🟢 Stable | LXC provider for Vagrant (up-to-date & maintained)
Find a file
Virgil Dupras 553f1b5ed0 lxc-template: make runnable by unprivileged users
lxc-template needlessly require root privileges in two places:

1. lock file location for `flock`
2. failing on `tar` failure during rootfs extraction

For `flock`, it's not necessary that the lock file be in `/var/lock`, it
can be anywhere. Why not put it in `LXC_PATH`?

For the failing `tar` thing, that's because some device are created with
`mknod` which unprivileged users can't do. These device, however, are
not necessary for the container to run well. We can ignore `tar`'s error
exit code.

I replaced the exist code check by a check for the existence of
`/bin/true` in rootfs. I think that it's a good indication of whether
the rootfs was extracted.

Why am I making this change? Because I'd like to add support for
unprivileged containers in `vagrant-lxc` but it's kind of a big change
to make at once, so I thought I'd go incrementally.
2017-12-09 19:36:54 -05:00
lib v1.2.3 2016-12-20 20:20:38 -08:00
locales Added lxc-create to the error message 2015-09-20 15:30:09 +12:00
scripts lxc-template: make runnable by unprivileged users 2017-12-09 19:36:54 -05:00
spec Fix test on NixOS 2015-08-02 10:15:55 +00:00
tasks core: Getting ready to run vagrant-spec acceptance suite 2014-03-13 00:57:36 -03:00
templates do not copy the lxc template instead use the full path 2015-08-28 14:58:16 +02:00
.gitignore Finish ubuntu box "build abstraction" 2013-04-21 22:23:49 -03:00
.rspec Not so initial commit 2013-02-25 02:04:31 -03:00
.travis.yml Disable Ruby 1.9.3 on travis and begin testing on 2.1.1 2014-03-13 00:57:37 -03:00
.vimrc Finish ubuntu box "build abstraction" 2013-04-21 22:23:49 -03:00
BOXES.md boxes: Preparation to extract to a separate repository 2014-03-24 23:50:55 -03:00
CHANGELOG.md v1.2.3 2016-12-20 20:20:38 -08:00
CONTRIBUTING.md Update contribution guidelines 2014-03-25 00:03:26 -03:00
Gemfile Update gems to resolve dependencies on NixOS 2015-08-02 10:15:55 +00:00
Gemfile.lock v1.2.3 2016-12-20 20:20:38 -08:00
Guardfile Clean up Guardfile 2013-05-17 18:49:33 -03:00
LICENSE.txt 🎆 New year 🎆 2014-01-02 00:51:27 -02:00
Rakefile Attempt to enable code coverage on travis 2013-04-12 18:37:38 -03:00
README.md update dependencies in the README 2016-05-11 16:54:12 -07:00
vagrant-lxc.gemspec 💣 post install message 2014-09-22 23:07:56 -03:00
vagrant-spec.config.rb I think it is safe to get rid of this by now 2014-03-21 19:32:16 -03:00

vagrant-lxc

Build Status Gem Version Code Climate Coverage Status Gitter chat

LXC provider for Vagrant 1.6+

This is a Vagrant plugin that allows it to control and provision Linux Containers as an alternative to the built in VirtualBox provider for Linux hosts. Check out this blog post to see it in action.

Features

  • Provides the same workflow as the Vagrant VirtualBox provider
  • Port forwarding via redir
  • Private networking via pipework

Requirements

  • Vagrant 1.5+ (tested with 1.7.2)
  • lxc 0.7.5+
  • tar 1.27 (the lxc-template script uses the --xattrs option)
  • redir (if you are planning to use port forwarding)
  • brctl (if you are planning to use private networks, on Ubuntu this means apt-get install bridge-utils)
  • A kernel != 3.5.0-17.28

The plugin is known to work better and pretty much out of the box on Ubuntu 14.04+ hosts and installing the dependencies on it basically means a apt-get install lxc lxc-templates cgroup-lite redir (older LXC versions like 0.7.5 shipped with Ubuntu 12.04 by default might require additional configurations to work). For setting up other types of hosts please have a look at the Wiki.

If you are on a Mac or Windows machine, you might want to have a look at this blog post for some ideas on how to set things up or check out this other repo for a set of Vagrant VirtualBox machines ready for vagrant-lxc usage.

Installation

vagrant plugin install vagrant-lxc

Quick start

vagrant init fgrehm/precise64-lxc
vagrant up --provider=lxc

More information about skipping the --provider argument can be found at the "DEFAULT PROVIDER" section of Vagrant docs

Base boxes

Base boxes can be found on Atlas and some scripts to build your own are available at fgrehm/vagrant-lxc-base-boxes.

If you want to build your own boxes, please have a look at BOXES.md for more information.

Advanced configuration

You can modify container configurations from within your Vagrantfile using the provider block:

Vagrant.configure("2") do |config|
  config.vm.box = "fgrehm/trusty64-lxc"
  config.vm.provider :lxc do |lxc|
    # Same effect as 'customize ["modifyvm", :id, "--memory", "1024"]' for VirtualBox
    lxc.customize 'cgroup.memory.limit_in_bytes', '1024M'
  end
end

vagrant-lxc will then write out lxc.cgroup.memory.limit_in_bytes='1024M' to the container config file (usually kept under /var/lib/lxc/<container>/config) prior to starting it.

For other configuration options, please check the lxc.conf manpages.

Private Networks [EXPERIMENTAL]

Starting with vagrant-lxc 1.1.0, there is some rudimentary support for configuring Private Networks by leveraging the pipework project.

On its current state, there is a requirement for setting the bridge name that will be created and will allow your machine to comunicate with the container

For example:

Vagrant.configure("2") do |config|
  config.vm.network "private_network", ip: "192.168.2.100", lxc__bridge_name: 'vlxcbr1'
end

Will create a new veth device for the container and will set up (or reuse) a vlxcbr1 bridge between your machine and the veth device. Once the last vagrant-lxc container attached to the bridge gets vagrant halted, the plugin will delete the bridge.

Container naming

By default vagrant-lxc will attempt to generate a unique container name for you. However, if the container name is important to you, you may use the container_name attribute to set it explicitly from the provider block:

Vagrant.configure("2") do |config|
  config.vm.define "db" do |node|
    node.vm.provider :lxc do |lxc|
      lxc.container_name = :machine # Sets the container name to 'db'
      lxc.container_name = 'mysql'  # Sets the container name to 'mysql'
    end
  end
end

_Please note that there is a 64 chars limit and the container name will be trimmed down to that to ensure we can always bring the container up.

Backingstore options

Support for setting lxc-create's backingstore option (-B and related) can be specified from the provider block and it defaults to best, to change it:

Vagrant.configure("2") do |config|
  config.vm.provider :lxc do |lxc|
    lxc.backingstore = 'lvm' # or 'btrfs', 'overlayfs', ...
    # lvm specific options
    lxc.backingstore_option '--vgname', 'schroots'
    lxc.backingstore_option '--fssize', '5G'
    lxc.backingstore_option '--fstype', 'xfs'
  end
end

For old versions of lxc (like 0.7.5 shipped with Ubuntu 12.04 by default) that does not support best for the backingstore option, changing it to none is required and a default for all Vagrant environments can be set from your ~/.vagrant.d/Vagrantfile using the same provider block:

Vagrant.configure("2") do |config|
  config.vm.provider :lxc do |lxc|
    lxc.backingstore = 'none'
  end
end

Avoiding sudo passwords

This plugin requires a lot of sudoing since user namespaces is not supported yet. To work around that, you can use the vagrant lxc sudoers command which will create a file under /etc/sudoers.d/vagrant-lxc whitelisting all commands required by vagrant-lxc to run.

If you are interested on what will be generated by that command, please check this code.

vagrant-lxc < 1.0.0 users, please check this Wiki page

More information

Please refer the wiki.

Problems / ideas?

Please review the Troubleshooting wiki page + known bugs list if you have a problem and feel free to use the issue tracker propose new functionality and / or report bugs.

Contributing

  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request