LXC安装和配置（源码安装）

LXC安装和配置（源码安装）

测试环境：
（1）OS：UbuntuServer 13.10 amd64
（2）LXC1.0.0alpha1 源码

1. 配置Host网络
# nano /etc/network/interface
auto lo
iface lo inet loopback

# The primary network interface
#auto eth0
#iface eth0 inet dhcp

auto br0
iface br0 inet static
address 192.168.255.155
netmask 255.255.255.0
gateway 192.168.255.254
dns-nameservers 8.8.8.8 8.8.4.4
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off

2. 卸载Apparmor
# /etc/init.d/apparmor stop
# update-rc.d -f apparmor remove
# apt-get --purge remove apparmor apparmor-utils libapparmor-perl libapparmor1

3. 安装必要软件包
# sed -i 's/us.archive.ubuntu.com/mirrors.163.com/g'/etc/apt/sources.list
# apt-get update
# apt-get install bridge-utils vim build-essential pkg-config m4 libtool gitfakeroot debootstrap libcap2-dev docbook autoconf git wget cgroup-lite
# reboot

4. 安装LXC源码
# wget https://github.com/lxc/lxc/archive/lxc-1.0.0.rc2.tar.gz
# tar zxvf lxc-1.0.0.rc2.tar.gz
# cd lxc-1.0.0.rc2
# ./autogen.sh
# ./configure
# make
# make install

5. 安装路径
/usr/local/bin
/usr/local/etc/lxc/default.conf
/usr/local/lib/lxc/rootfs
/usr/local/share/lxc/config, hooks, templates
/usr/local/var/lib/lxc/{lxc_name}

6. 创建LXC（以Ubuntu最新发行版为模版）
# lxc-checkconfig
# lxc-create -n ubuntu -t ubuntu

7. 修改ubuntulxc instance网络配置
# nano /usr/local/var/lib/lxc/ubuntu
# 隔离同一宿主机上不同虚拟机之间的通讯（很关键的安全防护，所有虚拟机流量全部到ToR，再返回）
lxc.network.type = macvlan
lxc.network.macvlan.mode = vepa
lxc.network.flags = up
lxc.network.link = br0
# 支持LXC嵌套
lxc.hook.mount = /usr/local/share/lxc/hooks/mountcgroups

8. 启动ubuntulxc instance
# lxc-start -n ubuntu

 

附录，LXC网络模型：

（1）虚拟机与宿主机无法通信
lxc.network.type = macvlan
lxc.network.macvlan.mode = bridge

（2）虚拟机间无法通信
lxc.network.type = macvlan
lxc.network.macvlan.mode = vepa

（3）虚拟机没有网络
lxc.network.type = empty

 

·        页面:

LXC安装和配置（源码安装）

·        页面:

Docker简要操作