Skip to content

[!warning] WARNING: THIS NEEDS SOME LOVE
I wrote it back 2019 and I can do this without LXD now
NOTE If you want to use LXD this should still work

Building a Lxc inside of a Lxc

Step 0

We'll need the following to get started

  • LXD
  • LXC setup with in LXD
  • Our LXC setup to allow nesting

If you don't have snapd or lxd setup you'll need to do that now

sudo yum/apt install -y snap snapd
sudo snap install lxd
sudo lxd-init

Step 1

NOTE: If you want to work with LXD/LXC without sudo then add your self of the LXD group

sudo groupadd lxd
sudo usermod -aG lxd $USER
sudo lxc launch images:centos/7 NAMEHERE -c security.nesting=true -c security.privileged=true
sudo lxc exec NAMEHERE -- bash

Step 2

yum update
yum install -y epel-release
yum update
yum install -y lxc lxc-templates lxc-extra
lxc-create -n CONTAINERNAMEHERE -t centos

Now that this is done you'll have a shinny new container!

Now let's prepare it!

Step 3

cd /var/lib/lxc/CONTAINERNAMEHERE
chroot rootfs /bin/bash
yum update
# ** ANY SPECIAL CONFIGURATIONS SHOULD BE DONE HERE E.G. **
yum clean all
yum history new
for x in `find /var/log/ -type f` ; do truncate -s 0 $x ; done
for x in `find /home/ -type f -name .bash_history` ; do truncate -s 0 $x ; done
for x in `find /root/ -type f -name .bash_history` ; do truncate -s 0 $x ; done
CTRL+D

Once you have everything installed you'll want to edit the config file however you need it then tar it up.

tar --numeric-owner -czvf ../CONTAINERNAMEHERE.tar.gz ./

This does two things:

  • It compresses everything including the config
  • two it preserves all the permissions on the rootfs.

Step 4

To restore the container on another system you'll need to make sure that the path exists e.g. mkdir -p /var/lib/lxc/CONTAINERNAMEHERE and place the CONTAINERNAMEHERE.tar.gz into it. Then extract the tarball

tar --numeric-owner -xzvf CONTAINERNAMEHERE.tar.gz
lxc-ls #Should show CONTAINERNAMEHERE
lxc-start --name CONTAINERNAMEHERE #Should start it
lxc-info --name CONTAINERNAMEHERE #Should show that it is running

That's it! Enjoy!