≡ Menu

How to Install and Setup LXC Linux Containers on CentOS / RHEL / Ubuntu

LXC Linux ContainersLXC stands for Linux Containers.

Linux containers are light-weight “virtualization” methods that runs multiple virtual units simultaneously on a single control host on a single Linux kernel.

The Linux kernel contains cgroups for resource isolation (CPU, memory, block I/O, network, etc, ), which does not require starting any virtual machines.

Cgroups also provides namespace isolation to completely isolate application view of the operating environment, including process trees, networks, userids and mounted filesystems.

LXC is open source software and licensed under GNU LGPLv2.1+ license.

Containers actually make use of kernel features called namespaces, cgroups, and chroots, to carve off a contained area.

So, the end result of LXC looks much like a virtual machine, but without any hypervisor.

1. Pre-req for LXC Install

Before you install LXC, make sure your system is up-to-date using yum update as shown below.

# yum update

LXC is dependent on two libraries; libpcap and libcgroup. This also requires busybox and bridge utilities.

Install the following required packages for our LXC install.

# yum install libcap-devel libcgroup busybox wget bridge-utils

Let us make sure we got all the compilers and related development tools that are required to compile and install any software from source code.

# yum groupinstall "Development tools"

For more information about yum groups, refer to our yum commands article.

2. Download LXC Linux Containers

Download the latest version of the LXC from Linux Containers Project.

Use wget to download the tar ball of the latest stable version of LXC to your machine as shown below.

# cd /

# wget http://linuxcontainers.org/downloads/lxc-1.1.5.tar.gz

If you get a certificate related error message while using the above wget, then use the no-check-certificate option as shown below.

# wget --no-check-certificate https://linuxcontainers.org/downloads/lxc-1.1.5.tar.gz

Alternatively, if you prefer, you can also use git clone to download the latest development version or stable version as shown below.

git clone git://github.com/lxc/lxc -b {branch}

In the above command, the {branch} can either be “master” for the current development branch, or “stable-1.0” for the stable update branch of the 1.0 version.

3. Configure Bridged Adapter

Next, create a bridged adapter and configure the static IP on the bridged adapter as shown in the following ifcfg-eth0 example. Ensure your physical adapter points to this bridged adapter in ifcfg-eth0.

# cd /etc/sysconfig/network-scripts	

# vi ifcfg-br0
DEVICE="br0"
BOOTPROTO="static"
IPADDR="xxx.xxx.xxx.xxx"
NETMASK="255.255.255.xxx"
ONBOOT="yes"
TYPE="Bridge"
NM_CONTROLLED="no"

Replace all the “xxx” in the above file with the values that matches your ip-address and networkmask. For example, change the IPADDR value in the above file to the ip-address of your machine.

4. Install LXC Linux Container

Next, untar the LXC tar ball, that we downloaded earlier, execute the ./configure, and do make and make install, to install the LXC on your system as shown below.

By default, this will install all the lxc binaries under /usr/local/bin directory.

# cd /

# tar xvfz lxc-1.1.5.tar.gz

# cd lxc-1.1.5/

# ./configure

# make && make install

The following are few of the last few lines from the output for the above ./configure command.

# ./configure
...
...
config.status: creating src/python-lxc/setup.py
config.status: creating src/lua-lxc/Makefile
config.status: executing depfiles commands
config.status: executing default commands
----------------------------
Environment:
 - compiler: gcc
 - distribution: centos
 - init script type(s): sysvinit
 - rpath: no
 - GnuTLS: no
 - Bash integration: yes
Security features:
 - Apparmor: no
 - Linux capabilities: yes
 - seccomp: no
 - SELinux: no
 - cgmanager: no
Bindings:
 - lua: no
 - python3: no
Documentation:
 - examples: yes
 - API documentation: yes
 - user documentation: no
Debugging:
 - tests: no
 - mutex debugging: no
Paths:
 - Logs in configpath: no

The following are the last few lines from the output for the above make command.

# make
...
Building full member lists recursively...
Adding members to member groups.
...
Generating style sheet...
Generating index page...
Generating page index...
Generating example documentation...
Generating file sources...
Generating code for file /usr/save/lxc-1.1.5/src/lxc/attach_options.h...
Generating code for file /usr/save/lxc-1.1.5/src/lxc/lxccontainer.h...
Generating code for file /usr/save/lxc-1.1.5/src/lxc/lxclock.h...
Generating file documentation...
Generating docs for file /usr/save/lxc-1.1.5/src/lxc/attach_options.h...
...
Generating file member index...
make[2]: Leaving directory `/usr/save/lxc-1.1.5/doc/api'
make[2]: Entering directory `/usr/save/lxc-1.1.5/doc'
...
Making all in hooks
make[1]: Entering directory `/usr/save/lxc-1.1.5/hooks'
make[1]: Nothing to be done for `all'.
...

The following are the last few lines from the output for the above make install command.

# make install
...
Making install in hooks
make[1]: Entering directory `/usr/save/lxc-1.1.5/hooks'
 /bin/mkdir -p '/usr/local/share/lxc/hooks'
 /usr/bin/install -c clonehostname mountecryptfsroot ubuntu-cloud-prep squid-deb-proxy-client '/usr/local/share/lxc/hooks'
...
/bin/mkdir -p /usr/local/var/lib/lxc
/bin/mkdir -p /usr/local/var/cache/lxc
 /bin/mkdir -p '/usr/local/lib/pkgconfig'
 /usr/bin/install -c -m 644 lxc.pc '/usr/local/lib/pkgconfig'
...

5. Create Soft Link for LXC Shared Libraries

Execute lxc-info to verify that the LXC is installed successfully. If everything is installed properly, we’ll see a message saying that the give container name (for example, test) doesn’t exist. We have not created any container at this stage. We just want to make sure this command is not throwing any shared library related errors.

# lxc-info --name test
test doesn't exist

Depending on how things on configured on your system, you might also get the following liblxc.so.1 library related error message.

# lxc-info --name test
lxc-info: error while loading shared libraries: liblxc.so.1: cannot open shared object file: No such file or directory

In this case, to fix it, create a link called libxc.so.1 as shown below, which will point to the correct version of the liblxc.so.x.x.x file.

# ln -s /usr/local/lib/liblxc.so.1.1.5 /lib64/liblxc.so.1

# ls -l /lib64/liblxc.so.1
lrwxrwxrwx. 1 root root 30 Jan 20 09:17 /lib64/liblxc.so.1 -> /usr/local/lib/liblxc.so.1.1.5

6. Verify LXC Setup and Configuration

Next, you can also execute the lxc-checkconfig to verify that your lxc environment is setup correctly.

The following will have output in four different sections: 1) Namespaces, 2) Control Groups 3) Misc and 4) Checkpoint/Restore. Partial output is shown below.

# lxc-checkconfig
Kernel configuration not found at /proc/config.gz; searching...
Kernel configuration found at /boot/config-2.6.32-431.el6.x86_64
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Multiple /dev/pts instances: enabled
--- Control groups ---
Cgroup: enabled
Cgroup namespace: enabled
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
..
--- Misc ---
Veth pair device: enabled
Macvlan: enabled
Vlan: enabled
Bridges: enabled
Advanced netfilter: enabled
..
--- Checkpoint/Restore ---
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
..
Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/local/bin/lxc-checkconfig

If everything is configured properly on your system, in the above output, all of the options in the above groups should say “enabled”.

Tomorrow, in the next part of the LXC series of articles, we’ll explain how to create, start, and use lxc linux containers using various lxc commands.

If you enjoyed this article, you might also like..

  1. 50 Linux Sysadmin Tutorials
  2. 50 Most Frequently Used Linux Commands (With Examples)
  3. Top 25 Best Linux Performance Monitoring and Debugging Tools
  4. Mommy, I found it! – 15 Practical Linux Find Command Examples
  5. Linux 101 Hacks 2nd Edition eBook Linux 101 Hacks Book

Bash 101 Hacks Book Sed and Awk 101 Hacks Book Nagios Core 3 Book Vim 101 Hacks Book

{ 8 comments… add one }

  • EllisGL January 26, 2016, 11:27 pm

    Now if you can show us how to pass in a USB device (E.g. a WiFi dongle) that would be great!

  • S.R.Prasanna Kumar January 27, 2016, 7:27 am

    Hi Karthik

    Thanks for the explanation. Can we use cent os 7 for practice. Please advise

  • Álesson David January 27, 2016, 9:51 am

    Hello I’m trying make this tutorial in virtualbox but return an error when command make is runned, after trying generate graphs using thread. Its impossible do this in virtualbox?

  • TabTwo January 27, 2016, 11:10 am

    yeah, don’t check certificates. What are they even god for anyway …

  • Will February 1, 2016, 9:44 am

    Looks useful.
    There is a repo for this ? (debian>buntu>whatever ish)
    as it happens, Deepin:

    me# apt-get install libcap-devel libcgroup busybox wget bridge-utils
    Reading
    Building
    Reading … Done
    E: Unable to locate package libcap-devel
    E: Unable to locate package libcgroup

    and, yes, verification? as per comment TabTwo January 27, 2016, 11:10 am

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    I do wish websites wouldn’t ask me to submit

  • Bhagyaraj February 8, 2016, 1:17 am

    Hi,

    I was getting syntax errors after installing and running the script in Cent 6.7
    It’s not able to KERNEL_MAJOR version.

    Mess:
    [root@blrpc654 ~]# lxc-checkconfig
    Kernel configuration not found at /proc/config.gz; searching…
    Kernel configuration found at /boot/config-2.6.32-573.12.1.el6.x86_64
    — Namespaces —
    Namespaces: enabled
    Utsname namespace: enabled
    Ipc namespace: enabled
    Pid namespace: enabled
    User namespace: enabled
    Network namespace: enabled
    Multiple /dev/pts instances: enabled

    — Control groups —
    Cgroup: enabled
    Cgroup namespace: enabled
    Cgroup device: enabled
    Cgroup sched: enabled
    Cgroup cpu account: enabled
    Cgroup memory controller: /usr/local/bin/lxc-checkconfig: line 103: [: -ge: unary operator expected
    /usr/local/bin/lxc-checkconfig: line 103: [: -gt: unary operator expected
    enabled
    Cgroup cpuset: enabled

    — Misc —
    Veth pair device: enabled
    Macvlan: enabled
    Vlan: enabled
    Bridges: enabled
    Advanced netfilter: enabled
    CONFIG_NF_NAT_IPV4: missing
    CONFIG_NF_NAT_IPV6: missing
    CONFIG_IP_NF_TARGET_MASQUERADE: enabled
    CONFIG_IP6_NF_TARGET_MASQUERADE: missing
    CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled

    — Checkpoint/Restore —
    checkpoint restore: missing
    CONFIG_FHANDLE: missing
    CONFIG_EVENTFD: enabled
    CONFIG_EPOLL: enabled
    CONFIG_UNIX_DIAG: missing
    CONFIG_INET_DIAG: enabled
    CONFIG_PACKET_DIAG: missing
    CONFIG_NETLINK_DIAG: missing
    File capabilities: /usr/local/bin/lxc-checkconfig: line 137: [: -gt: unary operator expected

    Note : Before booting a new kernel, you can check its configuration
    usage : CONFIG=/path/to/config /usr/local/bin/lxc-checkconfig

    [root@blrpc654 ~]#
    [root@blrpc654 ~]#

    [root@blrpc654 ~]# uname -a
    Linux blrpc654 2.6.32-573.12.1.el6.x86_64 #1 SMP Tue Dec 15 21:19:08 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
    [root@blrpc654 ~]# cat /etc/issue
    CentOS release 6.7 (Final)
    Kernel \r on an \m

    [root@blrpc654 ~]#

    Pls let us know Author have given correct download location for lxc.?
    I have used “”lxc-1.1.5.tar””,

  • Bhagyaraj February 8, 2016, 1:19 am

    Also:
    Nothing it is getting:
    [root@blrpc654 ~]# grep ‘^# Linux.*Kernel Configuration’ /boot/config-2.6.32-573.12.1.el6.x86_64
    [root@blrpc654 ~]# ll /boot/config-2.6.32-573.12.1.el6.x86_64
    -rw-r–r– 1 root root 107139 Dec 16 03:18 /boot/config-2.6.32-573.12.1.el6.x86_64
    [root@blrpc654 ~]#

    What is missing i here.

  • fassl April 15, 2016, 12:27 pm

    You don’t need to create soft links, you can also configure with:
    ./configure –libdir=/usr/lib64
    The libs then get installed in the given folder.
    cheers!

Leave a Comment