Support #967
Updated by Daniel Curtis about 3 years ago
This is a simple guide for setting up and using Linux Containers on Debian. h2. Prepare the Environment * Make sure the system is up to date: <pre> sudo apt update </pre> h2. Install LXC * Install LXC; <pre> sudo apt install lxc </pre> h2. Templates h3. Arch Container * Create the container: <pre> lxc-create -n arch.example.com -t download -- --dist archlinux --release current --arch amd64 </pre> #* *NOTE* : To display a list of available templates to download, use: <pre> lxc-create -n arch.example.com -t download </pre> * Start the Arch container: <pre> lxc-start -n arch.example.com </pre> * Open a console to the container: <pre> lxc-attach -n arch.example.com </pre> h3. Debian Container * Create the container: <pre> lxc-create -n debian.example.com -t download -- -d debian -r bullseye -a amd64 </pre> * (Optional) Add the Raspbian repository on top of stock Debian repos: <pre> echo 'deb http://archive.raspbian.org/raspbian bullseye main contrib non-free rpi' >> /etc/apt/sources.list.d/raspbian.list echo 'deb-src http://archive.raspbian.org/raspbian bullseye main contrib non-free rpi' >> /etc/apt/sources.list.d/raspbian.list </pre> #* And add the Raspbian public signing key: <pre> wget https://archive.raspbian.org/raspbian.public.key -O - | sudo apt-key add - </pre> #* Update the apt repository cache and upgrade any necessary files: <pre> apt update && apt upgrade </pre> * (Optional) Add the Wolfram Alpha repository: <pre> echo 'deb http://repository.wolfram.com/raspbian/ stable non-free' >> /etc/apt/sources.list.d/wolfram.list </pre> #* And add the Wolfram public signing key: <pre> apt-key adv —keyserver http://repository.wolfram.com/raspbian/raspbian@wolfram.com.gpg.pub-key —recv-keys 574FA74E5CBB4222 </pre> #* Update the apt repository cache and upgrade any necessary files: <pre> apt update && apt upgrade </pre> #* Install wolfram: <pre> apt-get install wolfram-engine mathelxc-create -n kali.example.com -t kali-arm -- --release sana --mirror=http://archive.kali.org/kali --security=http://security.kali.org/kali-security --packages=apt-utils,wget,debian-keyring,e2fsprogs,kali-defaults,kali-menu,parted,sudo,usbutilsmatica-fonts </pre> h3. Ubuntu Container * Create the container: <pre> lxc-create -n ubuntu.example.com -t download -- -d ubuntu -r focal -a amd64 </pre> h3. Fedora Container * Create the container: <pre> lxc-create -n fedora.example.com -t download -- -d fedora -r 34 -a amd64 </pre> h2. Autostarting Containers * Enable container at boot: <pre> sudo systemctl enable lxc@containtername </pre> h2. Exposing Network Services * Install iptables <pre> sudo apt install iptables iptables-persistent </pre> * (Example) Forward port 2222 on host to 22 on container: <pre> sudo iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to 10.0.3.3:22 </pre> * Save the current iptables rules: <pre> sudo -s iptables-save > /etc/iptables/rules.v4 </pre> * Enable iptables to reload at boot: <pre> sudo systemctl enable netfilter-persistent </pre> h2. Issues & Workarounds * Container fails to download with @ERROR: Unable to fetch GPG key from keyserver@. Resolve by using the DOWNLOAD_KEYSERVER environment variable: <pre> DOWNLOAD_KEYSERVER="pgp.mit.edu" lxc-create -n arch.example.com -t download -- --dist archlinux --release current --arch amd64 </pre> h2. Resources * https://gudok.xyz/lxcdeb/ * https://discuss.linuxcontainers.org/t/3-0-unable-to-fetch-gpg-key-from-keyserver/2015/10