Table of Contents |
---|
Note |
---|
This article is now too long. I need to split it up. |
Introduction
Below image shows the key difference between traditional virtualization and containers,
...
LXC is in between a VM and a pure application container. It will take up more resources than a pure container, but unlike a VM use as much memory as needed. It will provide a full kernel and OS (albeit it must be Linux). Unlike a VM, LXD LXC container will have access to the resources and speed of the hardware without needing to emulate hardware. If you are interested in Docker or Cloud, not
Some additional benefits,
- Understand Cloud - Many of the concepts here help you understand foundationally how Cloud works. There is also value in then using LXD to learn how to build your own bare metal, orchestrated Cloud infrastructure using technologies like Kubernetes.
- Half Step to Docker - Many people have explored Docker, but not yet ready to give up
...
- their ssh console
...
- . start here. Learning LXC, you'll also really understand how Cloud Foundry, Docker and generally Cloud
...
- concepts actually works.
- Understand Cloud Foundry - LXC is wrapped by Warden and the foundation for Cloud Foundry.
And for those who are debating Docker versus LXC, they are similar but do have distinguishing use cases.
Panel |
---|
What about LXD? LXD is another higher level layer on top of LXC that is more orchestration friendly. The key enablement for orchestration is remote API calls and higher level functions. LXD still uses LXC under the hoods. As of Oct 2016, LXD 2.0 is now available and hooking up with orchestration via Juju. This tutorial was originally written before LXD was ready for production and evolved to be the precursor to the LXD tutorial. |
...
In other words, containers exist within a private network, may see each other, pull network data to whatever the host can access, but nothing outside aside from the host itself will see these servers. A good analogy is your home network behind 1 public IP given on your service provider router.. Your desktops can see each other, pull data from the Internet, but the Internet cannot see your systems.
Of course, you may expose containers to the hosts's network.
Enabling LXC DNS Resolution
...
Specify static IPs per container name (you can also use the container's mac address in situations of multiple network interfaces) (I have not tried or tested yet). To avoid conflicts, make sure the static IP addresses are outside of the range specified in /etc/default/lxc-net. In case of multiple ip addresses look at LXC Advanced Networking.
You need to shutdown your containers and then restart the Host OS or flush the DNS Mask,
...
The nice thing about this approach is that the servers within the private network can see each other by assigned hostname. Try pinging by hostname and it will respond correctly. In the case two network cards though, there is some routing work that I have yet to figure out.
...
Containers may also be made available on the larger network which is covered in 5.1 LXC with Advanced Networking - Exposing Containers to the Network.
Start Container
This starts the container as a process,
...
You can't at this moment (March 2016) and I understand this is because it is a shared kernel issue. Solaris does not allow this either if I recall.
Instead use your host to mount your network folder and then share your host folder as described in the next section.
...
Then follow-up with installing the proper dependencies, but not sure if I need to install in the host... need to try this out in a VM.
Setup Name Resolution on Host
The containers know each other by name. However, the host has no awareness. This should be resolvable by adjusting the DNS resolution. However, first check if this is an issue that's already resolved in later implementations of Ubuntu (I think 17 has it solved) and also if LXD resolves this automatically.
References
Good overview of lxc - https://www.flockport.com/lxc-vs-docker/
...
Running X Windows in LXC - http://unix.stackexchange.com/questions/18003/linux-lxc-deploying-images-with-tiniest-possible-x11
Good overview of namespaces and resource groups used to power container technology - https://content.pivotal.io/blog/cloud-foundrys-container-technology-a-garden-overview
LXC and LXD using host bridge - https://insights.ubuntu.com/2015/11/10/converting-eth0-to-br0-and-getting-all-your-lxc-or-lxd-onto-your-lan/