Using Linux Containers (LXC) on Slackware
Published: 2021-01-21 | Last Updated: 2021-02-06 | ~5 Minute Read
Ever since I started learning about containerized technologies and started playing with them I have been curious to know more about LXC.
This technology is not as popular as other containerization technologies, like Docker for example, however I think it’s worth exploring given the fact that its main dependency is the Linux kernel itself, so I thought I’d take a look at how it’s used on Slackware.
Using LXC is already well documented in the Slackware documentation, so it should be fairly straight forward.
I will be using a system with the following specs for reference:
root@server:~ # cat /proc/cpuinfo | grep "model name" | uniq model name : Intel(R) Celeron(R) CPU J1800 @ 2.41GHz root@server:~ # uname -r 5.10.4 root@server:~ # cat /proc/cpuinfo | grep "model name" | uniq model name : Intel(R) Celeron(R) CPU J1800 @ 2.41GHz root@server:~ # free -h | grep -E "Mem|total" | cut -d " " -f 11,15 total 7.7Gi
First I created the network bridge:
root@server:~ # touch /etc/default/lxc-net root@server:~ # echo USE_LXC_BRIDGE=\"true\" > /etc/default/lxc-net
Then started the service:
root@server:~ # /usr/libexec/lxc/lxc-net start
Then confirmed that the network interface had come up as expected:
root@server:~ # ifconfig lxcbr0 lxcbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 10.0.3.1 netmask 255.255.255.0 broadcast 0.0.0.0 ether 00:16:3e:00:00:00 txqueuelen 1000 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
With the network ready, I simply executed the following command to create a container:
root@server:~ # release=14.2 MIRROR=http://mirrors.us.kernel.org/slackware lxc-create -n slack-nginx -t slackware -f /root/lxc-conf/slack-nginx.conf
/root/lxc-conf/slack-nginx.conf file contains the following:
lxc.network.type = veth lxc.network.flags = up lxc.network.link = lxcbr0
That began the container creation with the packages specified in
/usr/share/lxc/templates/lxc-slackware which took about 4 minutes.
At the end of the creation process we see:
Configuring... Adding an etc/fstab that must be modified later with the full path of the container's rootfs if you decide to move it. Root default password is 'root', please change it! Copying rootfs to /var/lib/lxc/slack-nginx/rootfs...
We can confirm the successful creation of the container by checking in
root@server:~ # ls /var/lib/lxc slack-nginx/
Now we can start our container as follows:
root@server:~ # lxc-start -n slack-nginx
We can confirm the state of the container now:
root@server:~ # lxc-ls --fancy NAME STATE AUTOSTART GROUPS IPV4 IPV6 slack-nginx RUNNING 0 - - -
We are still missing an IP address assignment so we connect to the container:
root@server:~ # lxc-console -n slack-nginx Connected to tty 1 Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself Welcome to Linux 5.10.4 (tty1) slack-nginx login: root Password: Linux 5.10.4. You have mail. root@slack-nginx:~#
This gives us access to the console as the
root user. We can now perform the necessary network configuration:
root@server:~ # vi /etc/rc.d/rc.inet1.conf
We updated the
USE_DHCP field to say
yes and saved the file.
Now we exit the shell by pressing
<Ctrl-a> + q and then we restart the container:
root@server:~ # lxc-stop -n slack-nginx root@server:~ # lxc-start -n slack-nginx
And now we can confirm that we have an IP address assigned successfully:
root@server:~ # lxc-ls --fancy NAME STATE AUTOSTART GROUPS IPV4 IPV6 slack-nginx RUNNING 0 - 10.0.3.241 -
Just to be sure we’ll access the container again and make sure we can get out to the internet:
root@omega-dev:~ # lxc-console -n slack-nginx Connected to tty 1 Type <Ctrl+a q> to exit the console, <Ctrl+a Ctrl+a> to enter Ctrl+a itself Welcome to Linux 5.10.4 (tty1) slack-nginx login: root Password: Linux 5.10.4. Last login: Thu Jan 21 16:16:33 +0000 2021 on /dev/tty1. You have mail. root@slack-nginx:~# slackpkg update gpg Downloading http://mirrors.us.kernel.org/slackware/slackware64-14.2/GPG-KEY... --2021-01-21 16:17:52-- http://mirrors.us.kernel.org/slackware/slackware64-14.2/GPG-KEY Resolving mirrors.us.kernel.org... 184.108.40.206, 2001:19d0:306:6:0:1994:3:14 Connecting to mirrors.us.kernel.org|220.127.116.11|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 1572 (1.5K) [text/plain] Saving to: '/tmp/slackpkg.VjDrtZ/gpgkey' /tmp/slackpkg.VjDrtZ/gpgkey 100%[===============================================>] 1.54K --.-KB/s in 0s 2021-01-21 16:17:52 (90.9 MB/s) - '/tmp/slackpkg.VjDrtZ/gpgkey' saved [1572/1572] Slackware Linux Project's GPG key added root@slack-nginx:~#
Excellent, so we’ve made our very own Slackware Linux container inside Slackware. We could now install any packages we like individually or perform a full Slackware installation with
slackpkg install slackware64 from inside the container.
Container Resource Usage
So what’s so good about LXC or containers in general? Now that we have created our container we can check to see the amount of resources it takes the host system to run this container:
We can check how much space the container takes on the host system:
root@server:~ # du -hs /var/lib/lxc/slack-nginx/ 211M /var/lib/lxc/slack-nginx/
Of course as you add packages to to the container it will increase its total size on the host, however a 211 MB starting point is pretty good.
We can also see the actual resource usage of the container with the output from
Container CPU CPU CPU BlkIO Mem KMem Name Used Sys User Total Used Used slack-nginx 0.90 0.51 0.37 112.00 KiB 2.60 MiB 920.00 KiB TOTAL 1 of 1 0.90 0.51 0.37 112.00 KiB 2.60 MiB 920.00 KiB
I will be exploring additional configuration changes in future posts to see how much more LXC can do.
I’m definitely excited about this as it is much simpler than creating a virtual machine and also uses much less resources on the host system.
I will be playing more with LXC as time goes on but for now a simple installation is what I wanted to share and we’ll build upon that in the future.