lxc

source/lxc/container.rst

@@ -1,3 +1,170 @@
 *********
 Container
 *********
+
+TODO
+====
+
+* look for creation through debootstrap
+
+Create
+======
+
+.. code:: shell
+
+  lxc-create \
+  --name="container_name" \
+  --template="debian" \
+  -- \
+  --release="stretch" \
+  --mirror="file:/mirrors/debian/debian-stretch" \
+  --security-mirror="file:/mirrors/debian/debian-stretch-security" \
+
+Configure
+=========
+
+In containers/directory/container_name :
+
+* config
+
+.. code:: ini
+
+  lxc.include = /usr/share/lxc/config/debian.common.conf
+
+  lxc.arch = amd64
+  lxc.autodev = 1
+  lxc.kmsg = 0
+  lxc.mount = /var/lib/lxc/container_name/fstab
+  lxc.rootfs = /var/lib/lxc/container_name/rootfs
+  lxc.rootfs.backend = dir
+  lxc.start.auto = 1
+  lxc.utsname = hostname
+
+  lxc.network.type = veth
+
+  lxc.network.flags = up
+  lxc.network.link = br0
+  lxc.network.name = eth0
+  lxc.network.veth.pair = container_name
+  lxc.network.hwaddr = virtual_mac_address
+
+Static addresses variant:
+
+.. code:: ini
+
+  lxc.network.ipv4 = container_ip4/network_mask_bits
+  lxc.network.ipv6 = container_ip6
+
+* fstab
+
+.. warning::
+
+  | Do not forget to create the data directories
+  | otherwise the container start process will fail!
+
+::
+
+  data/directory/container_name data none bind,create=dir
+  /mirrors mirrors none bind,create=dir
+
+* rootfs/
+
+    * TODO Debian configuration
+
+* rootfs/etc/network/interfaces.d/eth0
+
+    if the container uses DHCP:
+
+::
+
+  auto eth0
+  iface eth0 inet dhcp
+
+Start
+=====
+
+.. warning::
+
+  | Be patient, for it can take a container
+  | up to 1 minute to get its network stack up!
+
+.. code:: shell
+
+  lxc-start -n "container_name"
+
+.. code:: shell
+
+  lxc-start --name="container_name"
+
+Run command
+===========
+
+.. code:: shell
+
+  lxc-attach -n "container_name" -- command
+
+.. code:: shell
+
+  lxc-attach --name="container_name" -- command
+
+Stop
+====
+
+.. code:: shell
+
+  lxc-stop -n "container_name"
+
+.. code:: shell
+
+  lxc-stop --name="container_name"
+
+Backup
+======
+
+system
+------
+
+.. code:: shell
+
+  cd containers/directory
+  tar --numeric-owner -cvaf container_name.backup_name.txz container_name
+
+data
+----
+
+.. code:: shell
+
+  cd data/directory
+  tar --numeric-owner -cvaf container_name.backup_name.txz container_name
+
+Destroy
+=======
+
+.. code:: shell
+
+  lxc-destroy -n "container_name"
+
+.. code:: shell
+
+  lxc-destroy --name="container_name"
+
+Restore
+=======
+
+system
+------
+
+.. code:: shell
+
+  cd containers/directory
+  rm --recursive container_name
+  tar --numeric-owner -xvf container_name.backup_name.txz
+
+data
+----
+
+.. code:: shell
+
+  cd data/directory
+  rm --recursive container_name
+  tar --numeric-owner -xvf container_name.backup_name.txz

source/lxc/host.rst

@@ -1,3 +1,78 @@
 ****
 Host
 ****
+
+Check
+=====
+
+.. code:: shell
+
+  lxc-checkconfig
+
+List
+====
+
+.. code:: shell
+
+  lxc-ls -f
+
+.. code:: shell
+
+  lxc-ls --fancy
+
+Network bridge
+==============
+
+Create bridge br0 onto host's network interface eth0:
+
+* /etc/network/interfaces.d/eth0
+
+::
+
+  auto br0
+  iface br0 inet static
+      address host_ip/network_mask_bits
+      gateway gateway_ip
+      bridge_fd 0
+      bridge_maxwait 0
+      bridge_ports eth0
+      bridge_stp on
+
+Service
+=======
+
+Default configuration for new containers:
+
+* /etc/lxc/default.conf
+
+.. code:: ini
+
+  lxc.include = /usr/share/lxc/config/debian.common.conf
+
+  lxc.arch = amd64
+  lxc.autodev = 1
+  lxc.kmsg = 0
+  lxc.rootfs.backend = dir
+  lxc.start.auto = 1
+
+  lxc.network.type = veth
+
+  lxc.network.flags = up
+  lxc.network.link = br0
+  lxc.network.name = eth0
+
+Directories
+===========
+
+* 1 for the containers
+* 1 for their data
+
+.. code:: shell
+
+  mkdir --parents "containers/directory"
+  rmdir "/var/lib/lxc"
+  ln --symbolic "containers/directory" "/var/lib/lxc"
+
+.. code:: shell
+
+  mkdir --parents "data/directory"

source/lxc/index.rst

@@ -6,3 +6,22 @@ LXC
 
    host
    container
+
+***
+ESX
+***
+
+.. warning::
+
+  | If the host is part of an ESX virtual network architecture,
+  | make sure to configure its virtual switch to avoid packet drops.
+
+* Edit Settings / Policies / Security
+
+=================== ======
+Key                 Value
+=================== ======
+Promiscuous Mode    Accept
+MAC Address Changes Accept
+Forged Transmits    Accept
+=================== ======