Skip to main content

LXC Containers and How it differs from VMs and Docker Containers?

VM vs LXC

##########

The main difference between the VMs and Containers is that virtual machines require their own kernel instance to run while containers share the same kernel.

In other words, containers are virtualization at operating-system-level whereas VMs are virtualization at the hardware level.


In virtual Machines each Guest OS will have its own Operating System and kernel.

But in the case of LXC Containers the Guest OS will share the same OS of its Host machine.


LXC vs Docker

#############

  • LXC is a container technology that gives us the lightweight Linux containers and Docker is single application virtualisation which is based on top of the containerd Run time engine.. Thus even though based on container utilisation they may sound similar but they are completely different when it comes to usage.
  • Unlike the lightweight LXC containers, docker does not tend to behave lightweight VM’s. Single application restriction of the docker is strictly by the design
  • We can easily log on to our LXC containers and can treat it us as an operating system and can install our required applications and other services and will work as expected. But when you consider the Docker the base OS template trimmed down to a single application environment and does not have proper init daemons, cron, Syslog, etc.
Useful LXC Commands
###################

1) lxc list #To list the lxc containers
2) lxc image list # To list the images in the local repo
3) lxc image list images:  # To list the images in the remote repo.
4) lxc image list images:centos #To list all the images of centos
5) lxc remote list # To view the remote repositories
6) lxc storage list #To list the storage volumes.
6) lxc launch ubuntu:18.04 #To launch an ubuntu container.
7) lxc move myubuntu1 myubuntu # To move the container to another one.
8) lxc move myubuntu 10.10.10.3:myubuntu #To move to another host.
9) lxc copy myubuntu myanotherubuntu #Will make a copy of first one.
10) lxc exec myubuntu bash #To login as root.
11) lxc exec myubuntu su - ubuntu #To login as ubuntu user.
12) lxc start myubuntu #Start the container
13) lxc stop myubuntu #Stop the container
14) lxc delete --force myubuntu # Will delete container evenif it is not stopped.
15) lxc info myubuntu #To view the info about the containers
16) lxc config show myubuntu #To view the configurations of the containers.
17) lxc profile list #To list the profiles used by the lxc containers.
18) lxc profile show default #To view the default profile used for the container creation.
19) lxc profile copy default myprofile #To copy the default profile to custome profile 

20) lxc config set myubuntu limits.memory 512MB #Will dynamically set the maximum ram in container to 512MB, Means when the container is running.
21) lxc profile edit myprofile 
        Now remove the {} in the config: section and add the line "limits.memory: 512MB" as below:
    config:
      limits.memory: 512MB
22) lxc launch ubuntu:16.04 myubuntu2 --profile myprofile # This will launch the myubuntu2 container with 512MB ram as max ram limit.

23) lxc file push myfile myubuntu2/root/ # Note that it is not : its / . This will push myfile from host machine to the myubuntu2 lxc container.

23) lxc file pull myubuntu2/root/myfile . # Note that it is not : its / . This will pull myfile from myubuntu2 lxc container to the host machine.

24) lxc snapshot myubuntu2 snap1 #Take the snapshot of myubuntu2 container with name as snap1

25) lxc restore myubuntu3 snap1 #Create myubuntu3, which will be the exact copy of myubuntu2 

26) Indorder to setup nested containers(Container inside an LXC Container), we need to enable security features in the lxc configuration of the parent container.

    lxc config set myubuntu2 security.privileged true
    lxc config set myubuntu2 security.nesting true





Comments

Post a Comment

Popular posts from this blog

K8s External Secrets integration between AWS EKS and Secrets Manager(SM) using IAM Role.

What is K8s External Secrets and how it will make your life easier? Before saying about External Secrets we will say about k8s secrets and how it will work. In k8s secrets we will create key value pairs of the secrets and set this as either pod env variables or mount them as volumes to pods. For more details about k8s secrets you can check my blog http://jinojoseph.blogspot.com/2020/08/k8s-secrets-explained.html   So in this case if developers wants to change the ENV variables , then we have to edit the k8s manifest yaml file, then we have to apply the new files to the deployment. This is a tiresome process and also chances of applying to the wrong context is high if you have multiple k8s clusters for dev / stage and Prod deployments. So in-order to make this easy , we can add all the secrets that is needed in the deployment, in the AWS Secret Manager and with the help of External secrets we can fetch and create those secrets in the k8s cluster. So what is K8s external Secret? It i...
Post a Comment
Read more

Password reset too simplistic/systematic issue

Some time when we try to reset the password of our user in linux it will show as simple and systematic as below: BAD PASSWORD: it is too simplistic/systematic no matter how hard password you give it will show the same. Solution: ######### Check if your password is Ok with the below command, jino@ndz~$ echo 'D7y8HK#56r89lj&8*&^%&^%#56rlKJ!789l' | cracklib-check D7y8HK#56r89lj&8*&^%&^%#56rlKJ!789l: it is too simplistic/systematic Now Create a password with the below command : jino@ndz~$ echo $(tr -dc '[:graph:]' 7\xi%!W[y*S}g-H7W~gbEB4cv,9:E:K; You can see that this password will be ok with the cracklib-check. jino@ndz~$ echo '7\xi%!W[y*S}g-H7W~gbEB4cv,9:E:K;' | cracklib-check                 7\xi%!W[y*S}g-H7W~gbEB4cv,9:E:K;: OK Thats all, Thanks.
Post a Comment
Read more

Setting /etc/hosts entries during the initial deployment of an Application using k8s yaml file

Some times we have to enter specific hosts file entries to the container running inside the POD of a kubernetes deployment during the initial deployment stage itself. If these entries are not in place, the application env variables mentioned in the yaml file , as hostnames , will not resolve to the IP address and the application will not start properly. So to make sure the /etc/hosts file entries are already there after the spin up of the POD you can add the below entries in your yaml file. cat > api-deployment.yaml apiVersion: apps/v1 kind: Deployment metadata: spec:   template:     metadata:     spec:       volumes:       containers:       - image: registryserver.jinojoseph.com:5000/jinojosephimage:v1.13         lifecycle:           postStart:             exec:               command:...
Post a Comment
Read more