Container Management with LXD

  • Tutorial
LXD Containers

We continue our series of articles on containerization. If the first two articles ( 1  and  2 ) were devoted to theory, today we will talk about a very specific tool and the features of its practical use. The subject of our review will be LXD (short for Linux Container Daemon), created by Canadian Canadian Stephan Grabe of Canonical.


The name of the creator of LXD is well known in the professional community: he is also one of the authors of another popular container solution - LXC. Actually, LXD is an add-on for LXC, which simplifies the work with containers and adds a wide range of new features.

In this article, we restrict ourselves to a brief introduction to LXD: compare it with Docker, provide installation and configuration instructions, and demonstrate basic container management capabilities.

LXD and Docker


LXD is a relatively new tool: the first version was released in 2014, when Docker was already widely adopted and has proven itself in practice.
Like Docker, LXD operates on the basis of LXC.

At the same time, the scope of the two tools is completely different: if Docker is designed to run in application containers, then LXD is designed to run full-fledged operating systems.

With LXD, you can even create not containers in the literal sense of the word, but lightweight virtual machines. To emphasize this point and at the same time point out the difference from other containerization tools, the authors of many publications call LXD the word lightvisor (it is already translated into Russian as “light visor”).

In  Canonical publicationsIt is noted that LXD containers can run 10 times faster than traditional KVM-based virtual machines.

LXD made an attempt to solve a number of problems that it has to deal with when working with other containerization tools: a mechanism for dynamic resource management is thought out, container migration capabilities (including in real time) are expanded, and security problems are fixed. Compared to Docker, LXD has a much wider ability to reconfigure containers.

LXD has an open API; There are clients for various programming languages. A plugin for OpenStack has been created that allows you to manage containers using the Nova client.

Installation and setup


Hereinafter, we will describe the features of working with LXD on the material of Ubuntu 16.04. In this OS, LXD is included in official repositories and is installed in a standard way:

apt-get install lxd

Stefan Grabe in his article recommends using the ZFS file system as a backend for storing containers. To work with ZFS, you need to install the appropriate packages:

apt-get install zfsutils-linux

If ZFS does not suit you for one reason or another, you can use BTRFS or LVM (for more details, see here ).
After the installation is complete, run the command:

lxd init

The setup program will ask a few simple questions, after which everything will be configured automatically. You can read more about LXD configuration features in this article .

Container creation


All containers in LXD are created on the basis of images. Images can be obtained from both local and remote repository. Let's see the list of available repositories:

 lxc remote list
+-----------------+------------------------------------------+---------------+--------+--------+
|      NAME       |                   URL                    |   PROTOCOL    | PUBLIC | STATIC |
+-----------------+------------------------------------------+---------------+--------+--------+
| images          | https://images.linuxcontainers.org       | lxd           | YES    | NO     |
+-----------------+------------------------------------------+---------------+--------+--------+
| local (default) | unix://                                  | lxd           | NO     | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+
| ubuntu          | https://cloud-images.ubuntu.com/releases | simplestreams | YES    | YES    |
+-----------------+------------------------------------------+---------------+--------+--------+
| ubuntu-daily    | https://cloud-images.ubuntu.com/daily    | simplestreams | YES    | YES    |
+-----------------+------------------------------------------+---------------+-------


For the first acquaintance with LXD, the local repository (local) is quite suitable. Run in the container OS Ubuntu 16.04:

lxc launch ubuntu:16.04 container1

As a result of this command, LXD will create a container based on the specified image and launch it.

You can launch the command shell in this container using the command:

lxc exec container1 /bin/bash

If you just need to create a container, but not start it, just run the command:

lxc init ubuntu:16.04 container1

To start and stop the container later, use the lxc start and lxc stop commands.

LXC provides good on-the-fly container management capabilities. So, for example, you can put the file created on the main host inside the container:

lxc file push [путь к файлу на основном хосте] [контейнер]/[путь]

You can perform the reverse operation - upload the file from the container to the main host:

$ lxc file pull [контейнер]/[путь]

You can also edit files in the container directly:

lxc edit [контейнер]/[путь]

The basic commands for creating and running containers we have already considered; Those wishing to know more are referred to a  detailed article by Stefan Grabe.

Resource management


Managing isolated environments is unthinkable without control of resources: we must provide the container with enough resources to work and at the same time be sure that the container will not consume unnecessary resources, thereby disrupting the rest of the system.

In LXD, you can allocate resources to containers using a special set of commands:

# устанавливаем лимит памяти
lxc config set container1 limits.memory 512M
# привязываем контейнер к ядрам CPU
lxc config set container1 limits.cpu 1,3
# ограничиваем потребление ресурсов CPU
lxc config set container1 cpu.allowance 10%
# ограничиваем объём используемого контейнером дискового пространства(работает только с ZFS или btrfs)
lxc config set container1 root size 10GB

You can read more about resource management in this article .

You can view resource consumption statistics for a container using a simple command:

lxc info container1
Name: container1
Architecture: x86_64
Created: 2016/08/16 07:55 UTC
Status: Running
Type: persistent
Profiles: default
Pid: 4110
Ips:
lo: 	inet 	127.0.0.1
lo: 	inet6 	::1
eth0:	inet6 	fe80::216:3eff:fe18:faa9 	vethA2SCMX
Resources:
Processes: 24
Memory usage:
Memory (current): 48.88MB
Memory (peak): 163.26MB
Network usage:
eth0:
Bytes received: 648 bytes
Bytes sent: 648 bytes
Packets received: 8
Packets sent: 8
lo:
Bytes received: 264 bytes
Bytes sent: 264 bytes
Packets received: 4
Packets sent: 4

Work with snapshots


LXD has the ability to create snapshots and restore containers from snapshots. Let's see how it works in practice (an example is taken from the  LXD interactive tutorial ).

Let's make some changes to the container1 container we have already created:

lxc exec container1 -- apt-get update
lxc exec container1 -- apt-get dist-upgrade -y
lxc exec container1 -- apt-get autoremove —purge -y

Let's make a snapshot of this container and name it, for example, new:

lxc snapshot container1 new

Let's try to “break” something in our first container:

lxc exec container1 -- rm -Rf /etc /usr

After that, run the command shell in it:

lxc exec container -- bash
I have no name!@container1:~#

We execute the exit command and return to the main host. Restore container1 container from snapshot:

lxc restore container1 new

Run the command shell in the restored container:

lxc exec container1 -- bash
root@container1:#

Everything works the same as before!

In the above example, we examined the so-called stateless snapshots. In LXD there is another type of snapshots - stateful, in which the current state of all processes in the container is saved. A number of interesting and useful functions are associated with stateful snapshots.

To create stateful snapshots, we need to install the CRIU program (CheckPoint / Restore in Userspace). With its help, you can save the current state of all processes, and then restore them at least on the current, at least on another machine.
In Ubuntu 16.04, the CRIU utility is installed using the standard package manager:

apt-get install criu

After that, you can proceed to create snapshots:

lxc snapshot container1 snapshot1 --stateful

In some situations, such snapshots can be very useful. Imagine, for example, that we need to restart the server on which one or more containers are running. In order not to restart everything after rebooting, but to continue from the interrupted place, it is enough to do:

# перед перезагрузкой
lxc stop container1 --stateful
#после перезагрузки
lxc start container1

Based on stateful snapshots, a mechanism for live migration of containers has been implemented , which is still in a somewhat raw state.

Conclusion


LXD is a convenient container management system with a number of useful features. We hope that the LXD project will be successfully developed and will take its rightful place among modern containerization tools.

If you have practical experience using LXD, welcome to comment.
If you for one reason or another can not comment on posts here - welcome to our corporate blog .
Naturally, within the framework of one article, it is hardly possible to talk about all the functions of LXD. For those who want to know more, here are some useful links:


Also popular now: