Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
lxc_openwrt_host [2021/09/19 08:53] – add shares darksky2lxc_openwrt_host [2021/09/22 08:05] – [Setup on the OpenWRT host] darksky2
Line 15: Line 15:
 This example was using OpenWRT ARM64 MVEBU ESPRESSOBIN et ESPRESSOBIN ULTRA.  It has also been verified on a OpenWRT aarch64 Raspberry Pi4 B. This example was using OpenWRT ARM64 MVEBU ESPRESSOBIN et ESPRESSOBIN ULTRA.  It has also been verified on a OpenWRT aarch64 Raspberry Pi4 B.
  
-==== Install some necessary tools ==== +[[https://forum.openwrt.org/t/openwrt-arm64-quick-lxc-howto-guide-lms-in-debian-system-in-lxc-container/99835|Original Forum Topic]] 
-<code>opkg install xz tar gnupg</code> +==== Setup on the OpenWRT host ==== 
- +Install some necessary tools and prerequisites: 
-==== Install some necessary kernel modules ====+<code>opkg install xz tar gnupg cgroupfs-mount cgroup-tools</code>
  
 +Install the needed kernel modules:
 <code>opkg install kmod-ikconfig kmod-veth</code> <code>opkg install kmod-ikconfig kmod-veth</code>
  
-==== Install some cgroups necessary tools ==== +Install the core lxc packages: 
-<code>opkg install cgroupfs-mount cgroup-tools</code>+<code>opkg install lxc-start lxc-stop lxc-create lxc-attach lxc-destroy lxc-config lxc-ls getopt</code> 
 + 
 +FIXME: Note that getopt should be a package dependency, see: [[https://github.com/openwrt/packages/issues/16684|#16684]] is fixed. 
 + 
 +Additional packages exist that can add functionality but that aren't strictly required.  Find them with: 
 +<code>opkg list | grep lxc</code> 
 + 
 +FIXME: Note that until [[https://github.com/openwrt/packages/pull/16660|PR#16660]] is merged, users of 21.02 will have to complete this extra step.  Users of snapshot builds newer than 20-Sep-2021 can skip this next step.
  
-==== Install all lxc stuff ==== +Edit ''/usr/share/lxc/config/common.conf'' and comment out all lines relating to legacy cgroup configuration: 
-<code>opkg install liblxc luci-app-lxc lxc lxc-attach lxc-auto lxc-autostart lxc-cgroup lxc-checkconfig lxc-common lxc-config lxc-configs lxc-console lxc-copy lxc-create lxc-destroy lxc-device lxc-execute lxc-freeze lxc-hooks lxc-info lxc-init lxc-ls lxc-monitor lxc-monitord lxc-snapshot lxc-start lxc-stop lxc-templates lxc-top lxc-unfreeze lxc-unprivileged lxc-unshare lxc-user-nic lxc-usernsexec lxc-wait rpcd-mod-lxc</code>+<code>sed -i s/lxc.cgroup.devices/#lxc.cgroup.devices/ /usr/share/lxc/config/common.conf</code>
  
-==== Check your kernel config ==== +Optionally check the kernel config to see if anything required is missing: 
-<code>root@ultra:~# lxc-checkconfig +<code>root@ultra:~# opkg install lxc-checkconfig 
 +# lxc-checkconfig 
 LXC version 4.0.5 LXC version 4.0.5
 --- Namespaces --- --- Namespaces ---
Line 91: Line 100:
 usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig</code> usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig</code>
  
-==== Create a LXC container for LMS based on Debian BUSTER ==== +In order to download distro images for the guest, we need to either
-<code>root@ultra:~# lxc-create --name myLMS --template download -- --dist debian --release buster --arch arm64 +  - Use a keyserver on the host which requires additional setup, or
-Setting up the GPG keyring +
-ERROR: Unable to fetch GPG key from keyserver +
-lxc-createmyLMS: lxccontainer.c: create_run_template: 1616 Failed to create container from template +
-lxc-create: myLMS: tools/lxc_create.c: main: 319 Failed to create container myLMS</code> +
- +
-==== Fix the Unable to fetch GPG key from keyserver ==== +
-There are two possible solutions to this. +
-  - Use a keyserver on the host+
   - Disable validation (not recommended)   - Disable validation (not recommended)
  
-=== 1. Use a keyserver on the host ====+To verify signature of the images, we need to install some additional packages which can be remove after the guest is setup: 
 +<code>opkg install gnupg2-utils gnupg2-dirmngr</code>
  
-<code>opkg install gnupg2-utils gnupg2-dirmngr +Alternatively, just use the **--no-validate** switch in the command when setting up the container.  This is potentially dangerous and insecure.
-root@ultra:~# DOWNLOAD_KEYSERVER="pgp.mit.edu" lxc-create --name myPOD --template download -- --dist debian --release buster --arch arm64 +
-Setting up the GPG keyring +
-Downloading the image index +
-Downloading the rootfs +
-Downloading the metadata +
-The image cache is now ready +
-Unpacking the rootfs +
-</code>+
  
-=== 2. Disable gpg validation === +Example: 
-<code>root@ultra:~# lxc-create --name myLMS --template download -- --dist debian --release buster --arch arm64 --no-validate +<code>root@ultra:~# lxc-create --name myLMS --template download -- --no-validate</code>
-Downloading the image index +
-WARNING: Running without gpg validation! +
-Downloading the rootfs +
-Downloading the metadata +
-The image cache is now ready +
-Unpacking the rootfs+
  
---- +==== Create LXC container ==== 
-You just created Debian buster arm64 (20210623_05:24) container.+There are many different distros available for installation Search for your favorite distro from the supported ones with this command: 
 +<code>lxc-create --name myLMS --template download -- --list --no-validate</code>
  
-To enable SSH, run: apt install openssh-server +This guide will use Debian Buster selected by pre-specifying the distro, release, and architecture via switches, but it is possible to simply omit these three and select them interactively as well.
-No default root or user password are set by LXC.</code>+
  
-==== List container and status ====+<code>root@ultra:~# lxc-create --name myLMS --template download -- --dist debian --release buster --arch arm64 
 +Setting up the GPG keyring 
 +ERROR: Unable to fetch GPG key from keyserver 
 +lxc-create: myLMS: lxccontainer.c: create_run_template: 1616 Failed to create container from template 
 +lxc-create: myLMS: tools/lxc_create.c: main: 319 Failed to create container myLMS</code> 
 + 
 +==== Container management ==== 
 + 
 +To list the installed containers and query their status, use **lxc-ls**:
 <code>root@ultra:~# lxc-ls -f <code>root@ultra:~# lxc-ls -f
 NAME  STATE   AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED  NAME  STATE   AUTOSTART GROUPS IPV4 IPV6 UNPRIVILEGED 
 myLMS STOPPED 0              -    -    false</code> myLMS STOPPED 0              -    -    false</code>
  
-==== Starting the container ====+Start and stop containers with **lxc-start** and **lxc-stop** respectively: 
 <code>root@ultra:~# lxc-start -n myLMS <code>root@ultra:~# lxc-start -n myLMS
 root@ultra:~# lxc-ls -f root@ultra:~# lxc-ls -f
Line 141: Line 138:
 myLMS RUNNING 0              -    -    false</code> myLMS RUNNING 0              -    -    false</code>
  
-==== Stopping the container ==== 
 <code>root@ultra:~# lxc-stop -n myLMS <code>root@ultra:~# lxc-stop -n myLMS
 root@ultra:~# lxc-ls -f root@ultra:~# lxc-ls -f
Line 147: Line 143:
 myLMS STOPPED 0              -    -    false</code> myLMS STOPPED 0              -    -    false</code>
  
-==== Networking in the container ====+Setup networking in the container:
 <code>root@ultra:~# nano /srv/lxc/myLMS/config <code>root@ultra:~# nano /srv/lxc/myLMS/config
 ... ...
Line 157: Line 153:
 lxc.net.0.hwaddr = 00:FF:DD:BB:CC:01</code> lxc.net.0.hwaddr = 00:FF:DD:BB:CC:01</code>
  
-==== Optionally mount a share from the OpenWRT host inside the guest ====+Optionally mount a share from the OpenWRT host inside the guest
 Make sure to create the path to the share in the container, then edit the container config adding the following line: Make sure to create the path to the share in the container, then edit the container config adding the following line:
 <code>lxc.mount.entry = /mnt/SHARE /srv/lxc/myLMS/rootfs/mnt/SHARE none bind,create=d</code> <code>lxc.mount.entry = /mnt/SHARE /srv/lxc/myLMS/rootfs/mnt/SHARE none bind,create=d</code>
Line 190: Line 186:
  
 ==== Auto start the container on OpenWRT host ==== ==== Auto start the container on OpenWRT host ====
-<code>uci show lxc-auto+<code>opkg install lxc-auto lxc-autostart 
 +uci show lxc-auto
 uci add lxc-auto container uci add lxc-auto container
 uci set lxc-auto.@container[-1].name=myLMS uci set lxc-auto.@container[-1].name=myLMS
  • Last modified: 2024/11/22 12:04
  • by levitatingbusinessman