== create == * mit lvm *: * ohne lvm *: == start == * start *: == stop == * stop *: == config ==
## network lxc.network.type = veth lxc.network.link = br0 lxc.network.name = eth0 lxc.network.hwaddr = 00:00:c3:d2:00:23 lxc.network.veth.pair = br0_== console == ===lxc.network.flags = up lxc.network.type = veth lxc.network.link = br1 lxc.network.name = eth1 lxc.network.hwaddr = 00:00:c3:d2:01:23 lxc.network.veth.pair = br1_ lxc.network.flags = up ## Container lxc.utsname = lxc.rootfs = /var/lib/lxc/ /rootfs lxc.arch = x86_64 #lxc.console = /var/log/lxc/ .console lxc.tty = 2 lxc.pts = 1024 ## Capabilities lxc.cap.drop = audit_control lxc.cap.drop = audit_write lxc.cap.drop = linux_immutable lxc.cap.drop = mac_admin lxc.cap.drop = mac_override lxc.cap.drop = setpcap lxc.cap.drop = sys_admin lxc.cap.drop = sys_boot lxc.cap.drop = sys_module lxc.cap.drop = sys_pacct lxc.cap.drop = sys_rawio lxc.cap.drop = sys_time ## Devices # Allow all devices #lxc.cgroup.devices.allow = a # Deny all devices lxc.cgroup.devices.deny = a # Allow to mknod all devices (but not using them) lxc.cgroup.devices.allow = c *:* m lxc.cgroup.devices.allow = b *:* m # /dev/console lxc.cgroup.devices.allow = c 5:1 rwm # /dev/null lxc.cgroup.devices.allow = c 1:3 rwm # /dev/ptmx lxc.cgroup.devices.allow = c 5:2 rwm # /dev/pts/* lxc.cgroup.devices.allow = c 136:* rwm # /dev/random lxc.cgroup.devices.allow = c 1:8 rwm # /dev/rtc lxc.cgroup.devices.allow = c 254:0 rwm # /dev/tty lxc.cgroup.devices.allow = c 5:0 rwm # tty0 lxc.cgroup.devices.allow = c 4:0 rwm # tty1 lxc.cgroup.devices.allow = c 4:1 rwm # /dev/urandom lxc.cgroup.devices.allow = c 1:9 rwm # /dev/zero lxc.cgroup.devices.allow = c 1:5 rwm # tun lxc.cgroup.devices.allow = c 10:200 rwm ## Limits lxc.cgroup.cpu.shares = 1024 lxc.cgroup.cpuset.cpus = 0 lxc.cgroup.memory.limit_in_bytes = 256M lxc.cgroup.memory.memsw.limit_in_bytes = 1G ## Filesystem lxc.mount.entry = proc proc proc ro,nodev,noexec,nosuid 0 0 lxc.mount.entry = sysfs sys sysfs ro 0 0
''''/etc/inittab
===
# /sbin/getty invocations for the runlevels. # # The "id" field MUST be the same as the last # characters of the device (after "tty"). # # Format: #===lxc-console=== * VMs auflisten: *: * an VM attachen: *: * Von Konsole detachen: *: im screen: *:: {{Taste|Ctrl}}+{{Taste|a}}{{Taste|a}}{{Taste|q}} *: ohne screen: *:: {{Taste|Ctrl}}+{{Taste|a}}{{Taste|q}} == debian 8 (jessie/systemd lxc) == z.b wheezy container upgrade auf jessie lxc - config im rootfs container: https://wiki.archlinux.org/index.php/Lxc-systemd https://github.com/lxc/lxc/commit/a9bf60bab547013a9873a3fb9efe61155e8694b8 https://wiki.debian.org/LXC#Debian_8_.22Jessie.22.2Ftesting === frickeln === https://gist.github.com/peo3/1142202 == LXC on ZFS (flatbert) == ; Container erstellen: debian lxc bootstrap : neues dataset : lxc Container verschieben : : lxc Container Config kopieren : lxc Container Config anpassen :: : : # # Note that on most Debian systems tty7 is used by the X Window System, # so if you want to add more getty's go ahead but skip tty7 if you run X. # c1:2345:respawn:/sbin/getty 38400 tty1 #1:2345:respawn:/sbin/getty 38400 tty1 #2:23:respawn:/sbin/getty 38400 tty2 #3:23:respawn:/sbin/getty 38400 tty3 #4:23:respawn:/sbin/getty 38400 tty4 #5:23:respawn:/sbin/getty 38400 tty5 #6:23:respawn:/sbin/getty 38400 tty6 # console 1:12345:respawn:/sbin/agetty --noclear 115200 console linux
### ### namen, pfade, mac adresse, cap, rootfs pfad ### # ### LXC - jessie/systemd hacks // ### lxc.autodev = 1 lxc.kmsg = 0 lxc.cap.drop=mac_admin mac_override setfcap setpcap sys_boot sys_module sys_pacct sys_rawio sys_resource sys_time sys_tty_config # lxc.pts = 1024 ### // LXC - jessie/systemd hacks ### #lxc autostart (reboot safe) : : lxc link zum rpool dataset : : lxc / debian jessie upgrade sources.list : lxc starten : lxc wheezy auf jessie upgraden (ohne systemd) :