Support #576
Updated by Daniel Curtis almost 10 years ago
{{>toc}}
This is a simple guide for setting up and using Linux Containers on Arch Linux.
h2. Prepare the System
h3. Set Up The Network
* Remove systemd-networkd:
<pre>
pacman -R systemd-networkd
</pre>
* Install netctl:
<pre>
pacman -S netctl
</pre>
* Create a wired connection:
<pre>
cp /etc/netctl/examples/ethernet-static /etc/netctl/wired
</pre>
* Edit the /etc/netctl/wired to match your needs.
<pre>
nano /etc/netctl/wired
</pre>
#* Add/modify the following:
<pre>
Description='Ethernet Connection'
Interface=eth0
Connection=ethernet
IP=static
Address=('192.168.1.100/24')
Gateway='192.168.1.1'
DNS=('192.168.1.1')
</pre>
* Start and enable the wired connection at boot:
<pre>
netctl enable wired
</pre>
h3. Install yaourt
* Download the packages for yaourt:
<pre>
cd /tmp
wget https://aur.archlinux.org/packages/pa/package-query/package-query.tar.gz && wget https://aur.archlinux.org/packages/ya/yaourt/yaourt.tar.gz
tar xzf *.tgz
</pre>
#* Install package-query:
<pre>
cd package-query
makepkg -csi
</pre>
#* Install yaourt
<pre>
cd ../yaourt
makepkg -csi
</pre>
h3. Install Prerequisites
* Install bridge-utils and arch-install-scripts:
<pre>
pacman -S bridge-utils arch-install-scripts
</pre>
* Install debootstrap from AUR:
<pre>
yaourt debootstrap
</pre>
* Install debian-archive-keyring:
<pre>
yaourt debian-archive-keyring
</pre>
* Install ubuntu-keyring:
<pre>
yaourt ubuntu-keyring
</pre>
* Test that the system is correctly configured
<pre>
lxc-checkconfig
</pre>
#* The output should be similar to:
<pre>
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: missing
Network namespace: enabled
Multiple /dev/pts instances: enabled
--- Control groups ---
Cgroup: enabled
Cgroup clone_children flag: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
File capabilities: enabled
</pre>
* Disable the wired profile:
<pre>
netctl disable wired
</pre>
* Bridge Internet-shared - This example will bridge network interface eth0 and configure a static IP for the bridge:
<pre>
nano /etc/netctl/lxcbridge
</pre>
#* And add/modify the following:
<pre>
Description="LXC Bridge"
Interface=br0
Connection=bridge
BindsToInterfaces=(eth0)
IP=static
Address=192.168.1.100/24
Gateway=192.168.1.1
DNS=192.168.1.1
SkipForwardingDelay=yes
</pre>
* After changes are made, make sure to re-enable and restart the bridge:
<pre>
netctl reenable lxcbridge
netctl restart lxcbridge
</pre>
* Enable IP Forwarding persist at boot:
<pre>
echo 'net.ipv4.ip_forward=1' >> /etc/sysctl.d/40-ip-forward.conf
</pre>
* And also apply this iptables rule:
<pre>
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
</pre>
#* To make changes persist upon reboot:
<pre>
iptables-save > /etc/iptables/iptables.rules
systemctl enable iptables
systemctl start iptables
</pre>
h2. Container setup
To find all available templates that come with LXC, look in @/usr/share/lxc/templates@ directory:
<pre>
ls /usr/share/lxc/templates
</pre>
#* _Example output:_
<pre>
lxc-alpine lxc-altlinux lxc-archlinux lxc-busybox lxc-centos lxc-cirros lxc-debian lxc-download lxc-fedora lxc-gentoo lxc-openmandriva lxc-opensuse lxc-oracle lxc-plamo lxc-sshd lxc-ubuntu lxc-ubuntu-cloud
</pre>
h3. Arch Container
* Create the container:
<pre>
lxc-create -n arch.example.com -t archlinux
</pre>
* Edit the Arch Linux container config file:
<pre>
nano /var/lib/lxc/arch.example.com/config
</pre>
#* And add/modify the following:
<pre>
# Parameters passed to the template:
# For additional config options, please look at lxc.container.conf(5)
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
#lxc.network.hwaddr =
lxc.network.ipv4 = 192.168.1.101
lxc.network.ipv4.gateway = 192.168.1.1
lxc.network.name = eth0
lxc.rootfs = /var/lib/lxc/arch.example.com/rootfs
lxc.utsname = arch.example.com
lxc.arch = armv6l
lxc.include = /usr/share/lxc/config/archlinux.common.conf
</pre>
* Start the Arch container:
<pre>
lxc-start -n arch.example.com
</pre>
* Open a console:
<pre>
lxc-console -n arch.example.com
</pre>
#* Log in as *root* and change the password:
<pre>
passwd
</pre>
* While the console to the container is open, install openssh
<pre>
pacman -S openssh
</pre>
#* Start and enable openssh at boot:
<pre>
systemctl enable sshd.service
systemctl start sshd.service
</pre>
* Create a wired connection:
<pre>
cp /etc/netctl/examples/ethernet-static /etc/netctl/wired
</pre>
* Edit the /etc/netctl/wired to match your needs.
<pre>
nano /etc/netctl/wired
</pre>
#* Add/modify the following:
<pre>
Description='Ethernet Connection'
Interface=eth0
Connection=ethernet
IP=static
Address=('192.168.1.101/24')
Gateway=('192.168.1.1')
DNS=('192.168.1.1')
</pre>
* Start and enable the wired connection at boot:
<pre>
netctl enable wired
</pre>
h3. Raspbian Container
* Copy the existing Debian LXC template:
<pre>
cp /usr/share/lxc/templates/lxc-debian /usr/share/lxc/templates/lxc-raspbian
</pre>
* Edit the Raspbian LXC template:
<pre>
nano /usr/share/lxc/templates/lxc-raspbian
</pre>
#* And modify the following parameters:
<pre>
MIRROR=${MIRROR:-http://archive.raspbian.org/raspbian}
#...
arch='armhf'
debootstrap --verbose --variant=minbase --arch=$arch --no-check-gpg
</pre>
#* *NOTE*: The MIRROR variable is set to Rasbian repositories at http://archive.raspbian.org/raspbian
#* *NOTE*: The arch variable is set to *armhf*
#* *NOTE*: The debootstrap command has the added *@--no-check-gpg argument@*
* Create the container:
<pre>
lxc-create -n raspbian.example.com -t raspbian
</pre>
* Edit the Raspbian container config file:
<pre>
nano /var/lib/lxc/raspbian.example.com/config
</pre>
#* And add/modify the following:
<pre>
# Parameters passed to the template:
# For additional config options, please look at lxc.container.conf(5)
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
#lxc.network.hwaddr =
lxc.network.ipv4 = 192.168.1.102
lxc.network.ipv4.gateway = 192.168.1.1
lxc.network.name = eth0
lxc.rootfs = /var/lib/lxc/raspbian.example.com/rootfs
lxc.utsname = raspbian.example.com
lxc.arch = armv6l
lxc.include = /usr/share/lxc/config/debian.common.conf
</pre>
* Start the containter:
<pre>
lxc-start -n raspbian.example.com
</pre>
h2. Resources
* https://wiki.archlinux.org/index.php?title=Linux_Containers&redirect=no