文章目录
概述
容器是最近比较火的一种东西,不管是学习,还是测试,当需要用到多个主机时,就可以用它来虚拟出来,当然比虚拟机更加快捷方便。lxc是我学习的一种,分享给大家
LXC介绍
LXC: linux containers的简称,是一种基于容器的操作系统层次的虚拟化技术。
lxc可以在操作系统上为进程提供虚拟的操作环境,一个虚拟的执行环境就是一个容器。
安装LXC
安装依赖
yum install epel-release
yum install debootstrap perl libvirt
yum install libcap-devel.x86_64
下载安装包进行安装
将LXC源代码https://linuxcontainers.org/downloads/lxc/lxc-2.1.1.tar.gz
下载到/usr/src/解压,并进入目录
./configure
make
make install
安装zfs
安装zfs的软件包
yum install http://download.zfsonlinux.org/epel/zfs-release.el7_4.noarch.rpm
yum install kernel-devel zfs
若安装错误,则需要
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
yum update
如果有报版本错误,可先将zfs-release.e17的低版本先卸载掉
成功后执行
systemctl enable zfs-import-cache
systemctl enable zfs-mount
systemctl enable zfs-share
systemctl enable zfs-zed
systemctl enable zfs.target
配置LXC
创建文件/usr/local/etc/lxc/lxc.conf
内容为:
lxc.lxcpath=/lxcroot
配置主机的IP
在宿主机上配置/etc/sysconfig/network-scripts/ifcfg-enp0s3(我的是cnetos7.4)
TYPE=Ethernet
#BOOTPROTO=dhcp
BOOTPROTO=none
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME="enp0s3"
DEVICE=enp0s3
ONBOOT=yes
BRIDGE=br0
重点在于将BRIDGE=br0,BOOTPROTO=none,将系统原先的IP配置先去掉
配置br0
创建/etc/sysconfig/network-scripts/ifcfg-br0
NAME="br0"
DEVICE="br0"
ONBOOT=yes
IPV6INIT=yes
BOOTPROTO=static
TYPE=Bridge
DELAY=0
IPADDR=192.168.0.96
NETMAST=255.255.255.0
GATEWAY=192.168.0.1
DNS1=114.114.114.114
重点在于TYPE=Bridge,还有你配置的IP
配置好后将网络重启生效
修改LXC创建容器的配置文件
cat /usr/local/etc/lxc/default.conf
lxc.net.0.type = veth
lxc.net.0.link = lxcbr0
lxc.net.0.flags = up
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx
将"lxc.net.0.link = lxcbr0”改为“lxc.net.0.link = br0”
再安装几个软件
yum install net-tools sysstat which
yum groupinstall "Development Tools
创建zfs池
最好添加一块硬盘
添加一块硬盘在虚拟机上,我这里新添了一个10G的sdb盘
[root@LXCtest lxcroot]# fdisk -l|grep sd
WARNING: fdisk GPT support is currently new, and therefore in an experimental phase. Use at your own discretion.
Disk /dev/sda: 8589 MB, 8589934592 bytes, 16777216 sectors
/dev/sda1 * 2048 11720703 5859328 83 Linux
/dev/sda2 11720704 15626239 1952768 82 Linux swap / Solaris
Disk /dev/sdb: 10.7 GB, 10737418240 bytes, 20971520 sectors
用zpool命令将该盘做成zfs文件系统
使用以下命令
zpool create lxcroot /dev/sdb
会自动将sdb盘做成zfs文件系统并且在根下创建此目录,并且将盘挂到该目录
[root@LXCtest lxcroot]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda1 5.6G 3.5G 2.2G 62% /
devtmpfs 3.9G 0 3.9G 0% /dev
tmpfs 3.9G 0 3.9G 0% /dev/shm
tmpfs 3.9G 8.4M 3.9G 1% /run
tmpfs 3.9G 0 3.9G 0% /sys/fs/cgroup
tmpfs 783M 0 783M 0% /run/user/0
lxcroot 9.3G 885M 8.4G 10% /lxcroot
创建容器
创建指定类型的容器
创建容易命令-t指定容器类型,-n指定名字
[root@LXCtest ~]# lxc-create -t centos -n test01
Host CPE ID from /etc/os-release: cpe:/o:centos:centos:7
Checking cache download in /usr/local/var/cache/lxc/centos/x86_64/7/rootfs ...
Cache found. Updating...
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.shu.edu.cn
* updates: mirrors.shu.edu.cn
No packages marked for update
Loaded plugins: fastestmirror
Cleaning repos: base extras updates
0 package files removed
Update finished
Copy /usr/local/var/cache/lxc/centos/x86_64/7/rootfs to /lxcroot/test01/rootfs ...
Copying rootfs to /lxcroot/test01/rootfs ...
sed: can't read /lxcroot/test01/rootfs/etc/init/tty.conf: No such file or directory
Storing root password in '/lxcroot/test01/tmp_root_pass'
Expiring password for user root.
passwd: Success
sed: can't read /lxcroot/test01/rootfs/etc/rc.sysinit: No such file or directory
sed: can't read /lxcroot/test01/rootfs/etc/rc.d/rc.sysinit: No such file or directory
Container rootfs and config have been created.
Edit the config file to check/enable networking setup.
The temporary root password is stored in:
'/lxcroot/test01/tmp_root_pass'
The root password is set up as expired and will require it to be changed
at first login, which you should do as soon as possible. If you lose the
root password or wish to change it without starting the container, you
can change it from the host by running the following command (which will
also reset the expired flag):
chroot /lxcroot/test01/rootfs passwd
修改容易登录密码
生成的容器会有默认密码,可以修改为自定义密码
[root@LXCtest ~]# chroot /lxcroot/test01/rootfs passwd
Changing password for user root.
New password:
BAD PASSWORD: The password contains the user name in some form
Retype new password:
passwd: all authentication tokens updated successfully.
启动容器
[root@LXCtest test01]# lxc-start -d -n test01
可以查看容器的状态吗,会分配IP
[root@LXCtest test01]# lxc-info -n test01
Name: test01
State: RUNNING
PID: 25134
IP: 192.168.0.175
CPU use: 1.31 seconds
BlkIO use: 0 bytes
Memory use: 38.75 MiB
KMem use: 0 bytes
Link: vethMRND23
TX bytes: 2.00 KiB
RX bytes: 5.18 KiB
Total bytes: 7.18 KiB
此时便可以利用工具通过IP连接到刚刚创建的主机上进行操作了
本次我已经创建的主机信息
[root@LXCtest test01]# lxc-ls -f
NAME STATE AUTOSTART GROUPS IPV4 IPV6
centos STOPPED 0 - - -
centostemplate STOPPED 0 - - -
test RUNNING 0 - 192.168.0.174 -
test01 RUNNING 0 - 192.168.0.175 -
LXC的常用命令
lxc-ls -f 查看LXC已经创建的主机信息
lxc-start -n name 打开一个容器
lxc-destroy -n name 彻底删除一个容器,与之相关的一切数据都不可用
lxc-stop -n name 关闭一个容器。与lxc-start类似,要stop的容器必须是已经lxc-create并且lxc-start的
lxc-freeze -n name 冻结该容器所有的进程。进程会被锁定,直到lxc-unfreeze进行解锁
lxc-unfreeze -n name 用于解除被lxc-freeze冻结的容器进程。