Bii o ṣe le Fi sii, Ṣẹda ati Ṣakoso LXC (Awọn apoti Linux) ni RHEL/CentOS 7
LXC, adape fun Awọn Apoti Lainos, jẹ ojutu kernel Linux ti o ni orisun agbara ipa ipa, eyiti iṣe ṣiṣe ni oke lori Eto Isẹ, n gba ọ laaye lati ṣiṣe awọn pinpin kaakiri lọpọlọpọ ni akoko kanna.
Iyato laarin agbara LXC ati agbara agbara KVM ni pe LXC ko ṣafikun ohun elo, ṣugbọn o pin aaye orukọ kernel kanna, iru si awọn ohun elo chroot.
Eyi jẹ ki LXC jẹ ojutu ipa ipa iyara pupọ ni akawe si awọn solusan agbara ipa miiran, bii VMware.
Nkan yii yoo ṣe itọsọna fun ọ lori bawo ni o ṣe le fi sori ẹrọ, fi ranṣẹ ati ṣiṣe awọn apoti LXC lori awọn kaakiri CentOS/RHEL ati Fedora.
Eto iṣẹ ṣiṣe Linux ti n ṣiṣẹ pẹlu fifi sori ẹrọ ti o kere ju:
- Fifi sori ẹrọ ti CentOS 7 Linux
- Fifi sori ẹrọ ti RHEL 7
- Fifi sori ẹrọ ti Fedora 23 Server
Igbesẹ 1: Fifi agbara ipa LXC ṣiṣẹ ni Lainos
1. LXC agbara ipa ti pese nipasẹ awọn ibi ipamọ Epel. Lati lo repo yii, ṣii ebute kan ki o fi awọn ibi ipamọ Epel sori ẹrọ rẹ nipa fifun aṣẹ wọnyi:
# yum install epel-release
2. Ṣaaju ki o to tẹsiwaju pẹlu ilana fifi sori LXC, rii daju pe onitumọ ede Perl, ati awọn idii debootstrap ti fi sii nipasẹ ipinfunni awọn ofin isalẹ.
# yum install debootstrap perl libvirt
3. Lakotan fi ojutu ipa ipa LXC sii pẹlu aṣẹ atẹle.
# yum install lxc lxc-templates
4. Lẹhin ti a ti fi iṣẹ LXC sii, ṣayẹwo boya LXC ati libvirt daemon nṣiṣẹ.
# systemctl status lxc.service # systemctl start lxc.service # systemctl start libvirtd # systemctl status lxc.service
systemctl status lxc.service lxc.service - LXC Container Initialization and Autoboot Code Loaded: loaded (/usr/lib/systemd/system/lxc.service; disabled) Active: inactive (dead) systemctl start lxc.service systemctl status lxc.service lxc.service - LXC Container Initialization and Autoboot Code Loaded: loaded (/usr/lib/systemd/system/lxc.service; disabled) Active: active (exited) since Fri 2016-04-01 02:33:36 EDT; 1min 37s ago Process: 2250 ExecStart=/usr/libexec/lxc/lxc-autostart-helper start (code=exited, status=0/SUCCESS) Process: 2244 ExecStartPre=/usr/libexec/lxc/lxc-devsetup (code=exited, status=0/SUCCESS) Main PID: 2250 (code=exited, status=0/SUCCESS) Apr 01 02:33:06 mail systemd[1]: Starting LXC Container Initialization and Autoboot Code... Apr 01 02:33:06 mail lxc-devsetup[2244]: Creating /dev/.lxc Apr 01 02:33:06 mail lxc-devsetup[2244]: /dev is devtmpfs Apr 01 02:33:06 mail lxc-devsetup[2244]: Creating /dev/.lxc/user Apr 01 02:33:36 mail lxc-autostart-helper[2250]: Starting LXC autoboot containers: [ OK ] Apr 01 02:33:36 mail systemd[1]: Started LXC Container Initialization and Autoboot Code.
ati ṣayẹwo ipo agbara agbara ekuro LXC nipasẹ ipinfunni aṣẹ isalẹ.
# lxc-checkconfig
lxc-checkconfig Kernel configuration not found at /proc/config.gz; searching... Kernel configuration found at /boot/config-3.10.0-229.el7.x86_64 --- Namespaces --- Namespaces: enabled Utsname namespace: enabled Ipc namespace: enabled Pid namespace: enabled User namespace: enabled Network namespace: enabled Multiple /dev/pts instances: enabled --- Control groups --- Cgroup: enabled Cgroup clone_children flag: enabled Cgroup device: enabled Cgroup sched: enabled Cgroup cpu account: enabled Cgroup memory controller: enabled Cgroup cpuset: enabled --- Misc --- Veth pair device: enabled Macvlan: enabled Vlan: enabled Bridges: enabled Advanced netfilter: enabled CONFIG_NF_NAT_IPV4: enabled CONFIG_NF_NAT_IPV6: enabled CONFIG_IP_NF_TARGET_MASQUERADE: enabled CONFIG_IP6_NF_TARGET_MASQUERADE: enabled CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled --- Checkpoint/Restore --- checkpoint restore: missing CONFIG_FHANDLE: enabled CONFIG_EVENTFD: enabled CONFIG_EPOLL: enabled CONFIG_UNIX_DIAG: enabled CONFIG_INET_DIAG: enabled CONFIG_PACKET_DIAG: enabled CONFIG_NETLINK_DIAG: enabled File capabilities: enabled Note : Before booting a new kernel, you can check its configuration usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig
Igbesẹ 2: Ṣẹda ati Ṣakoso awọn Awọn apoti LXC ni Lainos
5. Lati ṣe atokọ awọn apoti awọn awoṣe LXC ti o wa tẹlẹ ti a fi sii lori eto rẹ ni aṣẹ isalẹ.
# ls -alh /usr/share/lxc/templates/
total 344K drwxr-xr-x. 2 root root 4.0K Apr 1 02:32 . drwxr-xr-x. 6 root root 100 Apr 1 02:32 .. -rwxr-xr-x. 1 root root 11K Nov 15 10:19 lxc-alpine -rwxr-xr-x. 1 root root 14K Nov 15 10:19 lxc-altlinux -rwxr-xr-x. 1 root root 11K Nov 15 10:19 lxc-archlinux -rwxr-xr-x. 1 root root 9.7K Nov 15 10:19 lxc-busybox -rwxr-xr-x. 1 root root 29K Nov 15 10:19 lxc-centos -rwxr-xr-x. 1 root root 11K Nov 15 10:19 lxc-cirros -rwxr-xr-x. 1 root root 17K Nov 15 10:19 lxc-debian -rwxr-xr-x. 1 root root 18K Nov 15 10:19 lxc-download -rwxr-xr-x. 1 root root 49K Nov 15 10:19 lxc-fedora -rwxr-xr-x. 1 root root 28K Nov 15 10:19 lxc-gentoo -rwxr-xr-x. 1 root root 14K Nov 15 10:19 lxc-openmandriva -rwxr-xr-x. 1 root root 14K Nov 15 10:19 lxc-opensuse -rwxr-xr-x. 1 root root 35K Nov 15 10:19 lxc-oracle -rwxr-xr-x. 1 root root 12K Nov 15 10:19 lxc-plamo -rwxr-xr-x. 1 root root 6.7K Nov 15 10:19 lxc-sshd -rwxr-xr-x. 1 root root 23K Nov 15 10:19 lxc-ubuntu -rwxr-xr-x. 1 root root 12K Nov 15 10:19 lxc-ubuntu-cloud
6. Ilana ti ṣiṣẹda apoti LXC jẹ irorun. Ilana sita aṣẹ lati ṣẹda apoti tuntun ti wa ni alaye ni isalẹ.
# lxc-create -n container_name -t container_template
Ninu abala isalẹ a yoo ṣẹda apoti tuntun ti a npè ni mydeb da lori awoṣe debian ti yoo fa kuro ni awọn ibi ipamọ LXC.
lxc-create -n mydcb -t debian debootstrap is /usr/sbin/debootstrap Checking cache download in /var/cache/lxc/debian/rootfs-jessie-amd64 ... Downloading debian minimal ... W: Cannot check Release signature; keyring file not available /usr/share/keyrings/debian-archive-keyring.gpg I: Retrieving Release I: Retrieving Packages I: Validating Packages I: Resolving dependencies of required packages... I: Resolving dependencies of base packages... ... ...
7. Lẹhin lẹsẹsẹ ti awọn igbẹkẹle ipilẹ ati awọn idii ti yoo gba lati ayelujara ati fi sori ẹrọ ninu eto rẹ yoo ṣẹda apoti. Nigbati ilana ba pari ifiranṣẹ kan yoo han aiyipada ọrọ igbaniwọle iroyin aiyipada rẹ. Yi ọrọ igbaniwọle yii pada ni kete ti o ba bẹrẹ ki o buwolu wọle si console eiyan lati le ni aabo.
are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
Failed to read /proc/cmdline. Ignoring: No such file or directory
invoke-rc.d: policy-rc.d denied execution of start.
Timezone in container is not configured. Adjust it manually.
Root password is 'root', please change !
Generating locales (this might take a while)...
en_IN.en_IN...character map file `en_IN' not found: No such file or directory
/usr/share/i18n/locales/en_IN:55: LC_MONETARY: unknown character in field `currency_symbol'
done
Generation complete.
8. Bayi, o le lo lxc-ls lati ṣe atokọ awọn apoti rẹ ati lxc-info lati gba alaye nipa apoti ti nṣiṣẹ/duro.
Ni ibere lati bẹrẹ eiyan tuntun ti a ṣẹda ni abẹlẹ (yoo ṣiṣẹ bi daemon nipasẹ sisọ aṣayan -d ) gbekalẹ aṣẹ atẹle:
# lxc-start -n mydeb -d
9. Lẹhin ti apoti eiyan ti bẹrẹ o le ṣe atokọ awọn apoti ti n ṣiṣẹ nipa lilo pipaṣẹ lxc-ls --active ki o gba alaye ni kikun nipa apoti ti nṣiṣẹ.
# lxc-ls --active
10. Ni ibere lati buwolu wọle si oro console eiyan naa lxc-console aṣẹ lodi si orukọ eiyan ti nṣiṣẹ. Wọle pẹlu gbongbo olumulo ati ọrọ igbaniwọle ti ipilẹṣẹ nipasẹ aiyipada nipasẹ alabojuto lxc.
Lọgan ti o wọle sinu apo eiyan o le ṣiṣe awọn ofin pupọ lati le rii daju pinpin kaakiri nipa fifihan /etc/issue.net akoonu faili, yi ọrọ igbaniwọle gbongbo nipasẹ ipinfunni passwd aṣẹ tabi wo awọn alaye nipa awọn atọkun nẹtiwọọki pẹlu ifconfig .
# lxc-console -n mydeb # cat /etc/issue.net # ifconfig # passwd
lxc-console -n mydcb
Connected to tty 1
Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself
Debian GNU/Linux 8 mydcb tty1
mydcb login: root
Password:
Last login: Fri Apr 1 07:39:08 UTC 2016 on console
Linux mydcb 3.10.0-229.el7.x86_64 #1 SMP Fri Mar 6 11:36:42 UTC 2015 x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
[email :~# cat /etc/issue.net
Debian GNU/Linux 8
[email :~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3e:d9:21:d7
inet6 addr: fe80::216:3eff:fed9:21d7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:107 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5796 (5.6 KiB) TX bytes:648 (648.0 B)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
[email :~# passwd root
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
11. Lati ya kuro ni kọnputa eiyan ki o pada si ibi idalẹnule olugbalejo rẹ, ni fifi ohun eiyan silẹ ni ipo ti nṣiṣe lọwọ, lu Ctrl + a lẹhinna q lori keyboard.
Lati da ọrọ eiyan ti n ṣiṣẹ ni aṣẹ atẹle.
# lxc-stop -n mydcb
12. Lati ṣẹda eiyan LXC ti o da lori awoṣe Ubuntu, tẹ itọsọna /usr/sbin/ ki o ṣẹda aami atẹle debootstrap.
# cd /usr/sbin # ln -s debootstrap qemu-debootstrap
13. Ṣatunkọ qemu-debootstrap faili pẹlu olootu Vi ki o rọpo awọn ila MIRROR meji wọnyi gẹgẹbi atẹle:
DEF_MIRROR=”http://mirrors.kernel.org/ubuntu” DEF_HTTPS_MIRROR=”https://mirrors.kernel.org/ubuntu”
Fun itọkasi, wo akoonu atẹle ki o gbe awọn ila meji loke bi a ti sọ:
.... MAKE_TARBALL="" EXTRACTOR_OVERRIDE="" UNPACK_TARBALL="" ADDITIONAL="" EXCLUDE="" VERBOSE="" CERTIFICATE="" CHECKCERTIF="" PRIVATEKEY="" DEF_MIRROR=”http://mirrors.kernel.org/ubuntu” DEF_HTTPS_MIRROR=”https://mirrors.kernel.org/ubuntu”
14. Lakotan ṣẹda apoti LXC tuntun ti o da lori awoṣe Ubuntu ti o fun ni aṣẹ kanna lxc-ṣẹda .
Ni kete ti ilana ti npese ohun elo Ubuntu pari ifiranṣẹ kan yoo han awọn ẹri iwọle iwọle aiyipada eiyan rẹ bi a ti ṣe apejuwe lori sikirinifoto isalẹ.
# lxc-create -n myubuntu -t ubuntu
Checking cache download in /var/cache/lxc/precise/rootfs-amd64 ... Installing packages in template: ssh,vim,language-pack-en Downloading ubuntu precise minimal ...
15. Ni ibere lati ṣẹda eiyan kan pato ti o da lori awoṣe agbegbe lo sintasi atẹle:
# lxc-create -n container_name -t container_template -- -r distro_release -a distro_architercture
Eyi ni ẹya yiyan ti ṣiṣẹda eiyan wheezy debian kan pẹlu faaji eto amd64 kan.
# lxc-create -n mywheezy -t debian -- -r wheezy -a amd64
debootstrap is /sbin/debootstrap Checking cache download in /var/cache/lxc/debian/rootfs-wheezy-amd64 ... Downloading debian minimal ... W: Cannot check Release signature; keyring file not available /usr/share/keyrings/debian-archive-keyring.gpg I: Retrieving Release I: Retrieving Packages I: Validating Packages I: Resolving dependencies of required packages... I: Resolving dependencies of base packages... I: Found additional required dependencies: insserv libbz2-1.0 libdb5.1 libsemanage-common libsemanage1 libslang2 libustr-1.0-1 I: Found additional base dependencies: adduser debian-archive-keyring gnupg gpgv isc-dhcp-common libapt-pkg4.12 libbsd0 libclass-isa-perl libedit2 libgdbm3 libgssapi-krb5-2 libk5crypto3 libkeyutils1 libkrb5-3 libkrb5support0 libncursesw5 libprocps0 libreadline6 libssl1.0.0 libstdc++6 libswitch-perl libusb-0.1-4 libwrap0 openssh-client perl perl-modules procps readline-common I: Checking component main on http://http.debian.net/debian... I: Retrieving libacl1 2.2.51-8 I: Validating libacl1 2.2.51-8 I: Retrieving adduser 3.113+nmu3 I: Validating adduser 3.113+nmu3 I: Retrieving apt 0.9.7.9+deb7u7 I: Validating apt 0.9.7.9+deb7u7 I: Retrieving libapt-pkg4.12 0.9.7.9+deb7u7 I: Validating libapt-pkg4.12 0.9.7.9+deb7u7 I: Retrieving libattr1 1:2.4.46-8 I: Validating libattr1 1:2.4.46-8 I: Retrieving base-files 7.1wheezy9 I: Validating base-files 7.1wheezy9 I: Retrieving base-passwd 3.5.26 ...
16. Fun apeere, awọn apoti kan pato fun awọn idasilẹ distro oriṣiriṣi ati awọn ayaworan ile le tun ṣẹda lati awoṣe jeneriki eyiti yoo gba lati ayelujara lati awọn ibi ipamọ LXC bi a ti ṣe apejuwe ninu apẹẹrẹ isalẹ.
# lxc-create -n mycentos6 -t download -- -d centos -r 6 -a i386
Eyi ni atokọ ti awọn iyipada laini aṣẹ lxc-ṣẹda :
-n = name -t = template -d = distibution -a = arch -r = release
17. Awọn apoti le paarẹ lati ọdọ olugbalejo rẹ pẹlu aṣẹ lxc-destro ti a gbejade lodi si orukọ eiyan kan.
# lxc-destroy -n mywheezy
18. A le ṣajọ apoti lati inu apoti ti o wa tẹlẹ nipa fifun pipaṣẹ lxc-clone :
# lxc-clone mydeb mydeb-clone
19. Ati nikẹhin, gbogbo awọn apoti ti a ṣẹda gbe ni /var/lib/lxc/ itọsọna. Ti fun idi diẹ o nilo lati ṣatunṣe pẹlu ọwọ awọn eto eiyan o gbọdọ satunkọ faili atunto lati itọsọna apoti kọọkan.
# ls /var/lib/lxc
Eyi ni awọn nkan ipilẹ ti o nilo lati mọ lati le ṣiṣẹ ọna rẹ ni ayika LXC.