How to Build an Ubuntu Container on Arch Linux

It’s been a while since I played around lxc container. Many people still have trouble on building an Ubuntu container on Arch Linux. So I decided to give comprehensive instructions to help you deploy containers.

The following instructions will teach you how to build up and Ubuntu container and setup the internet.

Preparation:

Let’s start with installing packages. Of course, the first thing you need is lxc binary.

~$sudo pacman -S lxc

Then, you need to install required packages in AUR by packer or yaourt.

~$packer -S debootstrap –noconfirm

After installation, it will suggest you to install three optional packages. DO INSTALL THEM!! It’s actually not optional if you want to build an Ubuntu container. This step is where people often fail.

And before installing one of the required package-gnupg1. You need to add a public key to your key server.

~$gpg –keyserver pgpkeys.mit.edu –recv-keys 2071B08A33BD3F06

Now we are ready to install the related packages.

~$packer -S debian-archive-keyring ubuntu-keyring gnupg1 –noconfirm

Congratulations!! Now, you are ready to create an Ubuntu container on your Arch Linux. You can change the name of container, ubuntu_test in the following command.

~$sudo lxc-create -n ubuntu_test -t /usr/share/lxc/templates/lxc-ubuntu

After about half hour, depending on the Internet, your container should be ready to go with no troubles.

Settings:

Now, let’s set up the basic setting of container. You can refer to the ArchWiki for more details.

(Required!) For systemd considerations, create and edit file – /var/lib/lxc/ubuntu_test/autodev

#!/bin/bash
cd ${LXC_ROOTFS_MOUNT}/dev
mkdir net
mknod net/tun c 10 200
chmod 0666 net/tun

Then, remember to make it runnable!!

~$sudo chmod +x /var/lib/lxc/ubuntu_test/autodev

(Required!) Add the following configs in file – /var/lib/lxc/ubuntu_test/config

# Network configuration
lxc.network.type = veth
lxc.network.link = br0
lxc.network.flags = up
lxc.network.ipv4 = 192.168.0.3/24
lxc.network.ipv4.gateway = 192.168.0.1
lxc.network.name = eth0

## systemd within the lxc
lxc.autodev = 1
lxc.pts = 1024
lxc.kmsg = 0
lxc.hook.autodev=/var/lib/lxc/ubuntu_test/autodev

## virtual tty
lxc.pts = 1024

Now, let’s setup the internet for container.  If you use static IP, please refer to here.

Bridging:

Create and edit file – /etc/netctl/lxcbridge

Description="LXC bridge"
Interface=br0
Connection=bridge
BindsToInterfaces=('eno1')
IP=dhcp
SkipForwardingDelay=yes

Then switch the network interface to bridge by

# Switch to bridge

~$netctl switch-to lxcbridge

# Assign gateway IP for bridge (This enables host to ssh guest)

~$sudo ip addr add dev br0 192.168.0.1/24

# IPv4 forwarding (This enables guest to connect to global net. -o must be the name of  bridge you used)

~$sudo iptables -t nat -A POSTROUTING -o br0 -j MASQUERADE

~$sudo sysctl -w net.ipv4.ip_forward=1

You can also make it default on boot.

~$netctl enable lxcbridge

Executing:

Now, the Ubuntu container is ready to run. You can start your container by

~$sudo lxc-start -n ubuntu_test

Then connect to tty1 by

~$sudo lxc-console -n ubuntu_test

The account is ubuntu and the password is the same.

Alternatively, you can ssh by

~$ssh ubuntu@192.168.0.3

Stop the container by

~$sudo lxc-stop -n ubuntu_test

Troubleshooting

When you run lxc-start, you might get the following warning message.

lxc-start: utils.c: setproctitle: 1461 Invalid argument - setting cmdline failed

LXC is complaining that it’s unable to make certain prctl calls. The operative effect seems to be that LXC is unable to set the process titles. How serious is this? At first glance, it doesn’t seem too worrisome. And all functions are working well. forum

Setting up GUI and Advanced Usages:

 

Please refer to original post here.

LXD:

LXD is a new container interface built on top of LXC. It’s easy to use and deploy with image instead of template when generating container. It’s basically an alternative to LXC’s tools and distribution template system with the added features that come from being controllable over the network.

LXD is a container “hypervisor” and a new user experience for LXC.

Specifically, it’s made of three components:

  • A system-wide daemon (lxd)
  • A command line client (lxc)
  • An OpenStack Nova plugin (nova-compute-lxd)

Some of the biggest features of LXD are:

  • Secure by design (unprivileged containers, resource restrictions and much more)
  • Scalable (from containers on your laptop to thousand of compute nodes)
  • Intuitive (simple, clear API and crisp command line experience)
  • Image based (no more distribution templates, only good, trusted images)
  • Live migration

The official website is here.

lxd-infographic-aw2-01

Source: https://insights.ubuntu.com/2015/09/23/infographic-lxd-machine-containers-from-ubuntu/

 

 

2 thoughts on “How to Build an Ubuntu Container on Arch Linux

  1. I had a problem with sudo netctl switch-to lxcbridge:

    A dependency job for netctl@lxcbridge.service failed. See ‘journalctl -xe’ for details.

    The details of `journalctl -xe` are:

    may 21 10:30:13 camilo-desktop systemd[1]: sys-subsystem-net-devices-eno1.device: Job sys-subsystem-net-devices-eno1.device/start timed out.
    may 21 10:30:13 camilo-desktop systemd[1]: Timed out waiting for device sys-subsystem-net-devices-eno1.device.
    — Subject: Unit sys-subsystem-net-devices-eno1.device has failed
    — Defined-By: systemd
    — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

    — Unit sys-subsystem-net-devices-eno1.device has failed.

    — The result is timeout.
    may 21 10:30:13 camilo-desktop systemd[1]: Dependency failed for LXC bridge.
    — Subject: Unit netctl@lxcbridge.service has failed
    — Defined-By: systemd
    — Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

    — Unit netctl@lxcbridge.service has failed.

    — The result is dependency.
    may 21 10:30:13 camilo-desktop systemd[1]: netctl@lxcbridge.service: Job netctl@lxcbridge.service/start failed with result ‘dependency’.
    may 21 10:30:13 camilo-desktop systemd[1]: sys-subsystem-net-devices-eno1.device: Job sys-subsystem-net-devices-eno1.device/start failed with resul
    may 21 10:30:13 camilo-desktop polkitd[504]: Unregistered Authentication Agent for unix-process:20454:207465 (system bus name :1.71, object path /o
    may 21 10:30:13 camilo-desktop sudo[20433]: pam_unix(sudo:session): session closed for user root

    Could you please help me? Thank you for the post anyway 🙂

    1. I’m not quite sure where the problem is. You can try to use the lxc-bridge config as your default internet setting instead of switching between netctl configs. Sometimes, you can try `ip link set eno1 down` to force it down, then use the netctl to start your network.
      If your netctl manager just couldn’t work well, you can always fall back to manual setting.
      `brctl addbr br0`
      `brctl addif br0 eno1`
      `ip link set up br0`
      `ip add dev br0 192.168.0.1/24`

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s