07/09/2023, 23:04 Containers - LXC | Ubuntu

Search on Server Docs Submit

https://ubuntu.com/server/docs/containers-lxc 1/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

lxc:///

lxc

sudo apt install lxc

sudo lxc-create --template download --name u1

sudo lxc-create -t download -n u1

https://ubuntu.com/server/docs/containers-lxc 2/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

sudo lxc-create -t download -n u1 -- --dist ubuntu --release DISTRO-SHORT-CODENAME --arch amd64

sudo lxc-create -t download -n u1 -- -d ubuntu -r DISTRO-SHORT-CODENAME -a amd64

lxc-ls lxc-info lxc-start

lxc-stop lxc-attach lxc-console
lxc-destroy

sudo lxc-ls --fancy

sudo lxc-start --name u1 --daemon
sudo lxc-info --name u1
sudo lxc-stop --name u1
sudo lxc-destroy --name u1

/proc/self/uid_map /proc/self/gid_map 0
0 4294967295
/etc/subuid
/etc/subgid

usermod

sudo usermod -v 100000-200000 -w 100000-200000 user1

newuidmap newgidmap uidmap

grep $USER /etc/subuid

grep $USER /etc/subgid

mkdir -p ~/.config/lxc
echo "lxc.id_map = u 0 100000 65536" > ~/.config/lxc/default.conf
echo "lxc.id_map = g 0 100000 65536" >> ~/.config/lxc/default.conf
echo "lxc.network.type = veth" >> ~/.config/lxc/default.conf
echo "lxc.network.link = lxcbr0" >> ~/.config/lxc/default.conf
echo "$USER veth lxcbr0 2" | sudo tee -a /etc/lxc/lxc-usernet

https://ubuntu.com/server/docs/containers-lxc 3/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

lxc-create -t download -n u1 -- -d ubuntu -r DISTRO-SHORT-CODENAME -a amd64

lxc-start -n u1 -d
lxc-attach -n u1
lxc-stop -n u1
lxc-destroy -n u1

lxc.mount.auto = cgroup
lxc.aa_profile = lxc-container-default-with-nesting

/etc/lxc
~/.config/lxc

lxc.conf

default.conf

lxc-usernet.conf

lxc.conf default.conf /etc/lxc $HOME/.config/lxc lxc-usernet.conf

https://ubuntu.com/server/docs/containers-lxc 4/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

shutdown

/etc/lxc/dnsmasq.conf

dhcp-host=lxcmail,10.0.3.100
dhcp-host=ttrss,10.0.3.101

iptables

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 587 -j DNAT \

--to-destination 10.0.3.100:587

lxc.network.type = veth
lxc.network.link = br0

lxc-ls --fancy
lxc-info -i -H -n C1
/etc/dnsmasq.conf

server=/lxc/10.0.3.1

C1.lxc

ping C1
ssh C1

lxc.conf(5)
/usr/share/doc/lxc/examples/

/etc/init/lxc-net.conf: /etc/default/lxc-net
USE_LXC_BRIDGE

/etc/init/lxc.conf

/etc/default/lxc

/etc/init/lxc-instance.conf /etc/init/lxc.conf

https://ubuntu.com/server/docs/containers-lxc 5/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

/var/lib/lxc/C1/rootfs
~/.local/share/lxc/C1/rootfs lxc.system.com
$lxcpath/C1/rootfs

overlayfs:/var/lib/lxc/C1/rootfs:/var/lib/lxc/C2/delta0

/var/lib/lxc/C1/rootfs

lxc-create

/usr/share/lxc/templates

debootstrap

lxc-create
lxc-create

lxc-create --template ubuntu --name c1 --bdev loop -- --release DISTRO-SHORT-CODENAME

lxc-create

lxc-create --template download --help

/etc/lxc/auto

https://ubuntu.com/server/docs/containers-lxc 6/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

lxc.start.auto = 1
lxc.start.delay = 5

/proc/sysrq-trigger
/sys

usr.bin.lxc-start lxc-start lxc-start

init
LXC lxc-container-default
/etc/apparmor.d/lxc/lxc-default

lxc-execute

lxc-start

sudo apparmor_parser -R /etc/apparmor.d/usr.bin.lxc-start

sudo ln -s /etc/apparmor.d/usr.bin.lxc-start /etc/apparmor.d/disabled/

lxc-start
usr.bin.lxc-start

lxc.aa_profile = unconfined

lxc.aa_profile = lxc-container-default-with-nesting

/etc/apparmor.d/lxc/lxc-default-with-nesting

mount fstype=cgroup -> /sys/fs/cgroup/**,

https://ubuntu.com/server/docs/containers-lxc 7/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

/sys /proc

proc sys

/etc/apparmor.d/lxc/ lxc- lxc-start

lxc-default
/etc/apparmor.d/abstractions/lxc/container-base

sudo apparmor_parser -r /etc/apparmor.d/lxc-containers

/etc/apparmor.d/lxc-containers CN lxc-CN-profile

lxc.aa_profile = lxc-CN-profile

/lxc/CN

CN
/usr/1000.user/1.session/CN

/sys/fs/cgroup/cgmanager/sock

lxc.mount.auto = cgroup

/sys/fs/cgroup/cgmanager

/sys/fs/cgroup/cgmanager /sys/fs/cgroup/cgmanager.lower
/sys/fs/cgroup/cgmanager/sock

https://ubuntu.com/server/docs/containers-lxc 8/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

lxc-clone

/var/lib/lxc/C1/rootfs

/var/lib/lxc/C2/delta0

sudo lxc-clone -o C1 -n C2

sudo lxc-clone -s -o C1 -n C2

sudo lxc-snapshot -n C1

lxc-snapshot -L -n C1
lxc-snapshot -r snap1 -n C1

https://ubuntu.com/server/docs/containers-lxc 9/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

lxc-clone -s -o C1 -n C2
lxc-start -n C2 -d # make some changes
lxc-stop -n C2
lxc-snapshot -n C2
lxc-start -n C2 # etc

lxc-start-ephemeral -o C1

pivot_root

lxc.container.conf(5)

/dev/console
lxc-start
/dev/console lxc-start
lxc.tty
/dev/ttyN

sudo lxc-console -n container -t 3

https://ubuntu.com/server/docs/containers-lxc 10/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

-t N
Ctrl-a q
lxc-start -d

/dev/ttyN /dev/console
4:N

/dev

sudo lxc-start -n C1 -l trace -o debug.out

trace
debug.out

lxc-monitor

lxc-
monitor lxc-wait

sudo lxc-monitor -n cont[0-5]*

sudo lxc-wait -n cont1 -s 'STOPPED|FROZEN'

sudo lxc-attach -n C1

sudo lxc-start -n C1 /sbin/init loglevel=debug

https://ubuntu.com/server/docs/containers-lxc 11/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

sudo lxc-start -n C1 /bin/bash

sudo lxc-start -n C1 /bin/sleep 100
sudo lxc-start -n C1 /bin/cat /proc/1/status

liblxc

# sudo python3
Python 3.2.3 (default, Aug 28 2012, 08:26:03)
[GCC 4.7.1 20120814 (prerelease)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import lxc
__main__:1: Warning: The python-lxc API isn't yet stable and may change at any point in the future.
>>> c=lxc.Container("C1")
>>> c.create("ubuntu")
True
>>> c.start()
True
>>> c.wait("STOPPED")
True

/proc /sys

https://ubuntu.com/server/docs/containers-lxc 12/13
07/09/2023, 23:04 Containers - LXC | Ubuntu

https://ubuntu.com/server/docs/containers-lxc 13/13