Category: How Tos

With other containerization technologies such as Docker, persistent volumes (or bind mounts) are common as the container’s life span is often short lived. With LXD instances, the containers live beyond the life of a single process and the demand for persistent storage is not as critical. With that said, there are many use cases for wanting persistent storage within your LXD instance. In this post we will examine how to create persistent storage by mounting a directory on the LXD host server into an instance.

We will create a new profile with the persistent storage settings and then apply that profile to an instance. Let’s call the new profile volume-demo-data. It can be named whatever you want but it’s good practice to name it something meaningful. We will be using a directory on the host server located at /demo/data as our persistent storage location. To create the new profile run the following command:

$ lxc profile create volume-demo-data

We now have an empty profile without any configurations. To get a list of the profiles you have on your LXD server and see the newly created volume-demo-data profile, run the following command:

$ lxc profile list
+---------------------+---------+
|    NAME             | USED BY |
+---------------------+---------+
| default             | 2       |
+---------------------+---------+
| volume-demo-data    | 0       |
+---------------------+---------+

We will need a directory on the host that can be used for persistent storage. For this post, we will create a new directory located at /demo/data. To create the new directories use the following command:

$ sudo mkdir -p /demo/data

The new profile now can be modified to include a disk device that mounts the /demo/data directory (source) to a location within the instance (path). We can choose to edit the profile directly using an editor (lxc profile edit volume-demo-data) or add a new disk device using the command-line.

Choosing the later option, we can create a new device named host-data that uses the host’s directory /demo/data, mounted within the instance at /var/demo/data, by running the following command:

$ lxc profile device add volume-demo-data host-data disk source=/demo/data path=/var/demo/data

To view the contents of the profile use the following command:

$ lxc profile show volume-demo-data
config: {}
description: ""
devices:
  host-data:
    path: /var/demo/data
    source: /demo/data
    type: disk
name: volume-demo-data
used_by: []

If you are launching a new instance you can use the –profile option to add profiles to the instance as it is created. But if the instance already exists you will have to append the new profile to the instance. Let’s assume we have an instance named container1. To append the volume-demo-data profile to this instance use the following command:

$ lxc profile add container1 volume-demo-data

To show the applied configurations to your instance use the following command:

$ lxc config show container1 -e

The profile configuration can be removed from the instance. To remove the profile use the following command:

$ lxc profile remove container1 volume-demo-data

When you remove the profile from the instance, the profile still exists and can be used for other instances. If you want to permanently remove the profile it can be deleted with the following command:

$ lxc profile delete volume-demo-data

LXD instances can be be limited to the amount of CPU and Memory resources used by the host server. These limits can be set on each individual instance, or through the use of profiles. This how-to guide will create a profile establishing these limits and then will apply that profile to an instance. A single profile can be reused and applied to multiple instances.

We will call the new profile cpu2-memory4, naming it something that can easily identify it’s purpose. We will set the profile to limit the instance to 2 virtual CPUs and also 4 GB of memory. To create the new profile run the following command:

$ lxc profile create cpu2-memory4

We now have an empty profile without any configurations. To get a list of the profiles you have on your LXD server and see the newly created cpu2-memory4 profile, run the following command

$ lxc profile list
+---------------+---------+
|    NAME       | USED BY |
+---------------+---------+
| default       | 2       |
+---------------+---------+
| cpu2-memory4  | 0       |
+---------------+---------+

The new profile now can be modified to limit the CPU and memory usage. We can choose to edit the profile directly using an editor (lxc profile edit cpu2-memory4) or set limits using LXC based command-line options.

Choosing the later option, we can set both configuration limits at the same time with a single command. Let’s set the CPU limit to 2 virtual CPUs and the memory limit to 4GB of RAM by running the following command:

$ lxc profile set cpu2-memory4 limits.cpu=2 limits.memory=4GB

To view the contents of the profile use the following command:

$ lxc profile show cpu2-memory4
config:
  limits.cpu: "2"
  limits.memory: 4GB
description: ""
devices: {}
name: cpu2-memory4
used_by: []

If you are launching a new instance you can use the –-profile (or -p) option to add profiles to the instance as it is created. But if the instance already exists you will have to append the new profile to the instance. Let’s assume we have an instance named vm1. To append the cpu2-memory4 profile to this instance use the following command:

$ lxc profile add vm1 cpu2-memory4

To show the applied configuration to your instance use the following command:

$ lxc config show vm1 -e

The profile configuration can be removed from the instance. To remove the profile use the following command:

$ lxc profile remove vm1 cpu2-memory4

When you remove the profile from the instance, the profile still exists and can be used for other instances. If you want to permanently remove the profile it can be deleted with the following command:

$ lxc profile delete cpu2-memory4

LXD instances can be configured with networking interfaces connected to the same local area network (LAN) as their host server. This allow devices on the same external network as the host to communicate with an instance as if it were another device on their LAN.

The macvlan interface will need to connect through a networking interface on the host server. Using the ip addr command on the server, we can see a list of networking interfaces. I will choose to use the interface labeled eno1.

$ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether a4:ba:db:15:fe:22 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.2/24 brd 192.168.200.255 scope global eno1
       valid_lft forever preferred_lft forever

We need to create a new profile that creates a networking interface that uses macvlan. We will name it macvlan-eno1 to describe the purpose of the profile. To create the profile use the following command:

$ lxc profile create macvlan-eno1

The new profile now can be modified to include a new networking interface that will use eno1. The default profile used by instances already creates a device named eth0. For this how-to we will create a second interface for our instances named eth1. We can choose to edit the profile directly using an editor (lxc profile edit macvlan-eno1) or add a new network device using LXC command-line options.

Choosing the later option, we can create the new networking device within the profile and define our settings. The device will have to identify the parent networking interface card as well as define the type of interface. To create the new device run the following command:

$ lxc profile device add macvlan-eno1 eth1 nic nictype=macvlan parent=eno1

To view the contents of the profile we can run the command:

$ lxc profile show macvlan-eno1
config: {}
description: ""
devices:
  eth1:
    nictype: macvlan
    parent: eno1
    type: nic
name: macvlan-eno1
used_by: []

If you are launching a new instance you can use the –-profile (or -p) option to add profiles to the instance as it is created. But if the instance already exists you will have to append the new profile to the container. Let’s assume we have an instance named container1. To append the macvlan-eno1 profile to this instance use the following command:

$ lxc profile add container1 macvlan-eno1

To show the applied configuration use the following command:

$ lxc config show container1 -e

The profile configuration can be removed from the instance. To remove the profile use the following command:

$ lxc profile remove container1 macvlan-eno1

When you remove the profile from the instance, the profile still exists and can be used for other instances. If you want to permanently remove the profile it can be deleted with the following command:

$ lxc profile delete macvlan-eno1

Also known as exposing a port, LXD can be configured to forward outside network traffic to containers that reside within a private bridged network. This post will demonstrate how to create a profile that forwards traffic on a networking port from the host server to a port on an LXD container. At the time of this writing, the proxy device is not supported for LXD virtual-machines.

In this how-to guide I will be forwarding port 80 (http) from the host server to port 8080 on an LXD container. To start we will need to create a profile that can be attached to the container we are forwarding the network traffic to.

We will call the new profile port-80, naming it something that can easily identify it’s purpose. To create the new profile run the following command:

$ lxc profile create proxy-80

We now have an empty profile without any configurations. To get a list of the profiles you have on your LXD server and see the newly created proxy-80 profile, run the following command

$ lxc profile list
+-----------+---------+
|    NAME   | USED BY |
+-----------+---------+
| default   | 2       |
+-----------+---------+
| proxy-80  | 0       |
+-----------+---------+

The new profile now can be modified to include a proxy device that opens a listener on port 80 from the host server to connect to port 8080 on the instance. We can choose to edit the profile directly using an editor (lxc profile edit proxy-80) or add a new proxy device using LXC based command-line options.

Choosing the later option, we can create a new device within the profile that will define our settings. Let’s name the device hostport80. We will have it listen to 0.0.0.0:80 on the host and connect to 127.0.0.1:8080 of the container by running the following command:

$ lxc profile device add proxy-80 hostport80 proxy connect="tcp:127.0.0.1:8080" listen="tcp:0.0.0.0:80"

To view the contents of the profile use the following command:

$ lxc profile show proxy-80
config: {}
description: ""
devices:
  hostport80:
    connect: tcp:127.0.0.1:8080
    listen: tcp:0.0.0.0:80
    type: proxy
name: proxy-80
used_by: []

If you are launching a new instance you can use the –-profile (or -p) option to add profiles to the instance as it is created. But if the instance already exists you will have to append the new profile to the container. Let’s assume we have an instance named container1. To append the proxy-80 profile to this instance use the following command:

$ lxc profile add container1 proxy-80

To show the applied configurations to your instance use the following command:

$ lxc config show container1 -e

The profile configuration can be removed from the instance. To remove the profile use the following command:

$ lxc profile remove container1 proxy-80

When you remove the profile from the instance, the profile still exists and can be used for other instances. If you want to permanently remove the profile it can be deleted with the following command:

$ lxc profile delete proxy-80