From f1efe0ea15880da3b7ce15ebfff6272bf5fdd43c Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 19:40:01 -0700 Subject: [PATCH 1/9] small fix --- scripts/lxc-config | 2 ++ 1 file changed, 2 insertions(+) diff --git a/scripts/lxc-config b/scripts/lxc-config index 2bc173e..64d0d12 100644 --- a/scripts/lxc-config +++ b/scripts/lxc-config @@ -31,3 +31,5 @@ lxc.rootfs.path=/data/rootfs # Extra mounts for additional volumes which can be mounted to /vol on docker lxc.mount.entry = /vol vol none rbind 0 0 + +lxc.apparmor.allow_incomplete = 1 \ No newline at end of file From dab65c09fb3c96e019819116805c983fda46fc93 Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 19:44:14 -0700 Subject: [PATCH 2/9] added build scripts --- build.sh | 1 + run.sh | 4 ++++ 2 files changed, 5 insertions(+) create mode 100755 build.sh create mode 100755 run.sh diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..adb2b0a --- /dev/null +++ b/build.sh @@ -0,0 +1 @@ +docker build . --tag lxc \ No newline at end of file diff --git a/run.sh b/run.sh new file mode 100755 index 0000000..d940b9f --- /dev/null +++ b/run.sh @@ -0,0 +1,4 @@ +#!/bin/bash +#docker run --privileged --hostname lxctest1 -v /tmp/lxc:/data -e USE_LXCFS=false -e DISTRIBUTION=alpine lxc +docker run --privileged --hostname lxctest1 -v /tmp:/data -e USE_LXCFS=false -e DISTRIBUTION=alpine -it lxc ash +#/usr/bin/python3 /scripts/launch.py From 31cc6fd1bc3ad4c873b2d3f8215cde18bc9b41db Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 19:56:10 -0700 Subject: [PATCH 3/9] wip --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 6d7ff49..9bd875c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ FROM alpine:latest RUN \ - apk add --update --no-cache bash curl lxc lxcfs python3 py3-requests py3-yaml arch-install-scripts tar zstd \ + apk add --update --no-cache bash curl lxc lxc-templates lxcfs python3 py3-requests py3-yaml arch-install-scripts tar zstd \ && echo "lxc.lxcpath = /data" > /etc/lxc/lxc.conf \ && ln -sf /scripts/shellwrapper /bin/sh \ && echo "PS1='\\h (outer docker container, to enter inner container use: lxc-attach -n machine) \\w # '" > /root/.bashrc From ebf1edecc1828987f05a0e38cd99786135bbd20f Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 20:02:39 -0700 Subject: [PATCH 4/9] wip --- Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9bd875c..398f4ef 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ -FROM alpine:latest +FROM alpine:3.17 RUN \ - apk add --update --no-cache bash curl lxc lxc-templates lxcfs python3 py3-requests py3-yaml arch-install-scripts tar zstd \ + apk add --update --no-cache bash curl lxc lxc-templates bridge lxcfs python3 py3-requests py3-yaml arch-install-scripts tar zstd \ && echo "lxc.lxcpath = /data" > /etc/lxc/lxc.conf \ && ln -sf /scripts/shellwrapper /bin/sh \ && echo "PS1='\\h (outer docker container, to enter inner container use: lxc-attach -n machine) \\w # '" > /root/.bashrc From e68f982dbe867fc85097d10510a6078a3b582f58 Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 20:29:18 -0700 Subject: [PATCH 5/9] wip --- scripts/lxc-config | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/scripts/lxc-config b/scripts/lxc-config index 64d0d12..57faec6 100644 --- a/scripts/lxc-config +++ b/scripts/lxc-config @@ -32,4 +32,6 @@ lxc.rootfs.path=/data/rootfs # Extra mounts for additional volumes which can be mounted to /vol on docker lxc.mount.entry = /vol vol none rbind 0 0 -lxc.apparmor.allow_incomplete = 1 \ No newline at end of file +lxc.apparmor.allow_incomplete = 1 + +lxc.aa_allow_incomplete = 1 \ No newline at end of file From c5e2ace93604ac52a3088f2df6868738753688c2 Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 20:30:32 -0700 Subject: [PATCH 6/9] wip --- scripts/lxc-config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/lxc-config b/scripts/lxc-config index 57faec6..67d5c37 100644 --- a/scripts/lxc-config +++ b/scripts/lxc-config @@ -34,4 +34,4 @@ lxc.mount.entry = /vol vol none rbind 0 0 lxc.apparmor.allow_incomplete = 1 -lxc.aa_allow_incomplete = 1 \ No newline at end of file +# lxc.aa_allow_incomplete = 1 \ No newline at end of file From 77223102d21fde274b3f7b35d3263000751aeed9 Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 20:31:12 -0700 Subject: [PATCH 7/9] wip --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 398f4ef..53c15a5 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.17 +FROM alpine:3.15 RUN \ apk add --update --no-cache bash curl lxc lxc-templates bridge lxcfs python3 py3-requests py3-yaml arch-install-scripts tar zstd \ From 272430b7137a0250620e9cf95f27d3e7fe056f6c Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Thu, 14 Sep 2023 20:34:53 -0700 Subject: [PATCH 8/9] working again --- run.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/run.sh b/run.sh index d940b9f..f937e98 100755 --- a/run.sh +++ b/run.sh @@ -1,4 +1,4 @@ #!/bin/bash -#docker run --privileged --hostname lxctest1 -v /tmp/lxc:/data -e USE_LXCFS=false -e DISTRIBUTION=alpine lxc -docker run --privileged --hostname lxctest1 -v /tmp:/data -e USE_LXCFS=false -e DISTRIBUTION=alpine -it lxc ash +docker run --privileged --hostname lxctest1 -v /tmp/lxc:/data -e USE_LXCFS=false -e DISTRIBUTION=alpine lxc +#docker run --privileged --hostname lxctest1 -v /tmp:/data -e USE_LXCFS=false -e DISTRIBUTION=alpine -it lxc ash #/usr/bin/python3 /scripts/launch.py From 946dfc42e69a4efc1426c2a39f8acfb657b75ac6 Mon Sep 17 00:00:00 2001 From: Andrew Grosser Date: Fri, 15 Sep 2023 10:11:31 -0700 Subject: [PATCH 9/9] added note for future work in systemd --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 2ae8ff5..038a749 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,7 @@ This project allows to use a single LXC container within a docker container to g * Provide "home containers" for your users, each with own ssh access and persistent state * Run a linux remote desktop server on kubernetes * Easily run statefull software (like froxlor control panel or plesk) on docker/kubernetes +* Run using other linux flavors - requires systemd - https://linuxcontainers.org/lxc/getting-started/ ### Ideas / Backlog