On Tue, 2013-10-01 at 13:12 +0200, Petter Reinholdtsen wrote: > Hi. > > I saw LXC discussed quite a bit earlier on the mailing list, and it > seem like a good idea to isolate the different services from each > other on the Freedombox. > > As far as I can tell, LXC now work out of the box on Jessie. At least > I am able to get it running on my amd64 Freedombox by using > mkdir /cgroup > echo 'cgroup /cgroup cgroup defaults 0 0' >> /etc/fstab > mount -a > apt-get install -y lxc > MIRROR=http://http.debian.net/debian SUITE=wheezy \ > lxc-create -n wheezy00 -t debian > lxc-start -d -n wheezy00 > > But the LXC environment is completely without network connectivity, > and it is unclear to me how it is smart to structure LXC contained > services. I guess Plinth need to run on the "real" machine to be able > to set up LXC containers for Tor, Owncloud, dnsmasq, FreedomBuddy, > etc, etc. But how should connectivity be configured, and which IP > addresses should these services use? Should they all show up on some > internal network and Apache proxy for them all to allow one pagekite > connection to make them all available to the world? Or something > completely different? > > Anyone with suggestions and experience running such setup? >
Hi Petter, I'm using LXC for 2.5 years and have written many articles about my setup which you can find at: http://freedomboxblog.nl/articles-tagged-software-architecture I think these articles answer many of your questions. The list of articles is in reverse order: start with the oldest article at the bottom and work your way to the top if you want to fully understand my setup. The articles describe a Squeeze setup - Wheezy needs a slightly modified LXC template which you can download at: http://freedomboxblog.nl/wp-content/uploads/lxc-debian-wheezy.gz At the moment I'm working on my own software to isolate programs running on the FreedomBox. This software does not use LXC anymore and will be *much* more lightweight. So keep in mind that although my setup served me well over the past years it will be replaced in the near future. Rob. http://freedomboxblog.nl _______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss