxc ~]# yum copr enable ngompa/snapcore-el7 -y
[root@lxc ~]# yum -y install snapd
[root@lxc ~]# systemctl enable --now snapd.socket
[root@lxc ~]# ln -s /var/lib/snapd/snap /snap

2. 调整内核参数并重启

[root@lxc ~]# grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
[root@lxc ~]# grubby --args="namespace.unpriv_enable=1" --update-kernel="$(grubby --default-kernel)"
[root@lxc ~]# echo "user.max_user_namespaces=3883" > /etc/sysctl.d/99-userns.conf
[root@lxc ~]# reboot

3. 创建lxd组并将root用户加入到组

[root@lxc ~]# groupadd -g 994 lxd
[root@lxc ~]# usermod -a -G lxd root
[root@lxc ~]# newgrp lxd
[root@lxc ~]# id
uid=0(root) gid=0(root) groups=0(root),994(lxd)

4. 安装LXD并初始化

4.1 安装LXD

[root@lxc ~]# snap install lxd

[root@lxc ~]# snap list
Name    Version   Rev    Tracking       Publisher   Notes
core20  20210429  1026   latest/stable  canonical✓  base
lxd     4.16      21039  latest/stable  canonical✓  -
snapd   2.51.1    12398  latest/stable  canonical✓  snapd

[root@lxc ~]# snap services 
Service       Startup  Current   Notes
lxd.activate  enabled  inactive  -
lxd.daemon    enabled  active    socket-activated

此时需要退出终端后重新登录终端，否则下面的lxd命令会报错.

4.2 初始化LXD

不退出终端重连的话出现了这个错误
[root@lxc ~]# lxd init
permanently dropping privs did not work

退出终端后重连
[root@lxc ~]# lxd init
Would you like to use LXD clustering? (yes/no) [default=no]: 
Do you want to configure a new storage pool? (yes/no) [default=yes]: 
Name of the new storage pool [default=default]: 
Name of the storage backend to use (btrfs, dir, lvm, ceph) [default=btrfs]: dir
Would you like to connect to a MAAS server? (yes/no) [default=no]: 
Would you like to create a new local network bridge? (yes/no) [default=yes]: 
What should the new bridge be called? [default=lxdbr0]: 
What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: 
What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: 
Would you like the LXD server to be available over the network? (yes/no) [default=no]: 
Would you like stale cached images to be updated automatically? (yes/no) [default=yes] 
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]: 

5. 获取镜像并启动lxc容器

查看本地的lxc镜像，此时本地还没有镜像
[root@lxc ~]# lxc image list
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+
|      ALIAS      | FINGERPRINT  | PUBLIC |           DESCRIPTION            | ARCHITECTURE |   TYPE    |   SIZE   |         UPLOAD DATE          |
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+

添加镜像源，避免拉取国外镜像时间太长
[root@lxc ~]# lxc remote add tuna-images https://mirrors.tuna.tsinghua.edu.cn/lxc-images/ --protocol=simplestreams --public

拷贝远程镜像到本地
[root@lxc ~]# lxc image copy tuna-images:centos/7/amd64 local:

再次查看镜像
[root@lxc ~]# lxc image list
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+
|      ALIAS      | FINGERPRINT  | PUBLIC |           DESCRIPTION            | ARCHITECTURE |   TYPE    |   SIZE   |         UPLOAD DATE          |
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+
|                 | a3d6514c4709 | no     | Centos 7 amd64 (20210722_07:08)  | x86_64       | CONTAINER | 83.55MB  | Jul 23, 2021 at 2:14am (UTC) |
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+

用该镜像启动一个lxc容器
[root@lxc ~]# lxc launch a3d6514c4709  mycentos7
Creating mycentos7
Starting mycentos7

查看启动的lxc容器
[root@lxc ~]# lxc ls 
+-----------+---------+-----------------------+-----------------------------------------------+-----------+-----------+
|   NAME    |  STATE  |         IPV4          |                     IPV6                      |   TYPE    | SNAPSHOTS |
+-----------+---------+-----------------------+-----------------------------------------------+-----------+-----------+
| mycentos7 | RUNNING | 10.251.121.75 (eth0)  | fd42:62c6:9b1c:2cea:216:3eff:fe01:7355 (eth0) | CONTAINER | 0         |
+-----------+---------+-----------------------+-----------------------------------------------+-----------+-----------+

6. 容器内安装mariadb并发布新镜像

进入容器内，可以发现主机名已经变成了mycentos7
[root@lxc ~]# lxc exec mycentos7 bash
[root@mycentos7 ~]# 

在容器内安装mariadb
[root@mycentos7 ~]#  yum update -y
[root@mycentos7 ~]#  yum install mariadb-server -y
[root@mycentos7 ~]#  systemctl start mariadb && systemctl enable mariadb

进入MySQL创建一个表
[root@mycentos7 ~]# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 5.5.68-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> use test;
MariaDB [test]> CREATE TABLE `person` ( `id` int NOT NULL AUTO_INCREMENT, `name` varchar(100) NOT NULL, PRIMARY KEY (`id`));
MariaDB [test]> exit;

将容器关机，留意只是容器关机，而不是我们的宿主机关机了
[root@mycentos7 ~]#  shutdown now

容器关机后进入到宿主机上了，将容器发布为新的镜像
[root@lxc ~]# lxc publish mycentos7 --alias centos7-mariadb
[root@lxc ~]# lxc image ls 
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+
|      ALIAS      | FINGERPRINT  | PUBLIC |           DESCRIPTION            | ARCHITECTURE |   TYPE    |   SIZE   |         UPLOAD DATE          |
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+
| mariadb-centos7 | eeef46d009d1 | no     | Centos 7 x86_64 (20210722_07:08) | x86_64       | CONTAINER | 215.24MB | Jul 23, 2021 at 2:29am (UTC) |
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+
|                 | a3d6514c4709 | no     | Centos 7 amd64 (20210722_07:08)  | x86_64       | CONTAINER | 83.55MB  | Jul 23, 2021 at 2:14am (UTC) |
+-----------------+--------------+--------+----------------------------------+--------------+-----------+----------+------------------------------+

7. 使用新镜像启动新容器

使用新镜像重新创建一个容器
[root@lxc ~]# lxc launch centos7-mariadb mymariadb
Creating mymariadb
Starting mymariadb

查看lxc容器，此时有两个lxc容器，其中还一个是之前停掉的
[root@lxc ~]# lxc ls 
+-----------+---------+-----------------------+-----------------------------------------------+-----------+-----------+
|   NAME    |  STATE  |         IPV4          |                     IPV6                      |   TYPE    | SNAPSHOTS |
+-----------+---------+-----------------------+-----------------------------------------------+-----------+-----------+
| mariadb   | RUNNING | 10.251.121.210 (eth0) | fd42:62c6:9b1c:2cea:216:3eff:fe39:f0c5 (eth0) | CONTAINER | 0         |
+-----------+---------+-----------------------+-----------------------------------------------+-----------+-----------+
| mycentos7 | STOPPED |                       |                                               | CONTAINER | 0         |
+-----------+---------+-----------------------+-----------------------------------------------+-----------+-----------+

进入新创建的lxc容器，留意主机名已经变成了mariadb，说明进入了容器里
[root@lxc ~]# lxc exec mariadb bash
[root@mariadb ~]#

容器里查看进程运行情况，可以看到mariadb正在运行中，因为之前制作这个镜像的时候执行了mariadb的开机自启动
[root@mariadb ~]# ps -ef | grep mariadb
root        916      1  0 02:30 ?        00:00:00 /sbin/dhclient -1 -q -lf /var/lib/dhclient/dhclient--eth0.lease -pf /var/run/dhclient-eth0.pid -H mariadb eth0
mysql      1205   1026  0 02:30 ?        00:00:32 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --log-error=/var/log/mariadb/mariadb.log --pid-file=/var/run/mariadb/mariadb.pid --socket=/var/lib/mysql/mysql.sock
root       1540   1510  0 06:19 ?        00:00:00 grep --color=auto mariadb

进入数据库查看之前创建的数据库表
[root@mariadb ~]# mysql
Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 3
Server version: 5.5.68-MariaDB MariaDB Server

Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> use test;
MariaDB [test]> show tables;
+----------------+
| Tables_in_test |
+----------------+
| person         |
+----------------+
1 row in set (0.00 sec)

总结：整体而言安装过程对于小白来说是个黑盒，不如docker的安装来的简单直接，lxc容器和镜像使用上和docker的比较类似，lxc镜像的制作过程与docker commit的过程比较类似。

参考链接：
centos上安装lxd：https://ywnz.com/linuxjc/4296.html
centos上安装snap：https://ywnz.com/linuxjc/4145.html
centos上安装和使用lxd：https://www.malike.net.cn/blog/2020/05/05/lxd-tutorial-1/