Tag Archives: server

New library: libsubid

Posted on June 20, 2020 by s3hh

User namespaces were designed from the start to meet a requirement that unprivileged users be able to make use of them. Eric accomplished this by introducing subuid and subgid delegations through shadow. These are defined by the /etc/subuid and /etc/subgid … Continue reading

Posted in Uncategorized | Tagged , | Leave a comment

Using lxd snapshots

Posted on May 8, 2016 by s3hh

Lxd with zfs is fast. Very fast. Yesterday I was testing a package upgrade problem. Purging and re-installing the package was not good enough to reproduce it. So, 1. create a base container lxc launch ubuntu:xenial lv1 That takes about … Continue reading

Posted in Uncategorized | Tagged , , | Leave a comment

LXD 0.3

Posted on March 12, 2015 by s3hh

LXD 0.3 has been released. This version provides huge usability improvements over past versions. Getting started Here’s an example of quickly getting started on a fresh Ubuntu 15.04 VM: sudo add-apt-repository ppa:ubuntu-lxc/lxd-daily sudo apt-get update sudo apt-get install lxd sudo … Continue reading

Posted in Uncategorized | Tagged , , , , | 7 Comments

Introducing lxcfs

Posted on February 23, 2015 by s3hh

Last year around this time, we were announcing the availability of cgmanager, a daemon allowing users and programs to easily administer and delegate cgroups over a dbus interface. It was key to supporting nested containers and unprivileged users. While its … Continue reading

Posted in Uncategorized | Tagged , , | 7 Comments

Where does lxd fit in

Posted on December 12, 2014 by s3hh

Since its announcement, there appears to have been some confusion and concern about lxd, how it relates to lxc, and whether it will be taking away from lxc development. When lxc was first started around 2007, it was mainly a … Continue reading

Posted in Uncategorized | Tagged , | 6 Comments

Live container migration – on its way

Posted on October 14, 2014 by s3hh

The criu project has been working hard to make application checkpoint/restart feasible. Tycho has implemented lxc-checkpoint and lxc-restart on top of that (as well as of course contributing the needed bits to criu itself), and now shows off first steps … Continue reading

Posted in Uncategorized | Tagged , , | Leave a comment

announcing lxc-snapshot

Posted on September 13, 2013 by s3hh

In April, lxc-clone gained the ability to create overlayfs snapshot clones of directory backed containers. In may, I wrote a little lxc-snap program based on that which introduced simple ‘snapshots’ to enable simple incremental development of container images. But a … Continue reading

Posted in Uncategorized | Tagged , | 5 Comments

libvirt defaults (and openvswitch bridge performance)

Posted on August 28, 2013 by s3hh

The libvirt-bin package in Ubuntu installs a default NATed virtual network, virbr0. This isn’t always the best choice for everyone, however it “just works” everywhere. It also provides some simple protection – the VMs aren’t exposed on the network for … Continue reading

Posted in Uncategorized | Tagged , , , | 4 Comments

Creating and using containers – without privilege

Posted on July 19, 2013 by s3hh

Today I posted a (working but mainly POC) patchset against lxc which allows me to create and start ubuntu-cloud containers – completely as an unprivileged user. For more details see the introductory email to the patchset at http://sourceforge.net/mailarchive/forum.php?thread_name=1374246151-7069-9-git-send-email-serge.hallyn%40ubuntu.com&forum_name=lxc-devel Glossing over … Continue reading

Posted in Uncategorized | Tagged , | 8 Comments

Introducing lxc-snap

Posted on May 6, 2013 by s3hh

lxc-snap: lxc container snapshot management tool BACKGROUND Lxc supports containers backed by overlayfs snapshots. The way this is typically done is to create a container backed by a regular directory, then create a new container which mounts the first container’s … Continue reading

Posted in Uncategorized | Tagged , | 15 Comments