Setting up the first container with macvlan

In my previous post, I installed and set up a new base system in the living room computer. This time, I will begin looking at containers to hold the different user systems.

There exist many more detailed explanations online, but a container is basically a way to run a system within another system. It differs from a VM, which also does that, in that the kernel is shared. All other parts of the system, like libraries, are kept separate from other containers.

Containers are usually used either for running individual applications or to hold a whole system. In the former case, people generally use Docker, while LXD is more suited to the latter case. I will use LXD, following this guide.

I already have the packages lxd and lxd-client, so the next step is intializing with sudo lxd init. Since I don’t know what I’m doing yet, I choose the default answers to all questions.

I launch a container:

administrator@the-big-one:~$ lxc launch ubuntu:18.04 test-system

This fetches an image from the preconfigured remote “ubuntu” and starts a container. I can log in to it with:

administrator@the-big-one:~$ lxc exec test-system -- bash
root@test-system:~#

And now I can begin configuring it. If I want to try out some new configuration, I can just take a snapshot of the system, and then restore it if I broke something:

administrator@the-big-one:~$ lxc snapshot test-system v1
...
administrator@the-big-one:~$ lxc restore test-system v1

The default user is ubuntu, and I get network access out of the box. The name resolution doesn’t work properly though, even if I turn on LLMNR here too.

Instead of using a bridge, I will try to expose the containers directly on the LAN with macvlan. This guide is helpful. I change the default profile to use macvlan:

administrator@the-big-one:~$ lxc profile device set default eth0 nictype macvlan
administrator@the-big-one:~$ lxc profile device set default eth0 parent enp3s0

I ran into some problems because an earlier solution I tried wasn’t cleared properly, but a reboot fixed that. I just need to remember to enable LLMNR if I create a new container from the base ubuntu image.

Once I have copied over my key, I can log in from my desktop.

The last remaining problem is that the container cannot access the host (or vice-versa) over the network. I try to solve that for a day but decide it’s not worth it. If I want to log in to a container from the server I can use lxc exec, and if I want to fiddle with the host I probably should not do that from within the container.

That’s it for today. Next time, I will install a basic desktop environment and try to access it via NoMachine.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s