[!warning] WARNING: THIS NEEDS SOME LOVE
I wrote it back 2019 and I can do this without LXD now
NOTE If you want to use LXD this should still work
Building a Lxc inside of a Lxc
Step 0
We'll need the following to get started
- LXD
- LXC setup with in LXD
- Our LXC setup to allow nesting
If you don't have snapd or lxd setup you'll need to do that now
Step 1
NOTE: If you want to work with LXD/LXC without sudo then add your self of the LXD group
sudo lxc launch images:centos/7 NAMEHERE -c security.nesting=true -c security.privileged=true
sudo lxc exec NAMEHERE -- bash
Step 2
yum update
yum install -y epel-release
yum update
yum install -y lxc lxc-templates lxc-extra
lxc-create -n CONTAINERNAMEHERE -t centos
Now that this is done you'll have a shinny new container!
Now let's prepare it!
Step 3
cd /var/lib/lxc/CONTAINERNAMEHERE
chroot rootfs /bin/bash
yum update
# ** ANY SPECIAL CONFIGURATIONS SHOULD BE DONE HERE E.G. **
yum clean all
yum history new
for x in `find /var/log/ -type f` ; do truncate -s 0 $x ; done
for x in `find /home/ -type f -name .bash_history` ; do truncate -s 0 $x ; done
for x in `find /root/ -type f -name .bash_history` ; do truncate -s 0 $x ; done
CTRL+D
Once you have everything installed you'll want to edit the config file however you need it then tar it up.
This does two things:
- It compresses everything including the config
- two it preserves all the permissions on the rootfs.
Step 4
To restore the container on another system you'll need to make sure that the path exists e.g. mkdir -p /var/lib/lxc/CONTAINERNAMEHERE and place the CONTAINERNAMEHERE.tar.gz into it. Then extract the tarball
tar --numeric-owner -xzvf CONTAINERNAMEHERE.tar.gz
lxc-ls #Should show CONTAINERNAMEHERE
lxc-start --name CONTAINERNAMEHERE #Should start it
lxc-info --name CONTAINERNAMEHERE #Should show that it is running
That's it! Enjoy!