In this article, I’ll show you how to setup and run a Linux Container using LXC.

Brief Introduction to Linux Containers

Containers are light-weight alternatives to Virtual Machines (VM).  Containers are light-weight because they share the same kernel with other containers running in the same machine.  The primary difference between a VM and a container is that a VM has its own Kernel Space but a container shares the Kernel Space with other containers running in the Host/Guest OS.  However, each VM and container has its own “unshared” User Space.  As a result, if a VM’s kernel crashes, only that VM reboots.  However, if a container’s shared kernel crashes all the other containers running in the system will go for a toss.  The implication of this is that, VM’s are naturally more secure than containers.

With this brief introduction about containers, let’s jump straight into the lab session to bring up and play with a container.

Linux Container Lab 101

First you need to install LXC package on your Linux system.  LXC provides the drivers and tools required to jump start a container.  I used Ubuntu version 14.04 LTS for this lab.  The commands may slightly vary if you are using a different distribution or version of Linux.


sudo apt-get install lxc

Please make sure that you have internet connection and a sudo permission to execute the above installation command which will look into the Ubuntu Linux Distribution Package repository in the web to download the LXC package.

Now you can try to create the LXC container using the following command.


sudo lxc-create -t download -n test-container

The “-t download” option will list you all the available distribution, version and architectures to choose from. For eg. I chose the following when it prompted.


$ sudo lxc-create -t download -n test-container
Setting up the GPG keyring
Downloading the image index

---
DIST	RELEASE	ARCH	VARIANT	BUILD
---
centos	6	amd64	default	20161105_02:16
centos	6	i386	default	20161105_02:16
centos	7	amd64	default	20161105_02:16
...
ubuntu	trusty	amd64	default	20161105_03:49
ubuntu	trusty	arm64	default	20161105_03:49
ubuntu	trusty	armhf	default	20161105_03:49
ubuntu	trusty	i386	default	20161105_03:49
ubuntu	trusty	powerpc	default	20161105_03:49
ubuntu	trusty	ppc64el	default	20161105_03:49
ubuntu	xenial	amd64	default	20161105_03:49
...
ubuntu	zesty	ppc64el	default	20161105_03:49
ubuntu	zesty	s390x	default	20161105_03:49
---

Distribution: ubuntu
Release: trusty
Architecture: amd64

Downloading the image index
Downloading the rootfs
...

Now that you have created a container, you should kickstart it using the following command.


$ sudo lxc-start -n test-container -d

The “-d” option in the above command starts the container as a daemon. Check if the container is running.


$ sudo lxc-ls -f
NAME            STATE    IPV4       IPV6  AUTOSTART  
---------------------------------------------------
test-container  RUNNING  10.0.3.21  -     NO  
     
$ sudo lxc-info -n test-container
Name:           test-container
State:          RUNNING
PID:            2399
IP:             10.0.3.21
CPU use:        1.28 seconds
BlkIO use:      21.27 MiB
Memory use:     27.55 MiB
KMem use:       0 bytes
Link:           veth5MGOCI
 TX bytes:      4.15 KiB
 RX bytes:      7.81 KiB
 Total bytes:   11.96 KiB
$

You can login to the container running as a daemon by attaching to its console using the following command.  The default login/password is: ubuntu/ubuntu


$ sudo lxc-console -n test-container
Ubuntu 14.04.5 LTS test-container tty1

test-container login: ubuntu
Password: 
...
ubuntu@test-container:~$ ls -l
total 0
ubuntu@test-container:~$ pwd
/home/ubuntu
ubuntu@test-container:~$ 

As you can see, a container gets its own User Space and you can execute any command you would normally execute on a bash shell. To exit from the console of a container, press Ctrl+A and Q.

If you want to shutdown the container, you can stop it using the following command.


$ sudo lxc-stop -n test-container
$ sudo lxc-ls -f
NAME            STATE    IPV4  IPV6  AUTOSTART  
----------------------------------------------
test-container  STOPPED  -     -     NO         
$

And when you are finally done with the container and want to delete it, you can issue the following command.


$ sudo lxc-destroy -n test-container

Check to see if the container still exists.


$ sudo lxc-info -n test-container
test-container doesn't exist

Kudos !  You have persisted and graduated the Container Lab 101 session.  Hope that was easy to follow and understand.

The intention of this article is to get you started on the Linux Container using LXC. More advanced topics will be covered in the future articles.