The situation: you have rented this big server, and you want to utilize it better. But you don’t want to install all services together, rather you want to separate the various services into containers.
LXC is very useful for this purpose.
My LXC scripts help to make setting up a machine even easier.
The scripts are available at Github: https://github.com/tpokorra/lxc-scripts
These scripts have been tested on Ubuntu 14.04, and I recommend this for this exercise.
To install the LXC scripts, and LXC 1.0.x, you can install an Ubuntu package, see https://lbs.solidcharity.com/package/tpokorra/lbs/lbslxcscripts:
apt-get install apt-transport-https echo 'deb https://download.solidcharity.com/repos/tpokorra/lbs/ubuntu/trusty/ /' >> /etc/apt/sources.list apt-get update apt-get install lbslxcscripts |
The scripts now live in /root/scripts.
There are several scripts to create a virtual machine:
cd /root/scripts # ./initUbuntu.sh <release, default is precise> <arch, default is amd64> <autostart, default is 1> ./initUbuntu.sh 10-UbuntuDesktop 10 trusty ./initFedora.sh 20-FedoraDesktop 20 ./initCentos.sh 30-CentosDesktop 30 7 ./initDebian.sh 40-DebianMachine 40 wheezy |
Please note: I did not look into creating unprivileged containers yet!
These commands are useful for working with the containers:
# start the container lxc-start -d -n 30-CentosDesktop # list all containers lxc-ls -f # list all containers and their Linux distribution ./listcontainers.sh # login to the container ssh root@10.0.3.30 exit # stop the container lxc-stop -n 30-CentosDesktop #destroy the container lxc-destroy -n 30-CentosDesktop |
I want fixed IP addresses for my virtual machines. The IP address for container with ID 40 will be 10.0.3.40
To make a port available from the outside, you can call this:
# This will forward the port 2010 of the host machine to the container running at IP 10.0.3.10, port 22. ./tunnelport.sh 10 22 # This will forward the port 8010 of the host machine to the container running at IP 10.0.3.10, port 80. ./tunnelport.sh 10 80 |
For websites, I use Nginx on the host machine, to manage http and https (SSL) websites on a single IP:
# the host will listen for www.example.org and forward all traffic to 10.0.3.10 port 80 # SSL will be setup if these files exist: /var/lib/certs/www.example.org.crt and www.example.org.key ./initWebproxy.sh 10 www.example.org |
There is a script that backs up all LXC settings and IP Tables rules and Nginx configuration of your containers:
./backup.sh mybackup.com myusername |
This scripts will upgrade the host and all containers, depending on their Linux distribution. You can run it every night with a cronjob:
./upgradecontainers.sh |