LXC安裝和配置(源碼安裝)
測試環境:
(1)OS:UbuntuServer 13.10 amd64
(2)LXC1.0.0alpha1 源碼
1. 配置Host網絡
# nano /etc/network/interface
auto lo
iface lo inet loopback
# The primary network interface
#auto eth0
#iface eth0 inet dhcp
auto br0
iface br0 inet static
address 192.168.255.155
netmask 255.255.255.0
gateway 192.168.255.254
dns-nameservers 8.8.8.8 8.8.4.4
bridge_ports eth0
bridge_fd 9
bridge_hello 2
bridge_maxage 12
bridge_stp off
2. 解除安裝Apparmor
# /etc/init.d/apparmor stop
# update-rc.d -f apparmor remove
# apt-get --purge remove apparmor apparmor-utils libapparmor-perl libapparmor1
3. 安裝必要軟體包
# sed -i 's/us.archive.ubuntu.com/mirrors.163.com/g'/etc/apt/sources.list
# apt-get update
# apt-get install bridge-utils vim build-essential pkg-config m4 libtool gitfakeroot debootstrap libcap2-dev docbook autoconf git wget cgroup-lite
# reboot
4. 安裝LXC源碼
# wget https://github.com/lxc/lxc/archive/lxc-1.0.0.rc2.tar.gz
# tar zxvf lxc-1.0.0.rc2.tar.gz
# cd lxc-1.0.0.rc2
# ./autogen.sh
# ./configure
# make
# make install
5. 安裝路徑
/usr/local/bin
/usr/local/etc/lxc/default.conf
/usr/local/lib/lxc/rootfs
/usr/local/share/lxc/config, hooks, templates
/usr/local/var/lib/lxc/{lxc_name}
6. 建立LXC(以Ubuntu最新發行版為模版)
# lxc-checkconfig
# lxc-create -n ubuntu -t ubuntu
7. 修改ubuntulxc instance網絡配置
# nano /usr/local/var/lib/lxc/ubuntu
# 隔離同一主控端上不同虛拟機之間的通訊(很關鍵的安全防護,所有虛拟機流量全部到ToR,再傳回)
lxc.network.type = macvlan
lxc.network.macvlan.mode = vepa
lxc.network.flags = up
lxc.network.link = br0
# 支援LXC嵌套
lxc.hook.mount = /usr/local/share/lxc/hooks/mountcgroups
8. 啟動ubuntulxc instance
# lxc-start -n ubuntu
附錄,LXC網絡模型:
(1)虛拟機與主控端無法通信
lxc.network.type = macvlan
lxc.network.macvlan.mode = bridge
(2)虛拟機間無法通信
lxc.network.type = macvlan
lxc.network.macvlan.mode = vepa
(3)虛拟機沒有網絡
lxc.network.type = empty
![[Cloud Networking Notes] Congestion[Cloud Networking Notes] Congestion[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)