(refer to https://wiki.debian.org/LXC)
aptitude install lxc bridge-utils ebtables libvirt-bin debootstrap dnsmasq
Add this line to /etc/fstab:
cgroup /sys/fs/cgroup cgroup defaults 0 0
Mount ze cgroup
mount /sys/fs/cgroup
Apply google and kernel parameters until checkconfig passes:
lxc-checkconfig
Create a VM or five
lxc-create -n n1 -t debian -- --release jessie
lxc-create -n n2 -t debian -- --release jessie
lxc-create -n n3 -t debian -- --release jessie
lxc-create -n n4 -t debian -- --release jessie
lxc-create -n n5 -t debian -- --release jessie
Note the root passwords.
Edit /var/lib/lxc/n1/config and friends, changing the network hwaddr to something unique. I suggest using sequential mac addresses for n1, n2, n3, ....
# Template used to create this container: /usr/share/lxc/templates/lxc-debian
# Parameters passed to the template:
# For additional config options, please look at lxc.conf(5)
lxc.rootfs = /var/lib/lxc/n1/rootfs
# Common configuration
lxc.include = /usr/share/lxc/config/debian.common.conf
# Container specific configuration
lxc.mount = /var/lib/lxc/n1/fstab
lxc.utsname = n1
lxc.arch = amd64
# Stuff to add:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = virbr0
lxc.network.ipv4 = 0.0.0.0/24
lxc.network.hwaddr = 00:1E:62:AA:AA:AA
Set up libvirt network, and assign MAC->IP bindings for the LXC node mac addrs
virsh net-edit default
<network>
<name>default</name>
<uuid>08063db9-38f4-4c9c-8887-08000f13ce80</uuid>
<forward mode='nat'/>
<bridge name='virbr0' stp='on' delay='0'/>
<mac address='52:54:00:8e:29:d2'/>
<ip address='192.168.122.1' netmask='255.255.255.0'>
<dhcp>
<range start='192.168.122.11' end='192.168.122.100'/>
<host mac='00:1E:62:AA:AA:AA' name='n1' ip='192.168.122.11'/>
<host mac='00:1E:62:AA:AA:AB' name='n2' ip='192.168.122.12'/>
<host mac='00:1E:62:AA:AA:AC' name='n3' ip='192.168.122.13'/>
<host mac='00:1E:62:AA:AA:AD' name='n4' ip='192.168.122.14'/>
<host mac='00:1E:62:AA:AA:AE' name='n5' ip='192.168.122.15'/>
</dhcp>
</ip>
</network>
Drop an entry in /etc/resolv.conf
to read from the libvirt network dns:
nameserver 192.168.122.1 # Local libvirt dnsmasq
nameserver 192.168.1.1 # Regular network resolver
Kill the system default dnsmasq (if you have one), and start the network (which
in turn will start a replacement dnsmasq with the LXC config. Then, start up
all the nodes. I have this in a bash script called jepsen-start
:
#!/bin/sh
sudo service dnsmasq stop
sudo virsh net-start default
sudo lxc-start -d -n n1
sudo lxc-start -d -n n2
sudo lxc-start -d -n n3
sudo lxc-start -d -n n4
sudo lxc-start -d -n n5
Fire up each VM:
jepsen-start
Log into the containers, (may have to specify tty 0 to use console correctly) e.g.,:
lxc-console --name n1 -t 0
(Optional?) In the containers, update keys used by apt to verify packages:
apt-key update
apt-get update
And set your root password--I use root
/root
by default in Jepsen.
passwd
Copy your SSH key (on host):
cat ~/.ssh/id_rsa.pub
and add it to root's authorized_keys
(in containers):
apt-get install -y sudo vim
mkdir ~/.ssh
chmod 700 ~/.ssh
touch ~/.ssh/authorized_keys
chmod 600 ~/.ssh/authorized_keys
vim ~/.ssh/authorized_keys
Enable password-based login for root (used by jsch):
sed -i 's,^PermitRootLogin .*,PermitRootLogin yes,g' /etc/ssh/sshd_config
systemctl restart sshd
apt install sudo
Remove systemd. After you install sysvinit-core and sysvinit-utils, you may have to restart the container with /lib/sysvinit/init argument to lxc-start before apt will allow you to remove systemd.
Detach from the container with Control+a q, and repeat for the remaining nodes.
On the control node, drop entries in ~/.ssh/config
for nodes:
Host n*
User root
Store the host keys unencrypted so that jsch can use them. If you already have the host keys, they may be unreadable to Jepsen--remove them from .known_hosts and rescan.
for n in $(seq 1 5); do ssh-keyscan -t rsa n$n; done >> ~/.ssh/known_hosts
And check that you can SSH to the nodes
cssh n1 n2 n3 n4 n5
And that should mostly do it, I think.
Follow generally the same steps as for Debian, but the process is easier. Reference: https://help.ubuntu.com/lts/serverguide/lxc.html
- Right after you have installed LXC, create or open /etc/lxc/dnsmasq.conf and add the following contents:
dhcp-host=n1,10.0.3.101
dhcp-host=n2,10.0.3.102
dhcp-host=n3,10.0.3.103
dhcp-host=n4,10.0.3.104
dhcp-host=n5,10.0.3.105
10.0.3.* is LXC's default network. If you want others, go for it but you'll have to change it in the main configuration for lxc as well.
- you may not need to add cgroup to fstab and/or mount it. /sys/fs/cgroups may already be there.
- Then, go and run the lxc-create command, but...
- no need to edit /var/lib/lxc/*/config or set up a bridge, LXC does that for you.
- Fire up the boxes (lxc-start -n n{1,2,3,4,5} -d) and you should be able to ssh right into them.
- Follow the rest of the Debian tutorial, but make sure to use the correct ip addresses.