Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [lxc]

Linux Containers (LXC) is a userspace interface for operating system-level virtualization features in the mainline Linux kernel, such as kernel namespaces and control groups (cgroups). These allow multiple distinct user space instances to be run on a single kernel. Note: the 3 letters "lxc" command is part of LXD, not LXC. Please use the LXD tag if your question is about LXD rather than only about LXC.

Linux Containers (LXC) provides userspace tools for operating system-level virtualization features in the Linux kernel. It allows multiple distinct user space instances, commonly referred to as containers, to be run on a single kernel instance.

LXC differs from other operating system-level virtualization solutions for Linux, such as OpenVZ and Linux-VServer, in that LXC relies entirely on kernel features available in the mainline kernel. Processes are contained via the use of:

319 questions
211
votes
2 answers

What is the difference between Docker, LXD, and LXC

What is the difference between Docker, LXD, and LXC. Do they offer the same services or different.
Ijaz Ahmad
  • 7,146
  • 5
  • 32
  • 45
76
votes
1 answer

Linux LXC vs FreeBSD jail

Are there any notable differences between LXC (Linux containers) and FreeBSD's jails in terms of security, stability & performance? On first look, both approaches look very similar.
Philipp Claßen
  • 4,689
  • 7
  • 29
  • 41
44
votes
4 answers

How to list namespaces in Linux?

Is there any method in Linux to list all namespaces on the running host? I need to check namespaces for particular processes (e.g. processes running in LXC-container and all other processes on the host) and then find out cgroups of them.
zerospiel
  • 1,063
  • 2
  • 11
  • 11
28
votes
6 answers

LXC: How do I mount a folder from the host to the container?

I'm trying to mount a folder on the host to an LXC container. The host has a folder /mnt/ssd/solr_data created (this is currently on the root filesystem, but later I'll mount an SSD drive there, so I'm prepping for that). I want that folder to mount…
David Parks
  • 1,100
  • 7
  • 21
  • 42
27
votes
1 answer

User permissions inside and outside of LXC containers?

I'm running some services inside of Docker LXC containers on my server and I'm beginning to actually do serious things with them. One thing I'm not clear on is how user permissions work inside and outside of the container. If, for example, I'm…
Naftuli Kay
  • 38,686
  • 85
  • 220
  • 311
26
votes
1 answer

What makes systemd-nspawn still "unsuitable for secure container setups"?

This is stated in the man page for systemd-nspawn Note that even though these security precautions are taken systemd-nspawn is not suitable for secure container setups. Many of the security features may be circumvented and are hence primarily …
user239558
  • 405
  • 1
  • 4
  • 7
21
votes
2 answers

What is an unprivileged LXC container?

What does it mean if a Linux container (LXC container) is called "unprivileged"?
0xC0000022L
  • 16,189
  • 24
  • 102
  • 168
21
votes
2 answers

Executing a command inside a running LXC

I want to execute a command inside an existing lxc without going through the regular Linux init. lxc-execute command is for that I guess but I get the following error when I run this command on my existing test lxc. sudo lxc-execute -n test --…
user52881
  • 211
  • 1
  • 2
  • 3
20
votes
2 answers

Linux - LXC; deploying images with tiniest possible X11

is it currently possible to setup LXC containers with X11 capabilities? I'm looking forward for the lightest available X11 container (memory-wise), hardware acceleration a plus but not essential. If it is not currently possible, or readily…
lurscher
  • 290
  • 1
  • 2
  • 11
19
votes
4 answers

Command to run a child process "offline" (no external network) on Linux

I have a program I would like to test in offline mode without taking down my actual network. This program would still need to connect to local sockets, including unix domain sockets and loopback. It also needs to listen on loopback and be visible to…
Havoc P
  • 321
  • 3
  • 8
18
votes
4 answers

How to configure external IP addresses for LXC guests?

I'm exploring the LXC features in Ubuntu 12.04 and I really want to set up a network like this: client1: 192.168.56.101/24 lxc-host: 192.168.56.102/24 guest1 192.168.56.201/24 guest2 192.168.56.202/24 guest3 192.166.56.203/24 I just…
twblamer
  • 919
  • 2
  • 10
  • 19
18
votes
3 answers

What are benefits and downsides of unprivileged containers?

The technical explanation of what is unprivileged container is quite good. However, it is not for ordinary PC user. Is there a simple answer when and why people should use unpriviliged containers, and what are their benefits and downsides?
anatoly techtonik
  • 2,514
  • 4
  • 24
  • 37
16
votes
3 answers

How to create user cgroups with systemd

I use unprivileged lxc containers in Arch Linux. Here are the basic system infos: [chb@conventiont ~]$ uname -a Linux conventiont 3.17.4-Chb #1 SMP PREEMPT Fri Nov 28 12:39:54 UTC 2014 x86_64 GNU/Linux It's a custom/compiled kernel with user…
lord.garbage
  • 2,323
  • 5
  • 27
  • 41
15
votes
2 answers

Network interface name has with at sign - what is it?

I am trying to hunt down information for why a network interface name would have an at sign, but there's too much noise in the results I am so far getting (I lack the correct terminology to search on) I have a LXC container on a Ubuntu host. Inside…
taifwa
  • 490
  • 4
  • 10
15
votes
5 answers

Why doesn't docker container start at boot w/ upstart script on Ubuntu 12.04?

Using instructions for Docker auto-start on Linode VPS running Ubuntu 12.04 and Docker 0.8.1, the specified container does not start on reboot. Once booted, I am able to ~$ sudo start [service-name] and everything goes as planned, but I would also…
jody
  • 211
  • 1
  • 2
  • 10
1
2 3
21 22