[!warning] WARNING: THIS NEEDS SOME LOVE
I wrote it back 2019 and I can do this without LXD now
NOTE If you want to use LXD this should still work
Building a Lxc inside of a Lxc
We'll need the following to get started
- LXC setup with in LXD
- Our LXC setup to allow nesting
If you don't have snapd or lxd setup you'll need to do that now
NOTE: If you want to work with LXD/LXC without sudo then add your self of the LXD group
sudo lxc launch images:centos/7 NAMEHERE -c security.nesting=true -c security.privileged=true sudo lxc exec NAMEHERE -- bash
yum update yum install -y epel-release yum update yum install -y lxc lxc-templates lxc-extra lxc-create -n CONTAINERNAMEHERE -t centos
Now that this is done you'll have a shinny new container!
Now let's prepare it!
cd /var/lib/lxc/CONTAINERNAMEHERE chroot rootfs /bin/bash yum update # ** ANY SPECIAL CONFIGURATIONS SHOULD BE DONE HERE E.G. ** yum clean all yum history new for x in `find /var/log/ -type f` ; do truncate -s 0 $x ; done for x in `find /home/ -type f -name .bash_history` ; do truncate -s 0 $x ; done for x in `find /root/ -type f -name .bash_history` ; do truncate -s 0 $x ; done CTRL+D
Once you have everything installed you'll want to edit the config file however you need it then tar it up.
This does two things:
- It compresses everything including the config
- two it preserves all the permissions on the rootfs.
To restore the container on another system you'll need to make sure that the path exists e.g.
mkdir -p /var/lib/lxc/CONTAINERNAMEHERE and place the CONTAINERNAMEHERE.tar.gz into it. Then extract the tarball
tar --numeric-owner -xzvf CONTAINERNAMEHERE.tar.gz lxc-ls #Should show CONTAINERNAMEHERE lxc-start --name CONTAINERNAMEHERE #Should start it lxc-info --name CONTAINERNAMEHERE #Should show that it is running
That's it! Enjoy!