In this recipe, we will create our first container with LXD.
LXD works on the concept of remote servers and images served by those remote servers. Starting a new container with LXD is as simple as downloading a container image and starting a container out of it, all with a single command. Follow these steps:
lxc launch
command, as follows:$ lxc launch ubuntu:14.04/amd64 c1
LXC will download the required image (14.04/amd64
) and start the container.
You should see the progress like this:
lxc launch
downloads the required image, creates a new container, and then starts it as well. You can see your new container in a list of containers with the lxc list
command, as follows:$ lxc list
lxc info
command:$ lxc info c1
lxc exec
command, you can execute commands inside a container. Use the following command to obtain the details of Ubuntu running inside a container:$ lxc exec c1 -- lsb_release -a
$ lxc exec c1 -- bash
Creating images is a time-consuming task. With LXD, the team has solved this problem by downloading the prebuilt images from trusted remote servers. Unlike LXC, where images are built locally, LXD downloads them from the remote servers and keep a local cache of these images for later use. The default installation contains three remote servers:
You can get a list of available remote servers with this command:
$ lxc remote list
Similarly, to get a list of available images on a specific remote server, use the following command:
$ lxc image list ubuntu:
In the previous example, we used 64-bit Ubuntu 14.04 from one of the preconfigured remote servers (ubuntu:
). When we start a specific container, LXD checks the local cache for the availability of the respective image; if it's not available locally, the required images gets fetched from the remote server and cached locally for later use. These images are kept in sync with remote updates. They also expire if not used for a specific time period, and expired images are automatically removed by LXD. By default, the expiration period is set to 10 days.
You can find a list of various configuration parameters for LXC and LXD documented on GitHub at https://github.com/lxc/lxd/blob/master/doc/configuration.md.
The lxc launch
command creates a new container and then starts it as well. If you want to just create a container without starting it, you can do that with the lxc init
command, as follows:
$ lxc init ubuntu:xenial c2
All containers (or their rootfs
) are stored under the /var/lib/lxd/containers
directory, and images are stored under the /var/lib/lxd/images
directory.
While starting a container, you can specify the set of configuration parameters using the --config
flag. LXD also supports configuration profiles. Profiles are a set of configuration parameters that can be applied to a group of containers. Additionally, a container can have multiple profiles. LXD ships with two preconfigured profiles: default
and docker
.
To get a list of profiles, use the lxc profile list
command, and to get the contents of a profile, use the lxc profile show <profile_name>
command.
Sometimes, you may need to start a container to experiment with something—execute a few random commands and then undo all the changes. LXD allows us to create such throwaway or ephemeral containers with the -e
flag. By default, all LXD containers are permanent containers. You can start an ephemeral container using the --ephemeral
or -e
flag. When stopped, an ephemeral container will be deleted automatically.
With LXD, you can start and manage containers on remote servers as well. For this, the LXD daemon needs to be exposed to the network. This can be done at the time of initializing LXD or with the following commands:
$ lxc config set core.https_address "[::]" $ lxc config set core.trust_password some-password
Next, make sure that you can access the remote server and add it as a remote for LXD with the lxc remote add
command:
$ lxc remote add remote01 192.168.0.11 # lxc remote add name server_ip
Now, you can launch containers on the remote server, as follows:
$ lxc launch ubuntu:xenial remote01:c1
Unlike LXC, LXD container images do not support password-based SSH logins. The container still has the SSH daemon running, but login is restricted to a public key. You need to add a key to the container before you can log in with SSH. LXD supports file management with the lxc file
command; use it as follows to set your public key inside an Ubuntu container:
$ lxc file push ~/.ssh/id_rsa.pub c1/home/ubuntu/.ssh/authorized_keys --mode=0600 --uid=1000
Once the public key is set, you can use SSH to connect to the container, as follows:
$ ssh ubuntu@container_IP
Alternatively, you can directly open a root session inside a container and get a bash shell with lxc exec
, as follows:
$ lxc exec c1 -- bash