Creating a clone method for LXC containers
A little background
At the end of last year, when it was time to start writing a diploma, I came across an article by user am83 . Since I am extremely not indifferent to virtualization, I wanted to come up with something related to this topic. And here I had an idea about using a shared file system to create a method that would save disk space when cloning LXC containers.
So, based on an article written by am83, I went through several steps to create a shared file system.
Install the main components that will be needed to create a shared file system with the command:
Next, turn on the two control options.
In the network configuration, we enable the network bridge for containers:
And for autorun containers at system startup, we include:
In the lxc.conf file, with the command:
Next, edit the configuration file:
And add the following lines to it:
We introduce a variable:
Create a directory / lxc:
Create a place where the containers and information on their settings are stored, as well as the location of caching distribution data to speed up the creation of multiple containers:
Delete the old directory:
Create links to directories:
Create a basic Ubuntu-based LXC container named hName with a version of Trusty:
Next, let's start creating the unchangeable part of the LXC container.
Go to the directory of the created container:
In it we create a directory with a common part, let's call it common:
We transfer into it unchangeable directories:
Create symbolic links to them:
After preparing the base image of the system, let's proceed directly to creating the first container in the system. Let's just call it “Node1”:
Create a directory for the first container:
Go to him:
Using the rsync program, copy the unchanged part into the first container:
Next, for the first container, we create two directories for the common part and for the devices:
Install them using the Bind program:
Copy the configuration file and the fstab file from the base container to the first one:
Change the name in the configuration of the first container to Node1, as well as the MAC address:
Creating a base file system for containers
Install the main components that will be needed to create a shared file system with the command:
$ apt-get install debootstrap lxc lxc-templates lxctl cgroup-lite rsync Next, turn on the two control options.
In the network configuration, we enable the network bridge for containers:
$ nano /etc/init/lxc-net.conf USE_LXC_BRIDGE="true" And for autorun containers at system startup, we include:
LXC_AUTO="true" In the lxc.conf file, with the command:
$ nano /etc/init/lxc.conf Next, edit the configuration file:
$ nano /etc/default/lxc And add the following lines to it:
We introduce a variable:
$ lxcRoot="/lxc" Create a directory / lxc:
$ mkdir -p ${lxcRoot} Create a place where the containers and information on their settings are stored, as well as the location of caching distribution data to speed up the creation of multiple containers:
$ mkdir /${lxcRoot}/lxclib /${lxcRoot}/lxccache Delete the old directory:
$ rm -rf /var/lib/lxc /var/cache/lxc Create links to directories:
$ ln -s /${lxcRoot}/lxclib /var/lib/lxc $ ln -s /${lxcRoot}/lxccache /var/cache/lxc Create a basic Ubuntu-based LXC container named hName with a version of Trusty:
$ lxc-create -t ubuntu -n hName -r trusty Next, let's start creating the unchangeable part of the LXC container.
Go to the directory of the created container:
$ cd /lxc/lxclib/hName/rootfs In it we create a directory with a common part, let's call it common:
$ mkdir common We transfer into it unchangeable directories:
$ mv bin lib lib64 sbin usr common/ Create symbolic links to them:
$ ln -s common/bin $ ln -s common/sbin $ ln -s common/lib $ ln -s common/lib64 $ ln -s common/usr Creating an LXC Container
After preparing the base image of the system, let's proceed directly to creating the first container in the system. Let's just call it “Node1”:
Create a directory for the first container:
$ mkdir -p /lxc/lxclib/Node1/rootfs Go to him:
$ cd /lxc/lxclib/Node1/rootfs Using the rsync program, copy the unchanged part into the first container:
$ rsync --exclude=/dev/* --exclude=/common/* -avz /lxc/lxclib/hName/rootfs/* ./ Next, for the first container, we create two directories for the common part and for the devices:
$ mkdir /lxc/lxclib/Node1/rootfs/common $ mkdir /lxc/lxclib/Node1/rootfs/dev Install them using the Bind program:
$ mount --bind /lxc/lxclib/hName/rootfs/dev /lxc/lxclib/Node1/rootfs/dev $ mount --bind /lxc/lxclib/hName/rootfs/common /lxc/lxclib/Node1/rootfs/common $ mount -o remount,ro /lxc/lxclib/Node1/rootfs/common Copy the configuration file and the fstab file from the base container to the first one:
$ cp /lxc/lxclib/hName/config /lxc/lxclib/Node1/ $ cp /lxc/lxclib/hName/fstab /lxc/lxclib/Node1/ Change the name in the configuration of the first container to Node1, as well as the MAC address:
$ nano /lxc/lxclib/Node1/config Cloning method
The script that I wrote looks like this:
#!/bin/bash echo " : " read Container cp -a /lxc/lxclib/Node1 /lxc/lxclib/${Container} mount --bind /lxc/lxclib/hName/rootfs/dev /lxc/lxclib/${Container}/rootfs/dev mount --bind /lxc/lxclib/hName/rootfs/common /lxc/lxclib/${Container}/rootfs/common mount -o remount,ro /lxc/lxclib/${Container}/rootfs/common sed -i 's/Node1/'$Container'/g' /lxc/lxclib/${Container}/config echo " " $Container "" Comparative characteristics with the standard lxc-clone method
What does this give us?
First, I wanted to save disk space.
Find out the size occupied by the disk container:
$ du –skh /lxc/lxclib/_ The figure shows that the volume occupied by the base container is 395 megabytes, while the volume occupied by the container cloned by my method is only 141 megabytes:
')
Based on the above data - saving disk space from each container goes about 65%. That is, when using this method, for example, on a server farm with hundreds of containers, disk space savings are very noticeable.
Secondly, not very impressive, but still the speed of copying the container.
The standard cloning method is performed with the command:
Measure the cloning rate with the time command.
Time - displays the execution time (in seconds) of the command being run. It is substituted before any executed command.
The figures show the command execution time in the standard way of cloning containers and mine:
Based on the above data, it can be seen that the time taken to clone a container in a standard way takes more than 12 seconds, while the time taken to clone it in my way takes about 6 seconds.
Eventually
Perhaps my idea is not to be used in production at the enterprise, but I see the use of this method on mini-computers. After all, picking up several containers on an sd card, saving a couple of hundred megabytes from one container would be a good win.
Source: https://habr.com/ru/post/227599/
All Articles