Project

General

Profile

Support #967

Updated by Daniel Curtis 4 months ago

This is a simple guide for setting up and using Linux Containers on Debian. 

 h2. Prepare the Environment 

 * Make sure the system is up to date: 
 <pre> 
 sudo apt update 
 </pre> 

 h2. Install LXC 

 * Install LXC; 
 <pre> 
 sudo apt install lxc 
 </pre> 

 h2. Templates 

 h3. Arch Container 

 * Create the container: 
 <pre> 
 lxc-create -n arch.example.com -t download -- --dist archlinux --release current --arch amd64 
 </pre> 
 #* *NOTE* : To display a list of available templates to download, use: 
 <pre> 
 lxc-create -n arch.example.com -t download 
 </pre> 

 * Start the Arch container: 
 <pre> 
 lxc-start -n arch.example.com 
 </pre> 

 * Open a console to the container: 
 <pre> 
 lxc-attach -n arch.example.com 
 </pre> 

 h3. Debian Container 

 * Create the container: 
 <pre> 
 lxc-create -n debian.example.com -t download -- -d debian -r bullseye -a amd64 
 </pre> 

 * (Optional) Add the Raspbian repository on top of stock Debian repos: 
 <pre> 
 echo 'deb http://archive.raspbian.org/raspbian bullseye main contrib non-free rpi' >> /etc/apt/sources.list.d/raspbian.list 
 echo 'deb-src http://archive.raspbian.org/raspbian bullseye main contrib non-free rpi' >> /etc/apt/sources.list.d/raspbian.list 
 </pre> 
 #* And add the Raspbian public signing key: 
 <pre> 
 wget https://archive.raspbian.org/raspbian.public.key -O - | sudo apt-key add - 
 </pre> 
 #* Update the apt repository cache and upgrade any necessary files: 
 <pre> 
 apt update && apt upgrade 
 </pre> 

 * (Optional) Add the Wolfram Alpha repository: 
 <pre> 
 echo 'deb http://repository.wolfram.com/raspbian/ stable non-free' >> /etc/apt/sources.list.d/wolfram.list 
 </pre> 
 #* And add the Wolfram public signing key: 
 <pre> 
 apt-key adv —keyserver http://repository.wolfram.com/raspbian/raspbian@wolfram.com.gpg.pub-key —recv-keys 574FA74E5CBB4222 
 </pre> 
 #* Update the apt repository cache and upgrade any necessary files: 
 <pre> 
 apt update && apt upgrade 
 </pre> 
 #* Install wolfram: 
 <pre> 
 apt-get install wolfram-engine mathelxc-create -n kali.example.com -t kali-arm -- --release sana --mirror=http://archive.kali.org/kali --security=http://security.kali.org/kali-security --packages=apt-utils,wget,debian-keyring,e2fsprogs,kali-defaults,kali-menu,parted,sudo,usbutilsmatica-fonts 
 </pre> 

 h3. Ubuntu Container 

 * Create the container: 
 <pre> 
 lxc-create -n ubuntu.example.com -t download -- -d ubuntu -r focal -a amd64 
 </pre> 

 h3. Fedora Container 

 * Create the container: 
 <pre> 
 lxc-create -n fedora.example.com -t download -- -d fedora -r 34 -a amd64 
 </pre> 

 h2. Autostarting Containers 

 * Enable container at boot: 
 <pre> 
 sudo systemctl enable lxc@containtername 
 </pre> 

 h2. Exposing Network Services 

 * Install iptables 
 <pre> 
 sudo apt install iptables iptables-persistent 
 </pre> 

 * (Example) Forward port 2222 on host to 22 on container: 
 <pre> 
 sudo iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to 10.0.3.3:22 
 </pre> 

 * Save the current iptables rules: 
 <pre> 
 sudo sh -c "iptables-save -s 
 iptables-save > /etc/iptables/rules.v4" /etc/iptables/rules.v4 
 </pre> 

 * Enable iptables to reload at boot: 
 <pre> 
 sudo systemctl enable netfilter-persistent 
 </pre> 

 h2. Issues & Workarounds 

 * Container fails to download with @ERROR: Unable to fetch GPG key from keyserver@. Resolve by using the DOWNLOAD_KEYSERVER environment variable: 
 <pre> 
 DOWNLOAD_KEYSERVER="pgp.mit.edu" lxc-create -n arch.example.com -t download -- --dist archlinux --release current --arch amd64 
 </pre> 

 h2. Resources 

 * https://gudok.xyz/lxcdeb/ 
 * https://discuss.linuxcontainers.org/t/3-0-unable-to-fetch-gpg-key-from-keyserver/2015/10

Back