How to Set Up and Use LXD on CentOS Linux 7.x Server

ADVERTISEMENTS



Procedure to set up and use LXD on CentOS Linux 7.x

Install snapd on CentOS Install lxd on CentOS Linux Configure lxd storage, networking, and other stuff Create your first VM

Step 1 – Update CentOS 7.x box

I know how to setup LXD on a Debian or Ubuntu Linux . How do I install, configure and setup LXD on CentOS Linux 7.x?: Linux containers give an environment as close as possible as the one you would get from a VM but without the overhead that comes with running a separate kernel and simulating all the hardware. You can run your favorite Linux distributions such as Debian, Ubuntu, Arch, Gentoo, CentOS and more. LXD is lxc on steroids with strong security on the mind. LXD is not a rewrite of LXC. Under the hood, LXD uses LXC through liblxc and its Go binding. This tutorial shows how to setup and use LXD on CentOS Linux 7.x server.

Run the following yum command:

$ sudo yum update

## reboot Linux box if kernel updated ##

$ sudo reboot

Step 2 – Configure EPEL repo on CentOS 7.x

Command to install EPEL repo on a CentOS Linux and RHEL 7.x:

$ sudo yum install epel-release

$ sudo yum update

See “How To Install EPEL Repo on a CentOS and RHEL 7.x” for more info.

Step 3 – How to enable and configure COPR repository for CentOS Linux

Type the following yum command:

$ sudo yum install yum-plugin-copr

$ sudo yum copr enable ngompa/snapcore-el7

Step 4 – Install LXD

Install LXD on CentOS 7 Linux:

$ sudo yum install snapd

$ sudo systemctl enable --now snapd.socket



Step 5 – Configure the CentOS Linux kernel for LXD

You need to use the grubby command. It is acommand line tool for updating and displaying information about the configuration files for various architecture specific bootloaders:

$ grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"

$ grubby --args="namespace.unpriv_enable=1" --update-kernel="$(grubby --default-kernel)"

$ sudo sh -c 'echo "user.max_user_namespaces=3883" > /etc/sysctl.d/99-userns.conf'

$ sudo reboot

Step 5 – Install the LXD on CentOS

Run the following command:

$ sudo snap search lxd

$ sudo snap install lxd

$ sudo ln -s /var/lib/snapd/snap /snap



Verify it:

$ snap list

$ snap services



Step 5 – Configuring LXD

First, you need to add yourself to the LXD group. The command to add user to Linux group is as follows:

$ sudo usermod -a -G lxd vivek

Use the id command to verify it:

$ newgrp lxd

$ id

Make sure we can talk to lxd server:

$ lxc list

To configure LXD on CentOS 7, run:

$ lxd init



Step 6 – Create and launch your first container

You can list all container images with the following command:

$ lxc image list images:

$ lxc image list images: | grep -i centos

$ lxc image list images: | grep -u ubuntu



How create and setup your first container

To create and start containers from images use the launch command as follows:

lxc launch images:{distro}/{version}/{arch} {container-name-here}

Let us see some examples to create and start containers from various Linux distro images as per your needs.

CentOS Linux 7 container

$ lxc launch images:centos/7/amd64 cenots-db



To access the VM/container:

$ lxc list

$ lxc exec centos-db bash

Ubuntu Linux 16.4 “xenial” LTS VM

$ lxc launch images:ubuntu/xenial/amd64 ubuntu-nginx

Fedora Linux 28 VM

$ lxc launch images:fedora/28/amd64 fedora27-c1

Now I have set up and use LXD on CentOS 7.x, what next?

List your containers:

lxc list

To start/stop/restart containers use:

lxc start container-name

lxc stop container-name

lxc restart container-name

Remove or delete container

lxc delete container-name

lxc delete nginx-c1

Getting info about your container:

$ lxc info container

$ lxc info centos-db



Setting up iptables rules to redirect traffic (type commands on host)

The syntax is as follows to redirect traffic for 443 coming on public IP 104.20.186.5 to container IP 10.86.112.210:443

iptables -t nat -I PREROUTING -i eth0 -p TCP -d 104.20.186.5 --dport 443 -j DNAT --to-destination 10.86.112.210:443

CentOS uses the firwalld. To find the default firewalld zone, run:

$ sudo firewall-cmd --get-default-zone

public

Open port 443 for public zone

$ sudo firewall-cmd --zone=public --add-service=https --permanent

Forward port 443 to the LXD server 10.86.112.210:443

$ sudo firewall-cmd --permanent --zone=public --add-forward-port=port=443:proto=tcp:toport=443:toaddr=10.86.112.210

Reload the fireall

$ sudo firewall-cmd --reload

Test it. Fire the web browser and type url:

https://104.20.186.5

A list of lxc command

lxc --help

lxc command --help

lxc stop --help

command Description alias Manage command aliases cluster Manage cluster members config Manage container and server configuration options console Attach to container consoles copy Copy containers within or in between LXD instances delete Delete containers and snapshots exec Execute commands in containers export Export container backups file Manage files in containers help Help about any command image Manage images import Import container backups info Show container or server information launch Create and start containers from images list List containers move Move containers within or in between LXD instances network Manage and attach containers to networks operation List, show and delete background operations profile Manage profiles publish Publish containers as images remote Manage the list of remote servers rename Rename containers and snapshots restart Restart containers restore Restore containers from snapshots snapshot Create container snapshots start Start containers stop Stop containers storage Manage storage pools and volumes version Show local and remote versions

Conclusion

You have set up CentOS and other VM running in an LXD container. You can now use your container as independent VM/jail. You can redirect traffic using iptables/ufw to containers to the specific port. For more info see the official page here and here.

