lxc

Migrate LXC container to LXD (with ZFS storage)

CONTAINER_NAME=www

lxc-stop -n ${CONTAINER_NAME}
lxc init ubuntu:18.04 ${CONTAINER_NAME} -c security.privileged=true -c boot.autostart=true
#lxc stop ${CONTAINER_NAME}
#lxc config set ${CONTAINER_NAME} boot.autostart true
zfs mount tank/lxd/containers/${CONTAINER_NAME}
mv /var/lib/lxd/containers/${CONTAINER_NAME}/rootfs{,.org}
rsync -av --numeric-ids /var/lib/lxc/${CONTAINER_NAME}/rootfs /var/lib/lxd/containers/${CONTAINER_NAME}/
mv /var/lib/lxd/containers/${CONTAINER_NAME}/rootfs/dev{,.org}

LXC: create Ubuntu Xenial container

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create_ubuntu_xenial.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -s";
echo " 

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Allow root SSH login with password
sed -i 's|PermitRootLogin without-password|PermitRootLogin yes|' /etc/ssh/sshd_config
sed -i 's|PasswordAuthentication no|PasswordAuthentication yes|' /etc/ssh/sshd_config
service ssh restart

LXC: create Ubuntu Trusty container

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/create.trusty.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -s";
echo " 

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

Allow root SSH login with password
sed -i 's|PermitRootLogin without-password|PermitRootLogin yes|' /etc/ssh/sshd_config
sed -i 's|PasswordAuthentication no|PasswordAuthentication yes|' /etc/ssh/sshd_config
service ssh restart

LXC Containers

# Create Ubuntu 16.04 Xenial LXC container
sudo lxc-create --template ubuntu --name xenial -- template-options -r xenial

# Create Ubuntu 14.04 Trusty LXC container
sudo lxc-create --template ubuntu --name trusty -- template-options -r trusty

# Create Debian 9 Stretch LXC container
sudo lxc-create --template debian --name stretch -- template-options -r stretch

# centos
sudo lxc-create -t centos -n centos -- --release 7

# nested container / docker support
echo "lxc.aa_profile = unconfined" >> /var/lib/lxc/centos/config

Update LXC container templates filesystem

<?php
$URL="https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh";
echo "wget -q --no-check-certificate $URL -O - | bash -";
echo " 

";
$c = curl_init();
curl_setopt($c, CURLOPT_URL, $URL);
curl_setopt($c, CURLOPT_RETURNTRANSFER, 1);
echo htmlspecialchars(curl_exec($c));
curl_close($c);
echo "

";
?>

# fix dns
echo "nameserver 8.8.8.8" > /var/cache/lxc/debian/rootfs-wheezy-amd64/etc/resolv.conf

Cronjob
echo "0 13 * * * root /usr/bin/wget -q --no-check-certificate https://raw.githubusercontent.com/panticz/lxc/master/scripts/lxc-update-templates.sh -O - | bash -" > /etc/cron.d/lxc_update_template
service cron restart

# fix squeeze repository
sed -i 's|cdn.debian.net|ftp.debian.org|g' /var/cache/lxc/debian/rootfs-squeeze-amd64/etc/apt/sources.list

Subscribe to lxc