Tag Archives: server
New library: libsubid
User namespaces were designed from the start to meet a requirement that unprivileged users be able to make use of them. Eric accomplished this by introducing subuid and subgid delegations through shadow. These are defined by the /etc/subuid and /etc/subgid … Continue reading →
Using lxd snapshots
Lxd with zfs is fast. Very fast. Yesterday I was testing a package upgrade problem. Purging and re-installing the package was not good enough to reproduce it. So, 1. create a base container lxc launch ubuntu:xenial lv1 That takes about … Continue reading →
LXD 0.3
LXD 0.3 has been released. This version provides huge usability improvements over past versions. Getting started Here’s an example of quickly getting started on a fresh Ubuntu 15.04 VM: sudo add-apt-repository ppa:ubuntu-lxc/lxd-daily sudo apt-get update sudo apt-get install lxd sudo … Continue reading →
Introducing lxcfs
Last year around this time, we were announcing the availability of cgmanager, a daemon allowing users and programs to easily administer and delegate cgroups over a dbus interface. It was key to supporting nested containers and unprivileged users. While its … Continue reading →
Where does lxd fit in
Since its announcement, there appears to have been some confusion and concern about lxd, how it relates to lxc, and whether it will be taking away from lxc development. When lxc was first started around 2007, it was mainly a … Continue reading →
Live container migration – on its way
The criu project has been working hard to make application checkpoint/restart feasible. Tycho has implemented lxc-checkpoint and lxc-restart on top of that (as well as of course contributing the needed bits to criu itself), and now shows off first steps … Continue reading →
announcing lxc-snapshot
In April, lxc-clone gained the ability to create overlayfs snapshot clones of directory backed containers. In may, I wrote a little lxc-snap program based on that which introduced simple ‘snapshots’ to enable simple incremental development of container images. But a … Continue reading →
libvirt defaults (and openvswitch bridge performance)
The libvirt-bin package in Ubuntu installs a default NATed virtual network, virbr0. This isn’t always the best choice for everyone, however it “just works” everywhere. It also provides some simple protection – the VMs aren’t exposed on the network for … Continue reading →
Creating and using containers – without privilege
Today I posted a (working but mainly POC) patchset against lxc which allows me to create and start ubuntu-cloud containers – completely as an unprivileged user. For more details see the introductory email to the patchset at http://sourceforge.net/mailarchive/forum.php?thread_name=1374246151-7069-9-git-send-email-serge.hallyn%40ubuntu.com&forum_name=lxc-devel Glossing over … Continue reading →
Introducing lxc-snap
lxc-snap: lxc container snapshot management tool BACKGROUND Lxc supports containers backed by overlayfs snapshots. The way this is typically done is to create a container backed by a regular directory, then create a new container which mounts the first container’s … Continue reading →
