82 lines
No EOL
1.8 KiB
Text
82 lines
No EOL
1.8 KiB
Text
Some commands:
|
|
|
|
```
|
|
lxc image alias list images:
|
|
lxc info <name>
|
|
lxc config edit <name>
|
|
lxc config sonw <name>
|
|
lxc exec <name> bash
|
|
lxc config set <name> limits.memory 512MB
|
|
lxc config set <name> limits.cpu 2
|
|
lxc config device set <name> root size 20GB
|
|
lxc launch images:debian/stretch/amd64 <name>
|
|
lxc list
|
|
lxc storage volume list <storagename>
|
|
# mode privileged
|
|
lxc launch ubuntu:16.04 test -c security.privileged=true -c security.nesting=true
|
|
lxc config device add test ssh proxy listen=tcp:0.0.0.0:2222 connect=tcp:127.0.0.1:22
|
|
# Create a backups volume in the local (default) pool (ZFS) and use it for backups
|
|
lxc storage volume create local backups
|
|
lxc config set storage.backups_volume local/backups
|
|
# Create a images volume in the local (default) pool (ZFS) and use it for images (containers images downloaded)
|
|
lxc storage volume create local images
|
|
lxc config set storage.images_volume local/images
|
|
```
|
|
|
|
Chemins :
|
|
|
|
Normal : /var/lib/lxd/
|
|
Snap : /var/snap/lxd/common/lxd/
|
|
|
|
Paquets à installer pour se sentir à l'aise sur une Debian ou Ubuntu
|
|
|
|
```
|
|
vim logrotate
|
|
etckeeper
|
|
iputils-ping
|
|
dnsutils
|
|
```
|
|
|
|
N'est plus nécessaire sur les images récentes :
|
|
|
|
```
|
|
# systemctl disable getty@tty{1..4}
|
|
# reboot
|
|
```
|
|
|
|
- Activer journald
|
|
- Mettre le bon hostname
|
|
- Installer postfix
|
|
|
|
Paquets à installer pour se sentir à l'aise sur une Alpine
|
|
|
|
```
|
|
etckeeper
|
|
vim
|
|
```
|
|
|
|
```
|
|
sed -i 's/^tty/# tty/g' /etc/inittab
|
|
|
|
# clean messages
|
|
rm /var/log/messages
|
|
|
|
```
|
|
|
|
Nginx :
|
|
|
|
```
|
|
set_real_ip_from W.X.Y.Z;
|
|
#real_ip_recursive on;
|
|
real_ip_header X-Forwarded-For;
|
|
log_format custom '$http_x_forwarded_for - $remote_user [$time_local] '
|
|
'"$request" $status $body_bytes_sent '
|
|
'"$http_referer" "$http_user_agent"';
|
|
access_log /var/log/nginx/access.log custom;
|
|
```
|
|
|
|
Aller dans le namespace de LXD (snap0 pour faire des actions genre mount/umount :
|
|
|
|
```
|
|
# nsenter -t $(cat /var/snap/lxd/common/lxd.pid) -m
|
|
``` |