LXC on Arch Linux

Martin Wimpress

At some point last year I was experimenting with Linux Containers (LXC) on Arch Linux. I never finished the blog post but somehow it was briefly published and then unplublished. I have no idea how accurate this blog post is but someone did see it and bookmarked it. They recently emailed me to ask where the blog has disappeared to, so here it is in all its unfinished glory.

Install LXC

sudo pacman -Syy --needed --noconfirm arch-install-scripts bridge-utils lxc netctl

netctl Bridge

The guest containers will connect to the LAN via a bridged network deviced.

sudo nano /etc/netctl/bridge

Add the following.

Description="Bridge"
Interface=br0
Connection=bridge
BindsToInterfaces=(eth0)
IP=dhcp
## sets forward delay time
FwdDelay=0
## sets max age of hello message
#MaxAge=10

Enable and start the bridge.

sudo netctl enable bridge
sudo netctl start bridge

Creating Containers

I’m only interetsed in running Arch Linux or Debian containers.

Container Configurations

Each container should have a matching configuration file, they look something like this.

lxc.arch = i686
lxc.utsname = myhostname
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.ipv4 = 0.0.0.0
lxc.network.name = eth0

lxc.arch Architecture for the container, valid options are x86, i686, x86_64, amd64.
lxc.utsman Container name, should also be used when naming the configuration file
lxc_network.type Type of network virtualization to be used for the container. The option veth defines a peer network device. It is created with one side assigned to the container and the other side is attached to a bridge by the lxc.network.link option.
lxc_network.flags Network actions. The value up in this case activates the network.
lxc.network.link Host network interface to be used for the container.
lxc.network.ipv4 IPv4 address assigned to the virtualized interface. Use the address 0.0.0.0 to make use of DHCP. Use lxc.network.ipv6 if you need IPv6 support.
lxc.network.name Dynamically allocated interface name. This option will rename the interface in the container.

More example files can be found in /usr/share/doc/lxc/examples/. Find details about all options via man lxc.conf.

Arch Linux

sudo lxc-create -t archlinux -n arch-01 -f ~/arch-01.conf -- --packages netctl

I am unable to get DHCP to work for a Arch Linux LXC container, therefore my dirty hack is to alway use a statis IP address in the netctl profile. There is also a bug (#35715) was helpful in narrowing down the problem, but wasn’t the solution in my case. Use /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/example/ethernet-static as a template.

sudo cp /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/example/ethernet-static /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/static

Modify /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/static accordingly. Now create a hook, with the same name as the netctl profile.

sudo nano /var/lib/lxc/CONTAIN_NAME/rootfs/etc/netctl/hooks/static

Add the following.

#!/usr/bin/env bash

if [[ $(systemd-detect-virt) != none ]]; then
    BindsToInterfaces=()
    ForceConnect=yes
fi

Start the container and enable the netctl profile.

netctl enable static
netctl start static

Debian Containers.

Install debobootstrap and dpkg so that Debian containers can be created.

packer -S --noedit dpkg debootstrap

Squeeze

Create a Debian container, squeeze is the default.

sudo lxc-create -t debian -n squeeze-01 -f ~/squeeze-01.conf

Change the root password.

chroot /var/lib/lxc/squeeze/rootfs/ passwd

Wheezy

Much the same as the Squeeze exaple above but use the following template.

https://github.com/simonvanderveldt/lxc-debian-wheezy-template

Using containers

Start a container

sudo lxc-start -d -n CONTAINER_NAME

Connect to the container and log in:

sudo lxc-console -n CONTAINER_NAME

To halt a container cleanly by the containers initv-system:

sudo lxc-halt -n CONTAINER_NAME

Stop and remove your container always with the two steps:

sudo lxc-stop -n CONTAINER_NAME
sudo lxc-destroy -n CONTAINER_NAME