Support #967
Linux Containers on Debian
Description
This is a simple guide for setting up and using Linux Containers on Debian.
Prepare the Environment¶
- Make sure the system is up to date:
sudo apt update
Install LXC¶
- Install LXC;
sudo apt install lxc
Templates¶
Arch Container¶
- Create the container:
lxc-create -n arch.example.com -t download -- --dist archlinux --release current --arch amd64
- NOTE : To display a list of available templates to download, use:
lxc-create -n arch.example.com -t download
- NOTE : To display a list of available templates to download, use:
- Start the Arch container:
lxc-start -n arch.example.com
- Open a console to the container:
lxc-attach -n arch.example.com
Debian Container¶
- Create the container:
lxc-create -n debian.example.com -t download -- -d debian -r bullseye -a amd64
- (Optional) Add the Raspbian repository on top of stock Debian repos:
echo 'deb http://archive.raspbian.org/raspbian bullseye main contrib non-free rpi' >> /etc/apt/sources.list.d/raspbian.list echo 'deb-src http://archive.raspbian.org/raspbian bullseye main contrib non-free rpi' >> /etc/apt/sources.list.d/raspbian.list
- And add the Raspbian public signing key:
wget https://archive.raspbian.org/raspbian.public.key -O - | sudo apt-key add -
- Update the apt repository cache and upgrade any necessary files:
apt update && apt upgrade
- And add the Raspbian public signing key:
- (Optional) Add the Wolfram Alpha repository:
echo 'deb http://repository.wolfram.com/raspbian/ stable non-free' >> /etc/apt/sources.list.d/wolfram.list
- And add the Wolfram public signing key:
apt-key adv —keyserver http://repository.wolfram.com/raspbian/raspbian@wolfram.com.gpg.pub-key —recv-keys 574FA74E5CBB4222
- Update the apt repository cache and upgrade any necessary files:
apt update && apt upgrade
- Install wolfram:
apt-get install wolfram-engine mathelxc-create -n kali.example.com -t kali-arm -- --release sana --mirror=http://archive.kali.org/kali --security=http://security.kali.org/kali-security --packages=apt-utils,wget,debian-keyring,e2fsprogs,kali-defaults,kali-menu,parted,sudo,usbutilsmatica-fonts
- And add the Wolfram public signing key:
Ubuntu Container¶
- Create the container:
lxc-create -n ubuntu.example.com -t download -- -d ubuntu -r focal -a amd64
Fedora Container¶
- Create the container:
lxc-create -n fedora.example.com -t download -- -d fedora -r 34 -a amd64
Autostarting Containers¶
- Enable container at boot:
sudo systemctl enable lxc@containtername
Exposing Network Services¶
- Install iptables
sudo apt install iptables iptables-persistent
- (Example) Forward port 2222 on host to 22 on container:
sudo iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to 10.0.3.3:22
- Save the current iptables rules:
sudo sh -c "iptables-save > /etc/iptables/rules.v4"
- Enable iptables to reload at boot:
sudo systemctl enable netfilter-persistent
Issues & Workarounds¶
- Container fails to download with
ERROR: Unable to fetch GPG key from keyserver
. Resolve by using the DOWNLOAD_KEYSERVER environment variable:DOWNLOAD_KEYSERVER="pgp.mit.edu" lxc-create -n arch.example.com -t download -- --dist archlinux --release current --arch amd64
Resources¶
Updated by Daniel Curtis over 2 years ago
- % Done changed from 0 to 100
- Status changed from New to Resolved
- Description updated (diff)