Setting up a server hosting several containers with some useful LXC scripts   February 2nd, 2015

The situation: you have rented this big server, and you want to utilize it better. But you don’t want to install all services together, rather you want to separate the various services into containers.

LXC is very useful for this purpose.

My LXC scripts help to make setting up a machine even easier.

The scripts are available at Github: https://github.com/tpokorra/lxc-scripts

These scripts have been tested on Ubuntu 14.04, and I recommend this for this exercise.

To install the LXC scripts, and LXC 1.0.x, you can install an Ubuntu package, see https://lbs.solidcharity.com/package/tpokorra/lbs/lbslxcscripts:

apt-get install apt-transport-https
echo 'deb https://download.solidcharity.com/repos/tpokorra/lbs/ubuntu/trusty/ /' >> /etc/apt/sources.list
apt-get update
apt-get install lbslxcscripts

The scripts now live in /root/scripts.

There are several scripts to create a virtual machine:

cd /root/scripts
# ./initUbuntu.sh   <release, default is precise> <arch, default is amd64> <autostart, default is 1>
./initUbuntu.sh 10-UbuntuDesktop 10 trusty
./initFedora.sh 20-FedoraDesktop 20
./initCentos.sh 30-CentosDesktop 30 7
./initDebian.sh 40-DebianMachine 40 wheezy

Please note: I did not look into creating unprivileged containers yet!

These commands are useful for working with the containers:

# start the container
lxc-start -d -n 30-CentosDesktop
# list all containers
lxc-ls -f
# list all containers and their Linux distribution
./listcontainers.sh
# login to the container
ssh root@10.0.3.30
 exit
# stop the container
lxc-stop -n 30-CentosDesktop
#destroy the container
lxc-destroy -n 30-CentosDesktop

I want fixed IP addresses for my virtual machines. The IP address for container with ID 40 will be 10.0.3.40

To make a port available from the outside, you can call this:

# This will forward the port 2010 of the host machine to the container running at IP 10.0.3.10, port 22.
./tunnelport.sh 10 22
# This will forward the port 8010 of the host machine to the container running at IP 10.0.3.10, port 80.
./tunnelport.sh 10 80

For websites, I use Nginx on the host machine, to manage http and https (SSL) websites on a single IP:

# the host will listen for www.example.org and forward all traffic to 10.0.3.10 port 80
# SSL will be setup if these files exist: /var/lib/certs/www.example.org.crt and www.example.org.key
./initWebproxy.sh 10 www.example.org

There is a script that backs up all LXC settings and IP Tables rules and Nginx configuration of your containers:

./backup.sh mybackup.com myusername

This scripts will upgrade the host and all containers, depending on their Linux distribution. You can run it every night with a cronjob:

./upgradecontainers.sh
Tags:
This entry was posted on Monday, February 2nd, 2015 at 9:23 pm and is filed under Software Development. You can follow any responses to this entry through the RSS 2.0 feed.Both comments and pings are currently closed.

No Responses