Kernel Virtualization Technology--LXC first Experience

First, Cgroups1.1 Introduction

Cgroup is the abbreviation for control group. Initially started by Google's engineers (mainly Paul Menage and Rohit Seth) in 2006 with the name "Process containers", renamed "Control Group" later in 2007 and was incorporated into the 2.6. Version 24 kernel, now a feature in the Linux kernel, is a mechanism that the Linux kernel provides to restrict, record, and isolate the physical resources used by the process group (e.g. CPU, Memory, I/O, etc.).

1.2 Effects

Cgroup is used to associate one or more processes to a "process group", and can be unified to monitor and manage containers, resulting in a unified architecture for resource management. Depending on the needs of monitoring or management, there are likely to be multiple cgroup on a running system, and these cgroup are organized into hierarchical structures similar to multiple inverted tree structures. In fact, Cgroups is a resource control mechanism, and the smallest unit of resource allocation is the so-called subsystem--, a resource controller that divides resources into a variety of different types (CPU, memory, Disk input and output, etc.) and associate these types of resources to the Cgroup specified in the hierarchy to implement the resource allocation.

Note: Cgroups is the underlying foundation of the Resource Management Control section for IaaS virtualization (KVM, LXC, etc.), PAAs container sandbox (docker, etc.)

Ii. introduction of lxc2.1

LXC is the acronym for Linux container, providing lightweight virtualization, a container-based operating system-level virtualization technology. Lightweight virtualization technology without hypervisor is implemented using the features of the new Linux kernel (cgroups, etc.). Containers can effectively divide resources managed by a single operating system into isolated groups to better balance conflicting resource usage requirements among orphaned groups.

LXC can virtualize a complete system environment (ROOTFS) or provide a virtualized runtime environment for only a single or multiple applications. In terms of usage, it is more like an enhanced version of the CHROOT environment, providing a virtual environment with its own process and network space.

2.2 Advantages

• Use the same kernel with host, the performance loss is small;

• Lightweight isolation, while also providing a sharing mechanism in isolation, in order to achieve the container and host resource sharing;

• The container can run instructions locally on the CPU core without any special explanation mechanism;

Iii. LXC Instructions for use 3.1 LXC command introduction

• Lxc-create Creating a virtual machine

-T: Specifies which template to create the virtual machine from

-N: Specify the name of the virtual machine

• Lxc-checkconfig Check the operating environment and configuration information

• Lxc-start turning on the virtual machine

-N: Specify the virtual machine name

-D: Indicates that the virtual machine is running in the background

• Lxc-stop shutting down a virtual machine

Note: Detailed usage of the command other parameters can be viewed in the Help information

3.2 Lxc's Template description

By default, LXC's template storage path is/usr/share/lxc/templates/, which contains templates for each operating system, and for CentOS, the default installation is to minimize the operating system installation. And when using the template installation will need to connect its internal point to the network to download the installation, if necessary, you can modify the parameters inside to point to our internal Yum warehouse for installation.

3.3 LXC default installation path for virtual machines

LXC installed virtual machines are installed under the/VAR/LIB/LXC path by default.

3.4 LXC Default configuration information

When you create a virtual machine, you read a configuration message by default, and the configuration information file is/etc/lxc/default.conf

[Email protected] templates]# Vim/etc/lxc/default.conflxc.network.type = veth # The virtual machine that is created is the name of the network card named Lxc.network.link = Virbr0 #指定所使用的桥接网卡的名字lxc. network.flags = up #网络的状态信息

3.5 Other needs to know

When the CentOS is installed, the system automatically generates a root password, and the path to the password file is the virtual machine you installed under/VAR/LIB/LXC, which has a file named Tmp_root_pas, which holds the root default password information

Iv. use of lxc-1.0.5 on CentOS 6.5

We all know that installing virtual machines on VMware requires a network called bridging, which is designed to allow other hosts to access virtual machines in VMware, and when the VMware Workstation is installed, the program installs the virtual network card by default to allow the virtual host to communicate.

To install virtualization software on CentOS, in order for the virtual machines in the system to access the network, we also need to use a similar method, the physical network card Virtual Switch, also known as the bridge.

4.1 Required Packages

• Bridge-utils #CentOS下网桥管理工具所需的依赖包

• lxc-1.0.5-1.e16.x86_64.rpm #lxc程序包

• LXC-LIBS-1.0.5-1.E16.X86_64.RPM # LXC Required library file package

• Libcgroup #Cgroup程序包

4.2 Install the required dependency packages

1. Install the Bridge-utils package

[email protected] ~]# Yum install bridge-utils-y

2. Install the Libcgroup package

[Email protected] ~]# yum-y install Libcgroup

3. Package and library file packages required to install LXC

[Email protected] ~]# yum-y install lxc-libs-1.0.5-1.el6.x86_64.rpm lxc-1.0.5-1.el6.x86_64.rpm

4.3 steps

1. Turn off the NetworkManager service and turn off the auto-start function.

Note: The NetworkManager does not support the bridge function, so it must be turned off and the boot will not start automatically

[[Email protected] ~]# service NetworkManager stop #关闭服务 [[email protected] ~]# chkconfig NetworkManager off #关闭自动开机启动

2. Start the Network service and Cgconfig service, and make sure the boot starts automatically.

[[Email protected] ~]# service network Start[[email protected] ~]# service cgconfig start[[email protected] ~]# chkconfig Cgconfig on

3. Add a configuration file for the virtual Bridge interface Ifcfg-br0

[Email protected] ~]# Cp/etc/sysconfig/network-scripts/ifcfg-eth0/etc/sysconfig/network-scripts/ifcfg-br0 # You can copy the eth0 template to Br0[[email protected] ~]# vim/etc/sysconfig/network-scripts/ifcfg-br0 by copying it #修改br0配置

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459418868343371.jpg "title= "1459418868343371.jpg" alt= "111.jpg"/>

4. Connect the bridged physical network adapter to the previously defined bridging device

[Email protected] ~]# Vim/etc/sysconfig/network-scripts/ifcfg-eth0

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419454697052.jpg "title= "1459419454697052.jpg" alt= "1.jpg"/>

5. Restart the Network Service

[Email protected] ~]# service network restart

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419517230337.jpg "title= "1459419517230337.jpg" alt= "2.jpg"/>

#正常而言ssh远程连接是不应该被断开的 because its network card has changed to a bridged network normally.

6, check the current network card device information, BR0 has been used normally.

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419562417306.jpg "title= "1459419562417306.jpg" alt= "3.jpg"/>

7. Modify the default configuration information

[Email protected] templates]# Vim/etc/lxc/default.conflxc.network.type = Vethlxc.network.link = br0 # This corresponds to the name of the previously created bridge lxc.network.flags = up

8. Check LXC Configuration and environment

[Email protected] templates]# Lxc-checkconfig

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419600516925.jpg "title= "1459419600516925.jpg" alt= "4.jpg"/>

9. Configure Lxc-centos Templates

Because by default, when you use the Lxc-centos template, the corresponding system-installed packages are downloaded from the Internet, and if your virtual machine is unable to connect to the Internet, you can point the access path to the local Yum repository for installation.

[Email protected] mnt]# vim/usr/share/lxc/templates/lxc-centos[base]name=centos-$release-basebaseurl=file:///mnt

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419660861543.jpg "title= "1459419660861543.jpg" alt= "5.jpg"/>

Note: Because update is not used here, the [UPDATE] field has been deleted and, if necessary, can be re-added to the specified

10. Create a CentOS virtual machine

[Email protected] ~]# lxc-create-n centos6-t/usr/share/lxc/templates/lxc-centos

#指定虚拟机的名称为centos6

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419682817036.jpg "title= "1459419682817036.jpg" alt= "6.jpg"/>

11. Set Root Password

[Email protected] ~]# Chroot/var/lib/lxc/centos6/rootfs passwd

12. Start the virtual machine

[Email protected] mnt]# lxc-start-n CENTOS6

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419719733149.jpg "title= "1459419719733149.jpg" alt= "7.jpg"/>

Note: If this is enabled directly, the virtual machine will occupy the current terminal, so you can add the –d parameter, enable it in the background, when the system is enabled, you can use SSH remote connection.

13. Testing

650) this.width=650; "src=" Http://www.178linux.com/ueditor/php/upload/image/20160331/1459419753698577.jpg "title= "1459419753698577.jpg" alt= "8.jpg"/>

At this point, you can operate on the virtual machine, such as restarting, shutting down, installing software, and so on.

This article is from the "Crab Learn Linux" blog, please be sure to keep this source http://windchasereric.blog.51cto.com/5419433/1759052

Kernel Virtualization Technology--LXC first Experience