mkdocs-benoit.jp.net/HowtoLXD.page

Some commands:

```
lxc image alias list images:
lxc info <name>
lxc config edit <name>
lxc config sonw <name>
lxc exec <name> bash
lxc config set <name> limits.memory 512MB
lxc config set <name> limits.cpu 2
lxc config device set <name> root size 20GB
lxc launch images:debian/stretch/amd64 <name>
lxc config set <name> environment.LC_ALL=en_US.UTF-8
lxc list
lxc storage volume list <storagename>
# mode privileged
lxc launch ubuntu:16.04 test -c security.privileged=true -c security.nesting=true
lxc config device add test ssh proxy listen=tcp:0.0.0.0:2222 connect=tcp:127.0.0.1:22
# Create a backups volume in the local (default) pool (ZFS) and use it for backups
lxc storage volume create local backups
lxc config set storage.backups_volume local/backups
# Create a images volume in the local (default) pool (ZFS) and use it for images (containers images downloaded)
lxc storage volume create local images
lxc config set storage.images_volume local/images
lxc config device add $containerName $deviceName disk source=/home/foo path=/home/foo
```

Chemins :

Normal : /var/lib/lxd/  
Snap : /var/snap/lxd/common/lxd/  

Paquets à installer pour se sentir à l'aise sur une Debian ou Ubuntu

```
vim logrotate
etckeeper
iputils-ping
dnsutils
```

N'est plus nécessaire sur les images récentes :

```
# systemctl disable getty@tty{1..4}
# reboot
```

- Activer journald
- Mettre le bon hostname
- Installer postfix

Paquets à installer pour se sentir à l'aise sur une Alpine

```
etckeeper
vim
```

```
sed -i 's/^tty/# tty/g' /etc/inittab

# clean messages
rm /var/log/messages

```

Nginx :

```
set_real_ip_from W.X.Y.Z;
#real_ip_recursive on;
real_ip_header X-Forwarded-For;
log_format custom '$http_x_forwarded_for - $remote_user [$time_local] '
  '"$request" $status $body_bytes_sent '
  '"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/access.log custom;
```

Aller dans le namespace de LXD (snap0 pour faire des actions genre mount/umount :

```
# nsenter -t $(cat /var/snap/lxd/common/lxd.pid) -m
```
init 2017-08-21 19:49:14 +00:00			`Some commands:`

			```
			`lxc image alias list images:`
			`lxc info <name>`
			`lxc config edit <name>`
			`lxc config sonw <name>`
			`lxc exec <name> bash`
			`lxc config set <name> limits.memory 512MB`
			`lxc config set <name> limits.cpu 2`
			`lxc config device set <name> root size 20GB`
			`lxc launch images:debian/stretch/amd64 <name>`
environment 2020-09-25 06:45:55 +00:00			`lxc config set <name> environment.LC_ALL=en_US.UTF-8`
init 2017-08-21 19:49:14 +00:00			`lxc list`
			`lxc storage volume list <storagename>`
mode privileged 2017-10-02 15:58:27 +00:00			`# mode privileged`
			`lxc launch ubuntu:16.04 test -c security.privileged=true -c security.nesting=true`
exemple proxy 2020-05-05 07:03:50 +00:00			`lxc config device add test ssh proxy listen=tcp:0.0.0.0:2222 connect=tcp:127.0.0.1:22`
backups & images 2020-09-12 05:29:24 +00:00			`# Create a backups volume in the local (default) pool (ZFS) and use it for backups`
			`lxc storage volume create local backups`
			`lxc config set storage.backups_volume local/backups`
			`# Create a images volume in the local (default) pool (ZFS) and use it for images (containers images downloaded)`
			`lxc storage volume create local images`
			`lxc config set storage.images_volume local/images`
disk device 2020-09-21 11:16:56 +00:00			`lxc config device add $containerName $deviceName disk source=/home/foo path=/home/foo`
trucs a faire dans un container tout juste init 2017-08-24 19:17:28 +00:00			```

wip 2017-09-13 19:46:28 +00:00			`Chemins :`

cleaning/update 2020-05-05 03:29:16 +00:00			`Normal : /var/lib/lxd/`
			`Snap : /var/snap/lxd/common/lxd/`
wip 2017-09-13 19:46:28 +00:00
			`Paquets à installer pour se sentir à l'aise sur une Debian ou Ubuntu`

			```
cleaning/update 2020-05-05 03:29:16 +00:00			`vim logrotate`
			`etckeeper`
			`iputils-ping`
wip 2017-09-13 19:46:28 +00:00			`dnsutils`
			```

cleaning/update 2020-05-05 03:29:16 +00:00			`N'est plus nécessaire sur les images récentes :`

disable getty 2017-09-26 20:37:09 +00:00			```
			`# systemctl disable getty@tty{1..4}`
			`# reboot`
			```

liste 2017-10-01 13:09:32 +00:00			`- Activer journald`
			`- Mettre le bon hostname`
			`- Installer postfix`
wip 2017-09-13 19:46:28 +00:00
			`Paquets à installer pour se sentir à l'aise sur une Alpine`

			```
cleaning/update 2020-05-05 03:29:16 +00:00			`etckeeper`
			`vim`
wip 2017-09-13 19:46:28 +00:00			```

trucs a faire dans un container tout juste init 2017-08-24 19:17:28 +00:00			```
wip 2017-09-13 19:46:28 +00:00			`sed -i 's/^tty/# tty/g' /etc/inittab`
trucs a faire dans un container tout juste init 2017-08-24 19:17:28 +00:00
wip 2017-09-13 19:46:28 +00:00			`# clean messages`
			`rm /var/log/messages`
trucs a faire dans un container tout juste init 2017-08-24 19:17:28 +00:00
Nginx 2018-01-10 21:23:59 +00:00			```

			`Nginx :`

			```
			`set_real_ip_from W.X.Y.Z;`
set_real_ip_from 2020-05-05 10:26:18 +00:00			`#real_ip_recursive on;`
Nginx 2018-01-10 21:23:59 +00:00			`real_ip_header X-Forwarded-For;`
set_real_ip_from 2020-05-05 10:26:18 +00:00			`log_format custom '$http_x_forwarded_for - $remote_user [$time_local] '`
			`'"$request" $status $body_bytes_sent '`
			`'"$http_referer" "$http_user_agent"';`
			`access_log /var/log/nginx/access.log custom;`
nsenter 2020-05-08 13:59:26 +00:00			```

			`Aller dans le namespace de LXD (snap0 pour faire des actions genre mount/umount :`

			```
			`# nsenter -t $(cat /var/snap/lxd/common/lxd.pid) -m`
wip 2017-09-13 19:46:28 +00:00			```