Announcement

**GreyGeek** · Jul 07, 2018, 08:06 PM

https://www.ubuntu.com/containers/lxd

**acheron** · Jul 08, 2018, 05:21 AM

Used for our packaging work, and Kubuntu CI build node. Also used run package autotests, both in testing for us and on main Ubuntu infa for proposed migration testing on some architectures.

Probably used in many more ways on Ubuntu infra than even I am aware of.

**chimak111** · Jul 08, 2018, 06:47 AM

Probably a stupid question but can not-so-tech-savvy users use LXD instead of VirtualBox or kvm/qemu for things like checking out other distros?

Edit:
I found Windows and Linux on LXD
Q: Can different flavors of Windows or Linux (just 1 instance) run on LXD ? Any specific considerations ? (performance/scale/Openstack integration among others)

A: Linux, yes. Containers are chroots, not VMs though, so you cannot run other incompatible operating systems. You need a VM to run Windows on top of Ubuntu or any other Linux.

As for other distributions on top of Ubuntu (or any other distribution running LXD), everything will generally work as long as you're wanting to run a compatible architecture (i386 on i386, or amd64 or i386 on amd64, for example). Anything which needs specific kernel features which may not be enabled in the host system, won't work inside the container, as it's not a VM.

So I'm guessing trying out 18.10 on 18.04 via LXD may not be possible?

Next edit: Can an LXD client run a desktop environment?
Q: Can an LXD client run a graphical desktop environment in the same way as, for example, GNOME Boxes or VirtualBox?
A: Short answer is "no". Containers don't have virtual graphic cards so there's nothing for them to render to.

**GreyGeek** · Jul 08, 2018, 03:02 PM

Originally posted by chimak111 View Post

Probably a stupid question but can not-so-tech-savvy users use LXD instead of VirtualBox or kvm/qemu for things like checking out other distros?

Edit:
I found Windows and Linux on LXD
Q: Can different flavors of Windows or Linux (just 1 instance) run on LXD ? Any specific considerations ? (performance/scale/Openstack integration among others)

A: Linux, yes. Containers are chroots, not VMs though, so you cannot run other incompatible operating systems. You need a VM to run Windows on top of Ubuntu or any other Linux.

As for other distributions on top of Ubuntu (or any other distribution running LXD), everything will generally work as long as you're wanting to run a compatible architecture (i386 on i386, or amd64 or i386 on amd64, for example). Anything which needs specific kernel features which may not be enabled in the host system, won't work inside the container, as it's not a VM.

So I'm guessing trying out 18.10 on 18.04 via LXD may not be possible?

Next edit: Can an LXD client run a desktop environment?
Q: Can an LXD client run a graphical desktop environment in the same way as, for example, GNOME Boxes or VirtualBox?
A: Short answer is "no". Containers don't have virtual graphic cards so there's nothing for them to render to.

My understanding is that containers access the hardware and OS underneath.
https://linuxcontainers.org/lxd/getting-started-cli/
Shows how to create an ubuntu 16.04 container and then access its bash shell.
When I tried
lxc launch ubuntu-daily:16.04 myubuntu
it created IPv4 & 6 subnets and assigned addresses with NAT.
It added this network bridge, which I did not activate:

Code:

7: lxdbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
    inet 10.171.161.1/24 scope global lxdbr0
       valid_lft forever preferred_lft forever
    inet6 fd33:d55c:a943:2a93::1/64 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::5c53:6cff:feca:32b2/64 scope link 
       valid_lft forever preferred_lft forever

Then I did
lxc exec first -- /bin/bash
to get a bash shell.

From inside that shell I did
lxc exec apt-get xinit
which asked me if I wanted to install the Gnome graphical environment, about 245MB of stuff. IF I had completed that download and used 'startx' I suspect it would have attempted to start the Gnome DE.

In the Video posted in my OP you'll notice that the video starts with the LXC-server container already made and moved into using the "lxc exec LXC-server -- /bin/bash" command. From that bash prompt he installs btrfs-tools, and then formats the /dev/sdb drive with btrfs. He then proceeds to create a mount point under root and mounts it using the mount command.

As acheron says, I can see containers being used as console environments for KDE Qt programming, compiling, debugging and testing against a variety of distros.

**GreyGeek** · Jul 08, 2018, 05:25 PM

The following video is interesting between 15 and 37 minutes, where the speaker demonstrates lcx. He is aggrivating because every sentence he speaks trails off into a mumble. But, the screen view of his commands are interesting. Also, hardware passes through to containers, or visa-versa, so it appears that perhaps one can add a gpu device to a container, establish a display and run a DE. He shows adding how to add a gpu device (His was a GT 670). Interestingly, he added /dev/kvm as another device and bound some files to it.

**claydoh** · Jul 08, 2018, 05:53 PM

Containers are the Big Thing right now, for sure. It is not just for big hardware, either.

https://www.reddit.com/r/Crostini/wiki/index
New Chromebooks are getting Linux app support via LXD containers, some have it already (unofficially) .

It is going to be a little weird and wonderful running Chrome OS apps, Android apps, and Linux programs all on the same machine at the same time

(yeah, I know we already have crouton, but that is a chroot, not the same thing and can be a PITA)

**GreyGeek** · Jul 08, 2018, 06:24 PM

Interesting history of containers, and some more examples of how it is used. I found it interesting that some installations use containers for every service running.

I found one instance of someone getting a DE to work inside of a container:
https://forum.kde.org/viewtopic.php?f=17&t=138768
but he had to settle for slim DM because he couldn't get sddm to work.

So, unable to find an instance or successful instructions on running a Plasma5 inside a container, and as good as they may be for running a full featured text based distro inside a server, that concludes my interest in containers. At least until the devs create the ability to run a DE inside one.

**claydoh** · Jul 08, 2018, 09:24 PM

Doesn't docker sorta count as a container?
https://community.kde.org/Neon/Docker

**jlittle** · Jul 09, 2018, 01:31 AM

Originally posted by GreyGeek View Post

... unable to find an instance or successful instructions on running a Plasma5 inside a container...

I suppose one might want to use a container to check out running some version of a DE, but I wonder if X apps could be run in the container, talking to an X server on the system hosting the container? Or another system? Does the contained OS have an IP address for the containing OS?

Regards, John Little

**GreyGeek** · Jul 09, 2018, 02:12 PM

Originally posted by jlittle View Post

I suppose one might want to use a container to check out running some version of a DE, but I wonder if X apps could be run in the container, talking to an X server on the system hosting the container? Or another system? Does the contained OS have an IP address for the containing OS?

Regards, John Little

Good question. Borrowing the display of the host. For consoles that is, essentially, what is taking place by using the framebuffer. When I used debian as a template in the container I created, it downloaded the entire distro and even executed scripts which created a bridge and NAT, assigning an IP address for BOTH IPv4 and IPv6. It did not create a DNS assignment, however, and I didn't continue with creating that setting. In a post above I displayed the bridge configuration that was set up. From my Neon Konsole I could run ifconfig and see the bridge listed.

Without NAT the container cannot communicate with its host, but it does see the hardware. I installed and ran xinit and it started an xterm. Inside that I ran startx. It failed. I could have imported my xinitrc and retried it, but I didn't.

After I satisfied myself that the primary thrust of lxc & lxd was to create headless server containers I decided to stop exploring and restore my system, since I had installed dozens of lxc related packages. Anticipating problems, I snapshotted @ and @home as @_precont and @home_precont. I used my basic Btrfs rollback scheme and within 3 minutes was back to my system before I began my lxc experimentation.
My curiosity has been satisfied.

**GreyGeek** · Jul 09, 2018, 02:25 PM

Originally posted by claydoh View Post

Doesn't docker sorta count as a container?
https://community.kde.org/Neon/Docker

Before yesterday I knew absolutely NOTHING about containers or dockers. Since that first video I've read and seen mention made of dockers but until your question I didn't feel the need to explore dockers. I decided to see what the differences are. There are many websites and article explaining the difference, but I found this one to be the easiest and clearest:
https://pasztor.at/blog/lxc-vs-docker

LXC itself is a spiritual successor of OpenVZ. While OpenVZ is still around, mostly in the Redhat world with older kernels, LXC is the tool of choice for many who who wish to run a full operating system in a container. As such, LXC is more akin to true VMs and has to be handled much in the same way: software is installed by hand, updates have to be run, configuration management is much needed for keeping the madness at bay.

Docker on the other hand adopts a much different approach. Instead of running a VM-like container with a full software stack, including an init system, a syslog server, cron daemon and all the other stuff that one may have, it is built for running one application.
...
Common misconception: Docker does not use LXC. In the beginning Docker used the LXC command line tools to run containers, but that is no longer the case. Both Docker and LXC use the containerization features (cgroups and namespace) in the Linux kernel, but are independent of each other.

I quit developing ten years ago, and packaging a distro or an app using either containers or dockers would not serve any useful purpose for me. If I wanted to isolate an application I'd run it with firejail.

My big disappointment with containers is that getting a DE to run inside that "full operating system" isn't as easy as it is outside. While I've searched seriously for examples of someone running Plasma inside a container I haven't found a successful instance yet. BUT, IMO, a DE in a container is so close to being a reality that if some developer would build that bridge the result would blow VirtualBox out of the water.

**jglen490** · Jul 09, 2018, 07:10 PM

The system that I work on makes extensive use of containers. On the "bottom" is a physical domain running an OS, some drivers, assigned RAM and linked SAN. On "top" of this PDOM (physical domain), is a hypervisor. "Above" the hypervisor, are multiple logical domains (LDOM) with logical CPUs, logical RAM, and the actual system/application software, database, OS, etc. distributed among the multiple LDOMs. To do serious work requires some serious PDOM computing power and a great hypervisor to communicate seamlessly between the LDOM and the physical layer, storage, networking, and connected components.

If this *buntu container product works even reasonably well, it is a great tribute to not only Linux, but *buntu, in particular. It's not easy to do efficiently and effectively.

**GreyGeek** · Jul 09, 2018, 08:27 PM

Your container experience puts you way above my pay grade, jglen490 !

What I've learned is that as long as it is not relatively easy to get a DE (preferabley Plasma5) running in an OS that has been loaded into a container, thus replacing VirtualBox, my interest in the technology is reduced to "wait and see".

**GreyGeek** · Jul 09, 2018, 09:10 PM

Lxd cleanup problem

When I decided to play with containers I first created a snapshot of @ and @home, calling them @_precont and @home_precont. After I was done playing with lxc and lxd I opened a Konsole, "sudo -i" to root, mounted my sda1, using its uuid, to /mnt.

I used Btrfs send & receive to send those two subvolumes to my /backup HD because I always make backup snapshots using the "-r" flag and you can send & receive using only ro snapshots.

Then, moving @ and @home out of the way ...
mv /mnt/@ /mnt/@_old
mv /mnt/@home /mnt/@home_old

I created a new @ and @home using previously made precont snapshots:
btrfs subvol snapshot create /mnt/snapshots/@_precont /mnt/@
btrfs subvol snapshot create /mnt/snapshots/@home_precont /mnt/@home
Note: NOT using the "-r" flag creates a read-write snapshot out of a read-only snapshot.

I umounted /mnt and logged out of root and then out of the Konsole. I rebooted and my installation came up normally with Lxd & Lxc & any of its dependencies no longer present on my system.

I opened a Konsole and used "sudo -i" again, mounted sda1 again using its uuid, and attempted to delete the @old and @homeold snapshots.
btrfs subvol delete -C /mnt/@home_old
worked fine.
btrfs subvol delete -C /mnt/@_old
failed!

root@jerry-Aspire-V3-771:~# btrfs subvol delete -C /mnt/snapshots/@_old
Delete subvolume (commit): '/mnt/snapshots/@_old'
ERROR: cannot delete '/mnt/snapshots/@_old': Directory not empty

That means that somewhere inside @_old is another btrfs subvolume!

Code:

root@jerry-Aspire-V3-771:~#[FONT=courier new] [B]btrfs subvolume list /mnt/snapshots/@_old[/B][/FONT]
ID 435 gen 107891 top level 5 path snapshots/@_old
ID 436 gen 91942 top level 5 path snapshots/@_P5132
ID 437 gen 91944 top level 5 path snapshots/@home_P5132
ID 440 gen 102544 top level 5 path snapshots/@_20180705
ID 441 gen 102545 top level 5 path snapshots/@home_20180705
ID 442 gen 106640 top level 5 path snapshots/@home_precont
ID 443 gen 106639 top level 5 path snapshots/@_precont
[B]ID 444 gen 105998 top level 435 path var/lib/lxd/images/f2228450779fee27020d6024af587379b8f51062c32a335327f2b028c924bfa1.btrfs
ID 446 gen 106027 top level 435 path var/lib/lxd/images/07a11066cca8ea674265d06a763fe9b1c607cb16dc4e515a2cb186c9ac695e40.btrfs[/B]
ID 448 gen 107894 top level 5 path @
ID 449 gen 107898 top level 5 path @home

And there they are, two of them! They were created when I was playing with lxc and lxd and created that btrfscontainer container!

Code:

root@jerry-Aspire-V3-771:~# [B]btrfs subvol delete -C /mnt/snapshots/@_old/var/lib/lxd/images/f2228450779fee27020d6024af587379b8f51062c32a335327f2b028c924bfa1.btrfs
[/B]Delete subvolume (commit): '/mnt/snapshots/@_old/var/lib/lxd/images/f2228450779fee27020d6024af587379b8f51062c32a335327f2b028c924bfa1.btrfs'
root@jerry-Aspire-V3-771:~# [B]sync[/B]
root@jerry-Aspire-V3-771:~# [B]btrfs subvol delete -C /mnt/snapshots/@_old/var/lib/lxd/images/07a11066cca8ea674265d06a763fe9b1c607cb16dc4e515a2cb186c9ac695e40.btrfs[/B]
Delete subvolume (commit): '/mnt/snapshots/@_old/var/lib/lxd/images/07a11066cca8ea674265d06a763fe9b1c607cb16dc4e515a2cb186c9ac695e40.btrfs'
root@jerry-Aspire-V3-771:~#[B] sync[/B]
root@jerry-Aspire-V3-771:~# [B]sync[/B]

root@jerry-Aspire-V3-771:~# [B]btrfs subvol delete -C /mnt/snapshots/@_old[/B]
Delete subvolume (commit): '/mnt/snapshots/@_old'

And there it went, into the infinite bit-bucket in the sky!

Announcement

Hypervisors and LXD

Hypervisors and LXD

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment