当前位置: 首页 > 工具软件 > LXD > 使用案例 >

lxc lxd_如何在LXC和LXD中使用Linux容器

元阳荣
2023-12-01

lxc lxd

In the good old days, installing an operating system meant pulling together all the hardware components, firing your new computer up with an installation disk in a peripheral drive, and setting the installation process loose do its thing. The total elapsed time could run anywhere between hours and weeks.

在过去的好日子里,安装操作系统意味着将所有硬件组件放在一起,将新计算机与外围驱动器中的安装盘一起启动,并使安装过程变得松散。 总耗时可以在数小时到数周之间不等。

These days I can say to myself "I wouldn't mind testing that on a server running a particular version of CentOS" and - depending on a number of variables and assuming the original image has already been downloaded - I can have a fully-functioning virtual system ready within 30 seconds. Your exact results may vary, but not by that much.

这些天,我可以对自己说:“我不介意在运行特定版本CentOS的服务器上进行测试”,并且-根据许多变量并假设已经下载了原始映像-我可以拥有功能齐全的在30秒内准备好虚拟系统。 您的确切结果可能有所不同,但相差不大。

You can see how all this works in my new Pluralsight "Linux System Optimization" course - on which this article is based.

您可以在本文所基于的新的Pluralsight“ Linux系统优化”课程中了解所有这些方法。

What's been driving all this change? Virtualization. And, in particular, container virtualization.

是什么推动了所有这些变化? 虚拟化。 尤其是容器虚拟化。

A virtualized OS is a file system containing all the software libraries, binaries, and configuration files you would need to launch a traditional machine. It's just that this particular file system isn't stored in the root or boot partition that your computer would read as it powers on, but on some other part of your storage volume.

虚拟操作系统是一个文件系统,其中包含启动传统计算机所需的所有软件库,二进制文件和配置文件。 只是这个特定的文件系统没有存储在计算机开机时会读取的根分区或引导分区中,而是存储在存储卷的其他部分。

And "powering up" your virtual computer happens when some software cleverly fools the files into thinking they're running all by themselves on their own hardware, when they're really sharing space and resources with the host operating system and, perhaps, some other virtual computers.

当某些软件巧妙地愚弄文件以使其认为它们完全在自己的硬件上运行时,与主机操作系统以及其他可能共享空间和资源的虚拟机时,就会“启动”虚拟计算机。虚拟计算机。

Broadly speaking, there are two kinds of software systems used for server virtualization administration: hypervisor and container.

广义上讲,用于服务器虚拟化管理的软件系统有两种:虚拟机管理程序和容器。

Hypervisors provide a layer of abstraction that permits guest VMs to create an isolated environment with access to the system hardware that emulates a bare metal server. This means that hypervisor VMs can be built from any operating system compatible with your underlying hardware. But it also means that they'll use up more space and more memory and compute resources.

系统管理程序提供了一个抽象层,该层允许来宾VM创建隔离的环境,并可以访问模拟裸机服务器的系统硬件。 这意味着可以从与基础硬件兼容的任何操作系统中构建虚拟机监控程序VM。 但这也意味着他们将占用更多的空间,更多的内存和计算资源。

容器虚拟化 (Container Virtualization)

Containers, on the other hand, share the host computer's OS kernel and exist within carefully secured and isolated spaces managed by system tools like cgroups. Because they share the kernel, the memory and system resources consumed by containers can be truly minimal, with absolutely nothing wasted. And, as you'll see, the speeds you'll get running container applications will be breathtaking.

另一方面,容器共享主机计算机的OS内核,并存在于由cgroups等系统工具管理的精心保护和隔离的空间内。 因为它们共享内核,所以容器消耗的内存和系统资源可以真正减少到最小,绝对没有浪费。 而且,您将看到,运行容器应用程序的速度将令人叹为观止。

A lot of container-related attention over the past few years has been focused on Docker and, more recently, Google's container orchestration tool, Kubernetes. In fact, Kubernetes is well suited for enterprise-scale microservices architectures.

过去几年中,与容器相关的很多关注都集中在Docker上,最近,谷歌的容器编排工具Kubernetes也得到了关注。 实际上,Kubernetes非常适合企业级微服务架构。

But there's an older and, arguably, more mature implementation of the container model that hasn't gone anywhere. The Linux Container Project, LXC, and its more recent toolset, LXD, have strengths that many would argue make it a better candidate for some use cases than Kubernetes. In particular, LXC excels at building light and fast sandboxed environments for testing and application development.

但是,容器模型有一个较旧的,可以说是更成熟的实现,它没有任何地方可用。 Linux容器项目LXC及其最新的工具集LXD具有许多人认为比Kubernetes更适合某些用例的优势。 特别是,LXC擅长为测试和应用程序开发构建轻便,快速的沙盒环境。

In this article, I'm going to show you how to install LXD, how to prepare and launch a simple container running the ultra-small Alpine Linux, and then how to open a shell session within your new container. I'll also explain how to find and launch multiple versions of other distributions.

在本文中,我将向您展示如何安装LXD,如何准备和启动运行超小型Alpine Linux的简单容器,以及如何在新容器中打开Shell会话。 我还将说明如何查找和启动其他发行版的多个版本。

One thing I can tell you right away is that whenever I teach LXC, students respond with amazement at how powerful and efficient using containers can be.

我可以立即告诉您的一件事是,每当我教LXC时,学生都会惊讶地意识到使用容器的强大和高效。

When we're done with all this, you'll be able to fire up machines to hands-on test out whatever it is you're learning or working within seconds. When an experiment goes bad, you can instantly shutdown and remove a container and build another one to replace it. There's simply no longer any excuse not to learn.

当我们完成所有这些工作后,您就可以启动计算机,在几秒钟内动手测试您正在学习或正在研究的内容。 如果实验失败了,您可以立即关闭并卸下一个容器,然后建造另一个容器来替换它。 根本不再有任何不学习的借口。

建造LXD集装箱 (Building LXD Containers)

We're going to get LXC running working on a fresh install of an Ubuntu 18.04 machine. In this demo, we'll install and initialize an LXD environment and then use the LXD version of the LXC command line interface to download and launch an Alpine Linux container. We'll confirm everything worked and then take a bit of a look around to see how the environment is populated.

我们将使LXC在全新安装的Ubuntu 18.04计算机上运行。 在此演示中,我们将安装并初始化LXD环境,然后使用LXC命令行界面的LXD版本下载并启动Alpine Linux容器。 我们将确认一切正常,然后再四处看看以了解环境的填充方式。

I'm going to use the snap package manager to install LXD because that's now the official recommendation. And not just for LXD, mind you: all kinds of applications are drifting to alternate managers like snap or AppImmage and Flatpak. I still love my Debian aptitude, but you can't fight the whole world.

我将使用快照软件包管理器来安装LXD,因为现在这是官方建议。 不仅限于LXD,还请注意:各种应用程序都在转移到备用管理器,例如snap或AppImmage和Flatpak。 我仍然爱我的Debian才能,但是你不能与全世界抗争。

$ sudo snap install lxd

LXD - which, again, is an updated toolset designed to manage the LXC API - comes in a package that includes all the regular LXC dependencies. One install command and we're done.

LXD(又是用于管理LXC API的更新工具集)包含在包含所有常规LXC依赖项的软件包中。 一个安装命令,我们完成了。

It's important to initialize the LXC environment using the lxd init command. You could set things up yourself manually, but you're more likely to get it all right this way. The init process will ask you a bunch of questions and, for now at least, the default answers will all work.

使用lxd init命令初始化LXC环境非常重要。 您可以自己手动设置,但是更可能以这种方式解决。 初始化过程将询问您很多问题,并且至少到目前为止,默认答案都可以使用。

$ sudo lxd init

Once that's done, we're ready to build your first container. Whichever Linux distribution and version we want, we'll need to find and download the image. The LXC project maintains a repository of quite a range of images at images.linuxcontainers.org. You can see that there are usually multiple versions of each distro, permitting you to build containers that'll work with just about any software you can throw at it.

完成后,我们就可以构建您的第一个容器。 无论我们想要哪个Linux发行版和版本,我们都需要查找并下载该映像。 LXC项目在images.linuxcontainers.org上维护了很多图像的存储库。 您可以看到每个发行版通常有多个版本,从而允许您构建可以与几乎所有可以投放到其上的软件一起使用的容器。

I'm going to use the latest version of Alpine Linux because it's really small. Feel free to use any image you like - including the big boys like Ubuntu and CentoOS. Alpine, of course, will download very quickly.

我将使用最新版本的Alpine Linux,因为它确实很小。 随意使用任何您喜欢的映像-包括像Ubuntu和CentoOS这样的大男孩。 当然,Alpine将很快下载。

But before we do that, I should tell you how to figure out the command line syntax necessary to get your image.

但是在我们这样做之前,我应该告诉您如何弄清楚获取图像所需的命令行语法。

As you can see in this screen shot from the LXD website, you can get three pieces of information you'll need from the page itself: the name of the distro - Alpine, in this case - the release number - 3.10 - and the architecture. We're after amd64.

从LXD网站的此屏幕快照中可以看到,您可以从页面本身获取三点信息:发行版的名称-Alpine(在这种情况下-发行版编号-3.10)以及体系结构。 我们追求amd64。

We're now ready to trigger the download by running the launch command:

现在,我们准备通过运行launch命令来触发下载:

$ sudo lxc launch images:alpine/3.10/amd64 demo

Notice how the syntax is "lxc" even though this is technically an LXD interface. "images" tells LXC that our image lives in the public repo we saw earlier. Our three bits of data - the distro name, release number, and architecture, are entered separated by forward slashes. I'll use "demo" as the name of my container. That should be all we need.

请注意,即使从技术上讲这是LXD接口,语法也是如此“ lxc”。 “图像”告诉LXC我们的图像存在于我们之前看到的公共回购中。 输入我们的三位数据-发行版名称,发行版号和体系结构,并用正斜杠分隔。 我将使用“ demo”作为容器的名称。 那应该是我们所需要的。

You can see how small Alpine is by how quickly it downloads. My internet connection isn't that fast and I haven't played any games with the recording. To confirm that it worked, I'll run "lxc ls" to list all the containers currently installed. There's just the one. And its current status is "running".

您可以通过下载速度来了解Alpine的大小。 我的互联网连接速度不是那么快,并且我还没有玩过带有录音的游戏。 为了确认它是否有效,我将运行“ lxc ls”以列出当前安装的所有容器。 只有一个。 其当前状态为“正在运行”。

sudo lxc ls
+------+---------+----------------------+------------+-----------+
| NAME |  STATE  |         IPV4         |    TYPE    | SNAPSHOTS |
+------+---------+----------------------+------------+-----------+
| demo | RUNNING | 10.125.45.119 (eth0) | PERSISTENT | 0         |
+------+---------+----------------------+------------+-----------+

You can open a non-login root session in a container using the "lxc exec" command. Just specify the container name and then tell LXC that you want to run a shell using the sh interpreter (you might prefer /bin/bash if you're working with an Ubuntu or CentOS container - your call either way). As you'll be able to see for yourself if you're following along at home, we've got a normal Linux command prompt and anything Linux-y is now possible.

您可以使用“ lxc exec”命令在容器中打开非登录根会话。 只需指定容器名称,然后告诉LXC您想使用sh解释器运行shell(如果您使用的是Ubuntu或CentOS容器,则可能更喜欢/bin/bash -无论哪种方式调用)。 因为您可以自己查看是否在家中跟随,所以我们有一个正常的Linux命令提示符,并且现在可以执行任何Linux-y了。

$ sudo lxc exec demo sh
~ #

You could also run a single command without opening a full shell by typing the command instead of this sh.

您也可以通过键入命令而不是sh来运行单个命令而无需打开完整的外壳。

$ sudo lxc exec demo ls /
bin    etc    lib    mnt    proc   run    srv    tmp    var
dev    home   media  opt    root   sbin   sys    usr

You can bail out of the shell any time you like using exit and return to your host. Here, besides listing running containers, I can also list any storage pools. The default pool that was created during initialization is there, and we can see where the disk image is stored. /var/lib/lxd is, by default, where all LXC resources are kept.

您可以在需要退出时随时exit外壳并返回主机。 在这里,除了列出正在运行的容器外,我还可以列出任何存储池。 初始化期间创建的默认池在那里,我们可以看到磁盘映像的存储位置。 默认情况下,/ var / lib / lxd是保留所有LXC资源的位置。

$ sudo lxc storage ls
+---------+-------------+--------+--------------------------------+---------+
|  NAME   | DESCRIPTION | DRIVER |             SOURCE             | USED BY |
+---------+-------------+--------+--------------------------------+---------+
| default |             | btrfs  | /var/lib/lxd/disks/default.img | 3       |
+---------+-------------+--------+--------------------------------+---------+

I can similarly list all my networks. There happen to be a few network bridges on this system (I've been playing around a bit, as you can see). There's also the physical enp0s3 bridge used by the host Ubuntu server. Although between you and me, that one's not physical either, as this is actually a VM running in Oracle's Virtual Box.

我可以类似地列出我的所有网络。 这个系统上碰巧有一些网桥(如您所见,我一直在玩一些)。 主机Ubuntu服务器还使用了物理enp0s3桥。 尽管在您我之间,但那也不是物理上的,因为这实际上是在Oracle Virtual Box中运行的VM。

$ lxc network ls
+---------+----------+---------+-------------+---------+
|  NAME   |   TYPE   | MANAGED | DESCRIPTION | USED BY |
+---------+----------+---------+-------------+---------+
| enp0s3  | physical | NO      |             | 1       |
+---------+----------+---------+-------------+---------+
| lxdbr0  | bridge   | YES     |             | 1       |
+---------+----------+---------+-------------+---------+
| mynet   | bridge   | YES     |             | 0       |
+---------+----------+---------+-------------+---------+
| testbr0 | bridge   | YES     |             | 1       |
+---------+----------+---------+-------------+---------+

If we needed to, we could easily add a new virtual interface to our container using the "lxc network attach" command. Here, I'll specify the physical network and then the name of our container.

如果需要,我们可以使用“ lxc networkattach”命令轻松地将新的虚拟接口添加到我们的容器中。 在这里,我将指定物理网络,然后指定容器的名称。

$ lxc network attach enp0s3 demo

With that done, you could open a new shell in the container to see what's changed. There should now be an eth1 interface listed. You may need to reboot for all the changes to take full effect. By doing that you can also marvel at just how fast this thing can reboot itself - for all intents and purposes, it'll happen faster than you can type your exec command to open a new shell.

完成此操作后,您可以在容器中打开新的外壳以查看更改。 现在应该列出了eth1接口。 您可能需要重新引导才能使所有更改完全生效。 通过这样做,您还可以惊叹于此东西可以自动重启的速度-出于所有目的和目的,它发生的速度比键入exec命令打开新Shell的速度要快。

Enjoy your new environment!

享受您的新环境!

This article is based on content in my Pluralsight course, "Linux System Optimization." There's much more administration goodness in the form of books, courses, and articles available at bootstrap-it.com.

本文基于我的Pluralsight课程“ Linux System Optimization”中的内容 bootstrap-it.com上提供了书籍,课程和文章形式的管理优势。

翻译自: https://www.freecodecamp.org/news/linux-containers-lxc-lxd/

lxc lxd

 类似资料: