[libvirt-users] creating a lxc image to be used with libvirt-lxc

Dear all, I'm moving my first baby steps with libvirt-lxc trying to convert over from an LXD installation and one of the hurdles is putting together an image. All the examples I found about libvirt-lxc refer to running /bin/sh in a container, almost as if it was docker, as opposed to run a "full system" like I've been doing with lxd. Also virt-install, often referred in libvirt docs, seems to be specific/only for kvm. Can anybody point me to any documentation to achieve the same as you'd do with lxd? would it even just work to use those images ( https://cloud-images.ubuntu.com/) with libvirt? Last but not least, is there any way to "publish" a modified image so that I could make changes to any of the above and then reuse the modified one as a base for other containers? thank you, spike

On Mon, Apr 03, 2017 at 05:52:33PM +0000, Spike wrote:
Dear all,
I'm moving my first baby steps with libvirt-lxc trying to convert over from an LXD installation and one of the hurdles is putting together an image.
All the examples I found about libvirt-lxc refer to running /bin/sh in a container, almost as if it was docker, as opposed to run a "full system" like I've been doing with lxd. Also virt-install, often referred in libvirt docs, seems to be specific/only for kvm.
Can anybody point me to any documentation to achieve the same as you'd do with lxd? would it even just work to use those images ( https://cloud-images.ubuntu.com/) with libvirt? Last but not least, is there any way to "publish" a modified image so that I could make changes to any of the above and then reuse the modified one as a base for other containers?
Libvirt LXC doesn't really care what you run inside the containedr - it is possible to use it to run a single application (docker style), or to run a full operating system. You essentially just need to populate a chroot with the operating system install you want to run. I've previously tested with a Fedora chroot: https://www.berrange.com/posts/2013/08/12/running-a-full-fedora-os-inside-a-... If you want to have layered modifications, then the best bet is probably to make use of overlayfs with your chroots. ie populate a base chroot and treat it as read-only thereafter. Then create a new directory mounted with overlayfs to add a writable layer on top. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|

ok, thank you Daniel, that helps, I'll see if I can adapt it to other OS and figure out the docker style stuff, it would be useful to run a few things I have in mind. Btw, Daniel, have you ever tried to run libvirt inside a container? I was trying to do so to test things since I didn't want to get all the stuff installed on the host, but I got a whole bunch of errors and virt-manager would not connect no matter what. Also, some more examples, if anybody on the list has them, would be most appreciated to help a noob get started. best, Spike On Tue, Apr 4, 2017 at 2:59 AM Daniel P. Berrange <berrange@redhat.com> wrote:
Dear all,
I'm moving my first baby steps with libvirt-lxc trying to convert over from an LXD installation and one of the hurdles is putting together an image.
All the examples I found about libvirt-lxc refer to running /bin/sh in a container, almost as if it was docker, as opposed to run a "full system" like I've been doing with lxd. Also virt-install, often referred in
On Mon, Apr 03, 2017 at 05:52:33PM +0000, Spike wrote: libvirt
docs, seems to be specific/only for kvm.
Can anybody point me to any documentation to achieve the same as you'd do with lxd? would it even just work to use those images ( https://cloud-images.ubuntu.com/) with libvirt? Last but not least, is there any way to "publish" a modified image so that I could make changes to any of the above and then reuse the modified one as a base for other containers?
Libvirt LXC doesn't really care what you run inside the containedr - it is possible to use it to run a single application (docker style), or to run a full operating system. You essentially just need to populate a chroot with the operating system install you want to run.
I've previously tested with a Fedora chroot:
https://www.berrange.com/posts/2013/08/12/running-a-full-fedora-os-inside-a-...
If you want to have layered modifications, then the best bet is probably to make use of overlayfs with your chroots. ie populate a base chroot and treat it as read-only thereafter. Then create a new directory mounted with overlayfs to add a writable layer on top.
Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|

On Tue, Apr 04, 2017 at 05:20:19PM +0000, Spike wrote:
ok, thank you Daniel, that helps, I'll see if I can adapt it to other OS and figure out the docker style stuff, it would be useful to run a few things I have in mind.
Btw, Daniel, have you ever tried to run libvirt inside a container? I was trying to do so to test things since I didn't want to get all the stuff installed on the host, but I got a whole bunch of errors and virt-manager would not connect no matter what.
You can run libvirt inside a container - I've done that the same reasons as you when i wanted to test stuff without messing up my host. It sounds like you were trying to connect using a virt-manager outside the container, talking to libvirtd inside the container. This gets more complicated - virt-manager connects over a UNIX domain socket at /var/run/libvirt by default. If you're running libvirtd inside a container, then the /var/run seen by libvirtd will be in the container filesystem, while the /var/run seen by virt-manager will be the host filesystem. You'd need to figure out a way for the /var/run/libvirt/libvirt-sock in the container to be exposed to virt-manager in the host. Alternatively you would have to make libvirtd listen on a TCP address and connect over TCP with suitable auth. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|

thank you for your help Daniel. I don't get why virt-manager would see a different /var/run. My container has an ip/ssh, so when I connect with qemu+ssh from my desktop I shuould end up in the same "space/filesystem" of libvirtd, not the host one. And I canc onfirm that because I see the logs of ssh of virt-manager trying to log in. In any case I will try TLS/TCP, that's fine with me. I seem to also be having another problem: for some reason I can't get rid of virbr0 and make libvirt use the existing bridge in the container, even after changing the default net-define virt-manager still sees a virbr0 and fails to start a VM. thanks, Spike On Wed, Apr 5, 2017 at 2:10 AM Daniel P. Berrange <berrange@redhat.com> wrote:
On Tue, Apr 04, 2017 at 05:20:19PM +0000, Spike wrote:
ok, thank you Daniel, that helps, I'll see if I can adapt it to other OS and figure out the docker style stuff, it would be useful to run a few things I have in mind.
Btw, Daniel, have you ever tried to run libvirt inside a container? I was trying to do so to test things since I didn't want to get all the stuff installed on the host, but I got a whole bunch of errors and virt-manager would not connect no matter what.
You can run libvirt inside a container - I've done that the same reasons as you when i wanted to test stuff without messing up my host. It sounds like you were trying to connect using a virt-manager outside the container, talking to libvirtd inside the container.
This gets more complicated - virt-manager connects over a UNIX domain socket at /var/run/libvirt by default. If you're running libvirtd inside a container, then the /var/run seen by libvirtd will be in the container filesystem, while the /var/run seen by virt-manager will be the host filesystem. You'd need to figure out a way for the /var/run/libvirt/libvirt-sock in the container to be exposed to virt-manager in the host.
Alternatively you would have to make libvirtd listen on a TCP address and connect over TCP with suitable auth.
Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|
participants (2)
-
Daniel P. Berrange
-
Spike