In my previous post, I installed and set up a new base system in the living room computer. This time, I will begin looking at containers to hold the different user systems.
There exist many more detailed explanations online, but a container is basically a way to run a system within another system. It differs from a VM, which also does that, in that the kernel is shared. All other parts of the system, like libraries, are kept separate from other containers.
Containers are usually used either for running individual applications or to hold a whole system. In the former case, people generally use Docker, while LXD is more suited to the latter case. I will use LXD, following this guide.
I already have the packages
lxd-client, so the next step is intializing with
sudo lxd init. Since I don’t know what I’m doing yet, I choose the default answers to all questions.
I launch a container:
administrator@the-big-one:~$ lxc launch ubuntu:18.04 test-system
This fetches an image from the preconfigured remote “ubuntu” and starts a container. I can log in to it with:
administrator@the-big-one:~$ lxc exec test-system -- bash root@test-system:~#
And now I can begin configuring it. If I want to try out some new configuration, I can just take a snapshot of the system, and then restore it if I broke something:
administrator@the-big-one:~$ lxc snapshot test-system v1 ... administrator@the-big-one:~$ lxc restore test-system v1
The default user is
ubuntu, and I get network access out of the box. The name resolution doesn’t work properly though, even if I turn on LLMNR here too.
Instead of using a bridge, I will try to expose the containers directly on the LAN with macvlan. This guide is helpful. I change the default profile to use macvlan:
administrator@the-big-one:~$ lxc profile device set default eth0 nictype macvlan administrator@the-big-one:~$ lxc profile device set default eth0 parent enp3s0
I ran into some problems because an earlier solution I tried wasn’t cleared properly, but a reboot fixed that. I just need to remember to enable LLMNR if I create a new container from the base
Once I have copied over my key, I can log in from my desktop.
The last remaining problem is that the container cannot access the host (or vice-versa) over the network. I try to solve that for a day but decide it’s not worth it. If I want to log in to a container from the server I can use
lxc exec, and if I want to fiddle with the host I probably should not do that from within the container.
That’s it for today. Next time, I will install a basic desktop environment and try to access it via NoMachine.