Building and managing techniques for Linux container tools (LXC)

Source: Internet
Author: User
Keywords LINUX LXC container Tools
Tags aliyun control controlling cpu developed distribution entered the group

The original LXC technology was developed by IBM and has now entered the core of the Linux kernel, which means that LXC technology will be the most competitive lightweight virtual container technology at the moment, and this article will http://www.aliyun.com/zixun/aggregation/ 32779.html "" is a step-by-step introduction to the method of building and managing Linux containers. The Linux distribution version used in this article is Ubuntu 12.04.

The LXC project consists of a Linux kernel patch and some user space (userspace) tools. These tools provide a simplified set of tools to maintain the container using the new kernel features added by the patch. The Linux kernel version of the 2.6.29 version already contains most of the functionality provided by the patch. Therefore, it is highly recommended to use the latest kernel source code. LXC relies on the Linux kernel's cgroups (Control Groups) system in Resource management, cgroups system is a framework for resource management based on process groups provided by the Linux kernel, which can qualify resources for specific process groups. It was originally proposed by Google's engineers and was later integrated into the Linux kernel. Cgroups is also LXC for the realization of the use of virtualization resources management means, can be said that there is no cgroups LXC. The Cgroups file system structure is shown in Figure 1.

Figure 1.cgroups File System architecture

Explanation of relevant nouns

Control group: Controlling groups is a set of processes that are divided by some standard. The resource control in Cgroups is realized by controlling ethnic groups. A process can be added to a control group, or it can be migrated to another control group.

Hierarchy (Hierarchy). The control group can be organized into hierarchical form, a control group tree. Controlling the child nodes in the tree of the group is the child of the parent control group, which inherits the specific attributes of the parent control group.

Subsystem (SUBSYTEM). A subsystem is a resource controller, such as a central processing unit subsystem that controls the CPU time allocation. Subsystems must be attached (attach) to a hierarchy to function, and after a subsystem is attached to a hierarchy, all control groups at this level are controlled by this subsystem. Mainly includes the following 9 subsystems:

Blkio: This subsystem sets the input/output limits for block devices, such as physical devices (disks, solid-state drives, USB, etc.). CPU: This subsystem uses a scheduler to provide Cgroup mission access to the CPU. CPUACCT: This subsystem automatically generates the CPU reports used by the tasks in Cgroup. Cpuset: This subsystem assigns independent central processing units (in multicore systems) and memory nodes to tasks in Cgroup. Devices: This subsystem allows or rejects the task access devices in Cgroup. Freezer: This subsystem hangs or restores tasks in Cgroup. Memory: This subsystem sets the memory limits used for tasks in cgroup and automatically generates the memory resource reports that are used by those tasks. NET_CLS: This subsystem uses a level identifier (CLASSID) to mark network packets, allowing the Linux Traffic Control Program (TC) to identify the packets generated from the specific cgroup. The Ns:ns subsystem provides a way to group processes into different namespaces. In a specific namespace, processes can interact with each other but are isolated from processes running in other namespaces. These separate namespaces are sometimes referred to as containers when used for virtualization at the operating system level.

Build the first LXC virtual computer

The Linux distribution used in this article is Ubuntu 12.10, which installs the package first:

#apt-get Install LXC

After installing the package to check the Linux distribution's kernel for LXC support, you can use the following command Lxc-checkconfig view, see Figure 2.

Figure 2.lxc-checkconfig Command

After the lxc-checkconfig command check, if all items display a "enabled" representation, you can use LXC directly.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.