Sure, I'm aware of that but, my question is: * Will OpenStack with LXD, configure the containers, with "security.nesting 1" automatically? If no, is there any config option related to this?
So I can run nested LXD containers, inside my bare-metal LXD container launched by Nova? On 23 October 2015 at 18:50, Ryan Harper <[email protected]> wrote: > Hi, > > On Fri, Oct 23, 2015 at 3:38 PM, Martinx - ジェームズ <[email protected]> > wrote: >> >> OMG! This is so cool!! Thank you so much!!! :-D >> >> Now, the million dollar question... I'll be playing with LXD on >> OpenStack... Is there an elegant solution for this? >> >> I mean, how can OpenStack launch a LXD containers, with >> "security.nesting 1" automatically ? > > > You can get LXD as compute type with nclxd: > > https://insights.ubuntu.com/2015/05/06/introduction-to-nova-compute-lxd/ > https://zulcss.wordpress.com/2015/10/20/an-nova-compute-lxd-upate/ > > Or, if you've got a KVM Ubuntu instance, you can just install lxd and run > machine containers inside the KVM instance with lxd. > > >> >> >> Better to include this tip on your next blog post too! ;-) >> >> Thank you again! >> >> >> On 23 October 2015 at 15:55, Serge Hallyn <[email protected]> wrote: >> > On the host, edit /etc/subuid and /etc/subgid to allocate sufficient uid >> > ranges. In the root:firstuid:range entries, change range to be, let's >> > say, >> > 200000. So something like >> > >> > root:100000:200000 >> > lxd:100000:200000 >> > >> > (I'm showing both root and lxd bc which to use depends on your lxd >> > version, >> > I think) >> > >> > Initialize a container, >> > >> > lxc init wily w1 >> > lxc config set w1 security.nesting 1 >> > lxc start w1 >> > >> > Now inside w1, edit /etc/subuid and /etc/subgid to make sure the root >> > allcoations do not go past 200000. so set them to say: >> > >> > root:100000:65536 >> > lxd:100000:65536 >> > >> > Now you should be able to launch a container inside w1. (I just tried >> > this in a fresh vm, worked here) >> > >> > I should do a blog post on this soon. >> > >> > Quoting Martinx - ジェームズ ([email protected]): >> >> Guys, >> >> >> >> I need to create 4, or more, LXD containers, inside 1 LXD container. >> >> >> >> How to do that? >> >> >> >> The first LXD container, is running on a KVM (or bare-metal) host, >> >> with Ubuntu 14.04 + LXD 0.20 (ppa:ubuntu-lxc/lxd-stable). >> >> >> >> I really appreciate any help! >> >> >> >> I'm seeing that both LXC itself, and LXD, supported nested containers >> >> but, how? >> >> >> >> I'm trying but, it doesn't work... >> >> >> >> Thanks in advance! >> >> >> >> Best, >> >> Thiago >> >> >> >> -- >> >> ubuntu-server mailing list >> >> [email protected] >> >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server >> >> More info: https://wiki.ubuntu.com/ServerTeam >> >> -- >> ubuntu-server mailing list >> [email protected] >> https://lists.ubuntu.com/mailman/listinfo/ubuntu-server >> More info: https://wiki.ubuntu.com/ServerTeam > > -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
