LXC Update Ճ౻ହจ 2015-02-18 Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 1 / 29

୭? Ճ౻ହจ http://www.ten-forward.ws/ @ten forward http://gplus.to/tenforward https://github.com/tenforward http://d.hatena.ne.jp/defiant/ (ٕज़ϒϩά) Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 2 / 29

୭? ϑΝʔεταʔόɹج൫։ൃ෦ɹॴଐ ৽ϒϥϯυͷϗεςΟϯάαʔϏε͸͡Ί·ͨ͠ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 3 / 29

୭? 2010 ೥ࠒʹ cgroup ͷௐࠪΛ࢝Ίͨͷ͕͖͔͚ͬͰίϯςφ पลΛ৭ʑ͓͔͚ͬͯͨͷ͕ߴͯ͜͡ͷษڧձΛ΍ͬͯ·͢ LXC ΁ͷίϛοτ ೔ຊޠ man pages / ࠷ۙ͸গ͠ίʔυ΋ linuxcontainers.org ຋༁ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 4 / 29

୭? Plamo Linux ϝϯςφ LXC ͰֶͿίϯςφೖ໳ɹʔܰྔԾ૝Խ؀ڥΛ࣮ݱ͢Δٕज़ gihyo.jp Ͱ࿈ࡌ ʲվగ৽൛ʳLinux ΤϯδχΞཆ੒ಡຊ (ٕज़ධ࿦ࣾ) Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 5 / 29

ࠓ೔ͷ಺༰ LXCFS LXC 1.1 LXD ͦͷଞ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 6 / 29

LXCFS LXC ༻ͷίϯςφ಺ͷ໰୊Λղܾ͢Δ FUSE ϑΝΠϧγε ςϜ ඇಛݖίϯςφͰ cgroupfs ͬΆ͍πϦʔΛίϯςφ಺ʹ࠶ݱ ίϯςφ಺ͷ cpuinfo, meminfo, stat, uptime Λίϯςφ޲ ͚ͷ಺༰ʹݟͤΔ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 7 / 29

LXCFS ࢖͍ํ $ sudo lxcfs -s -f -o allow_other /var/lib/lxcfs lxcfs $ ls /var/lib/lxcfs/ cgroup proc $ ls /var/lib/lxcfs/proc/ cpuinfo meminfo stat uptime $ ls /var/lib/lxcfs/cgroup/ blkio cpuacct devices hugetlb name=systemd cpu cpuset freezer memory perf_event Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 8 / 29

LXCFS LXCFS ͷ proc ҎԼͷϑΝΠϧ͸ͦΕͧΕίϯςφ಺ͷ /proc ҎԼʹόΠϯυϚ΢ϯτ͞ΕΔ ϗετͷ cgroupfs ͷίϯςφʹରԠ͢Δ cgroup ͔Βಘͨ৘ ใΛݩʹίϯςφ಺ͷ֤ϑΝΠϧΛੜ੒ LXCFS ͷ cgroup ҎԼͷσΟϨΫτϦ͸ίϯςφ಺ͷ /sys/fs/cgroup ҎԼʹόΠϯυϚ΢ϯτ͞ΕΔ systemd ͕ίϯςφ಺Ͱಈ͘৔߹ʹඞཁ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 9 / 29

LXCFS ͜Ε·Ͱ $ sudo grep cgroup /var/lib/lxc/ct01/config lxc.cgroup.memory.limit_in_bytes = 256M (ϝϞϦ্ݶ 256MB ʹઃఆ) $ sudo lxc-start -n ct01 -d (ίϯςφىಈ) $ grep MemTotal /proc/meminfo (ϗετͷϝϞϦྔ) MemTotal: 1017908 kB $ sudo lxc-attach -n ct01 -- grep MemTotal /proc/meminfo MemTotal: 1017908 kB (ϗετͷϝϞϦྔͦͷ··) LXCFS Λ࢖ͬͨ৔߹ $ sudo grep cgroup /var/lib/lxc/ct01/config lxc.cgroup.memory.limit_in_bytes = 256M (ϝϞϦ্ݶ 256MB ʹઃఆ) $ sudo lxc-start -n ct01 (ίϯςφىಈ) $ grep MemTotal /proc/meminfo (ϗετͷϝϞϦྔ) MemTotal: 1017792 kB $ sudo lxc-attach -n ct01 -- grep MemTotal /proc/meminfo MemTotal: 262144 kB (cgroup Ͱઃఆ੍ͨ͠ݶͷ஋ʹͳ͍ͬͯΔ) Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 10 / 29

ࠓ೔ͷ಺༰ LXCFS LXC 1.1 LXD ͦͷଞ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 11 / 29

LXC 1.1 LXC 1.1.0 2015 ೥ 1 ݄ 30 ೔ʹϦϦʔε 2016 ೥ 1 ݄ or ࣍ͷϦϦʔε͕͞Ε͍ͯͳ͍৔߹͸ϦϦʔε ͷ 2 ϲ݄ޙ·Ͱαϙʔτ LXC 1.0 ܥྻ͸ 2019 ೥ 4 ݄·Ͱαϙʔτ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 12 / 29

LXC 1.1 ৽ػೳ CRIU Λ࢖ͬͨίϯςφͷνΣοΫϙΠϯτɾϦετΞػೳ ͷαϙʔτ ίϯςφͷ init ͱͯ͠ systemd Λαϙʔτ cgmanager, lxcfs ͱ૊Έ߹ΘͤͯඇಛݖίϯςφͰ΋ಈ࡞ Մೳ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 13 / 29

LXC 1.1 ʙ CRIU ʹΑΔC/R lxc-checkpoint ϓϩάϥϜʹΑΔνΣοΫϙΠϯτɾϦετΞ ubuntu@criu1:~$ sudo lxc-start -n ct01 ubuntu@criu1:~$ sudo lxc-checkpoint -v -n ct01 -s -D /tmp/checkpoint (νΣο ΫϙΠϯτॲཧޙʹίϯςφఀࢭ) ubuntu@criu1:~$ sudo lxc-ls --fancy NAME STATE IPV4 IPV6 GROUPS AUTOSTART -------------------------------------------- ct01 STOPPED - - - NO ubuntu@criu1:~$ ls /tmp/criu/ cgroup.img fdinfo-17.img inventory.img pages-15.img core-170.img fdinfo-18.img ipcns-msg-9.img pages-16.img core-176.img fdinfo-2.img ipcns-sem-9.img pages-17.img core-1.img fdinfo-3.img ipcns-shm-9.img pages-1.img core-260.img fdinfo-4.img ipcns-var-9.img pages-2.img core-261.img fdinfo-5.img iptables-8.img pages-3.img : (snip) ubuntu@criu1:~$ sudo rsync -avz --devices --rsync-path="sudo rsync" \ /var/lib/lxc/ct01 ubuntu@192.168.122.26:/var/lib/lxc ubuntu@criu1:~$ sudo rsync -avz --rsync-path="sudo rsync" \ /tmp/checkpoint ubuntu@192.168.122.26:/tmp Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 14 / 29

LXC 1.1 ʙ CRIU ʹΑΔC/R lxc-checkpoint ϓϩάϥϜʹΑΔνΣοΫϙΠϯτɾϦετΞ ubuntu@criu2:~$ ls /tmp/criu/ cgroup.img fdinfo-3.img ipcns-sem-9.img pages-3.img core-1.img fdinfo-4.img ipcns-shm-9.img pages-4.img core-255.img fdinfo-5.img ipcns-var-9.img pages-5.img core-260.img fdinfo-6.img iptables-8.img pages-6.img : (snip) ubuntu@criu2:~$ sudo lxc-checkpoint -n ct01 -r -D /tmp/checkpoint -v -d ubuntu@criu2:~$ sudo lxc-ls -f NAME STATE IPV4 IPV6 GROUPS AUTOSTART -------------------------------------------------- ct01 RUNNING 10.0.3.200 - - NO Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 15 / 29

LXC 1.1 ͦͷଞมߋ఺ lxc-start ͸σʔϞϯϞʔυ͕σϑΥϧτʹ lxc-execute ͸ίϯςφ಺ʹ lxc-init ΛόΠϯυϚ΢ϯτ͢Δ Α͏ʹ lxc.autodev ͕σϑΥϧτ༗ޮʹɻ࠷௿ݶͷ /dev ҎԼΛ LXC ͕४උ lxc-snapshot ͷεφοϓγϣοτͷอଘ৔ॴ͕ίϯςφσΟ ϨΫτϦ಺ʹ openvswitch ϒϦοδͷαϙʔτ lxc-top, lxc-device ίϚϯυ͕ C όΠφϦʹ ͦͷଞଟ਺ (https://linuxcontainers.org/ja/lxc/news/) Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 16 / 29

ࠓ೔ͷ಺༰ LXCFS LXC 1.1 LXD ͦͷଞ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 17 / 29

LXD ߏ੒ REST API Λఏڙ͢ΔσʔϞϯ ίϚϯυϥΠϯΫϥΠΞϯτ OpenStack Nova ϓϥάΠϯ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 18 / 29

LXD ػೳ APIɺίϚϯυϥΠϯπʔϧΛ࢖ͬͯωοτϫʔΫ্ͷίϯ ςφͷ؅ཧ͕Մೳ Πϝʔδϕʔε ϥΠϒϚΠάϨʔγϣϯ LXD ϗετΛ OpenStack ίϯϐϡʔτϊʔυʹ LXC ͷ Go όΠϯσΟϯάΛ࢖ͬͯ liblxc ܦ༝ͰίϯςφΛૢ࡞ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 19 / 29

LXD LXD ͷىಈ lxd ͷىಈ $ mkdir -p /var/lib/lxd $ lxd & ެࣜจॻ͸ҰൠϢʔβͰىಈ͍ͯ͠Δɻͦͷ৔߹͸ඇಛݖί ϯςφ޲͚ͷ४උ͕ඞཁ subuid, subgid ͷઃఆ chown $USER:$USER /var/lib/lxd Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 20 / 29

LXD ϩʔΧϧͷίϯςφͷૢ࡞ ίϯςφ࡞੒ɺىಈ $ lxc init ubuntu test01 (ίϯςφͷ࡞੒ɺΠϝʔδΛऔಘͯ͠ίϯςφ࡞੒) $ lxc list (Ұཡ) test01 $ lxc start test01 (ίϯςφىಈ) ίϯςφ಺ͰίϚϯυͷ࣮ߦ $ lxc exec test01 -- /bin/uname -a Linux test01 3.19.0-plamo64-karma #2 SMP PREEMPT Mon Feb 9 16:13:40 JST 2015 x86_ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 21 / 29

LXD ϦϞʔτ͔Βͷૢ࡞Λड͚෇͚Δ࣌ͷ LXD ͷىಈ lxd ͷىಈ $ lxd --tcp=10.200.200.200:8443 & $ lxc config set pasword (ύεϫʔυͷઃఆ) Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 22 / 29

LXD ϦϞʔτͷ LXD ϗετͷૢ࡞Λߦ͏ (https://asciinema.org/a/16544) ϦϞʔτϗετͷొ࿥ $ lxc remote add lxdhost 10.200.200.200:8443 (10.200.200.200 ͷϗετΛ "lxdhost" ͱ͍͏໊લͰొ࿥) Certificate fingerprint: 8c ea 8b a3 a0 64 dd 9f 5e fb 28 dd f6 89 c6 58 7c 8b e0 ab 62 c1 14 f5 50 dc 44 16 ok (y/n)? y Admin password for lxdhost: ("lxdhost" Ͱઃఆͨ͠ύεϫʔυΛೖΕΔ) Client certificate stored at server: lxdhost ϦϞʔτͷίϯςφͷૢ࡞ $ lxc init ubuntu lxdhost:test01 ("test01" ίϯςφΛ "lxdhost" ʹ࡞੒) $ lxc list lxdhost: ("lxdhost" ͷίϯςφҰཡ) test01 $ lxc start lxdhost:test01 ("lxdhost"্ͷ"test01"ίϯςφͷىಈ) $ lxc exec lxdhost:test01 -- /bin/uname -a ("lxdhost"্ͷ"test01"ίϯςφͰ uname ίϚϯυ࣮ߦ) Linux test01 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 23 / 29

ࠓ೔ͷ಺༰ LXCFS LXC 1.1 LXD ͦͷଞ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 24 / 29

ͦͷଞ ެࣜϖʔδ https://linuxcontainers.org ϦχϡʔΞϧ ೔ຊޠϖʔδ͸׬શʹӳޠϖʔδʹ௥ਵ (ͯ͠Δͭ΋Γ w) ଴๬ͷϩΰϚʔΫ (?) Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 25 / 29

·ͱΊ LXCFS LXC 1.1 LXD ͦͷଞ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 26 / 29

·ͱΊ LXC 1.0.0 ϦϦʔε͔Β໿ 1 ೥ɺࡉ͔͍ͱ͜ΖͰ࢖͍উख͕ ྑ͘ͳͬͨΓɺ༷ʑͳ؀ڥͰ౳͖ͪ͘͠Μͱಈ͘Α͏ʹͳͬ ͨײ͡ LXD ָ͠Έ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 27 / 29

ڠྗऀืू ڠྗऀืूதɻಛʹϨϏϡʔ man pages ຋༁ linuxcontainers.org ຋༁ ͜ͷษڧձ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 28 / 29

͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ Ճ౻ହจ ୈ 6 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձ 2015-02-18 29 / 29