LXD入門 (2015-09-26) / 8th CTStudy

Transcript

1. LXDೖ໳ Ճ౻ହจ 2015-09-26 Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 1 /

   24

2. ࣗݾ঺հ Ճ౻ହจ http://www.ten-forward.ws/ @ten forward http://gplus.to/tenforward https://github.com/tenforward http://d.hatena.ne.jp/defiant/ (ٕज़ϒϩά) Ճ౻ହจ

   ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 2 / 24

3. ࣗݾ঺հ ϑΝʔεταʔόɹج൫։ൃ෦ɹॴଐ ৽ϒϥϯυͷϗεςΟϯάαʔϏε͸͡Ί·ͨ͠ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 3 /

   24

4. ࣗݾ঺հ Plamo Linux ϝϯςφ LXC ͰֶͿίϯςφೖ໳ɹʔܰྔԾ૝Խ؀ڥΛ࣮ݱ͢Δٕज़ gihyo.jp Ͱ࿈ࡌ Ճ౻ହจ ୈ

   8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 4 / 24

5. ࣗݾ঺հ LXC ͷ։ൃʹগ͠ࢀՃ man page ͷ೔ຊޠ༁ ެࣜϖʔδ (linuxcontainers.org) ຋༁ όάϑΟοΫεͳͲগ͚ͩ͠ίʔυʹ΋ߩݙ

   Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 5 / 24

6. ࠓ೔ͷ໨ඪ LXD ͷ֓ཁΛ঺հ͢Δ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 6 /

   24

7. ࠓ೔ͷ಺༰ LXD ͷ֓ཁ LXD Λ࢖ͬͯΈΔ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26

   7 / 24

8. LXDͱ͸ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 8 / 24

9. LXDͱ͸ Canonical ͱ Ubuntu ͕ઃཱ͠ओಋ͢ΔϓϩδΣΫτ Go Ͱॻ͔Ε͍ͯΔ 2015 ೥ 2

   ݄ʹόʔδϣϯ 0.1 ϦϦʔεɺ 2015 ೥ 9 ݄ݱࡏόʔδϣϯ 0.18 ݱ࣌఺Ͱ͸ linuxcontainers.org ಺ͷϓϩδΣΫτͷதͰ͸Ұ ൪׆ൃʹ։ൃ͞Ε͍ͯΔ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 9 / 24

10. LXCͱͷؔ܎ ̡̭̘ͷஔ͖׵͑Ͱ͸ͳ͍ LXC ͸ϗετ্ͷίϯςφΛૢ࡞͢ΔϥΠϒϥϦͱίϚϯυ LXD ͸ωοτϫʔΫ্ʹ͋Δίϯςφϗετ্ͷίϯςφΛ ؅ཧɺૢ࡞͢Δ lxd ͸ liblxc+liblxc

    ͷ Go όΠϯσΟϯά (go-lxc) Λ࢖ͬͯ ͍Δ (lxc ίϚϯυ͸ go-lxc ʹґଘ͠ͳ͍) Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 10 / 24

11. ߏ੒ lxd REST API Λఏڙ͠ɺίϯςφΛ؅ཧ͢ΔσʔϞϯ lxc lxd ͱ௨৴͠ɺίϯςφͷૢ࡞Λߦ͏ίϚϯυϥΠϯΫϥΠΞ ϯτ nova-compute-lxd

    OpenStack Nova ϓϥάΠϯ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 11 / 24

12. ಛ௕ ηΩϡΞ LXC ͷ༷࣋ͭʑͳηΩϡϦςΟػೳΛ࢖༻ σϑΥϧτඇಛݖίϯςφ Πϝʔδϕʔε γϯϓϧͳ API ͱίϚϯυϥΠϯ ίϚϯυϥΠϯ͸

    lxc ίϚϯυͷΈɻαϒίϚϯυͰॲཧΛࢦ ఆ͢Δ ϥΠϒϚΠάϨʔγϣϯ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 12 / 24

13. LXDΛ࢖ͬͯΈΔ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 13 / 24

14. LXDͷΠϯετʔϧ Ubuntu 15.04 ͳΒΠϯετʔϧ͸؆୯   $ sudo apt-get install

    lxd   ͔͠͠ɺLXD ͸ߋ৽͕සൟ͗͢ΔͷͰҎԼ͕Φεεϝɻ   $ sudo add-apt-repository ppa:ubuntu-lxc/lxd-stable $ sudo apt-get update $ sudo apt-get dist-upgrade $ sudo apt-get install lxd   ී௨ʹιʔε͔ΒϏϧυͯ͠΋ OKɻྫ͑͹ɺ   $ go get github.com/lxc/lxd $ cd $GOPATH/src/github.com/lxc/lxd $ make   Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 14 / 24

15. ΠϝʔδͷΠϯϙʔτ LXD Πϝʔδ͕ଘࡏ͢ΔΠϝʔδαʔόΛొ࿥ lxd-images Ͱ Ubuntu Cloud ΠϝʔδΛऔಘͯ͠ίϯόʔτ lxc image

    import ͰΠϯϙʔτ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 15 / 24

16. Πϝʔδαʔόͷొ࿥ͱίϯςφىಈ images.linuxcontainers.org ͕ར༻Ͱ͖Δ   $ lxc remote add images

    images.linuxcontainers.org   ΠϝʔδαʔόΛొ࿥͢ΔͱϦϞʔτΠϝʔδΛࢦఆͯͦ͠ ͷ··ىಈͰ͖Δ   $ lxc launch images:centos/7/amd64 centos Creating centos done. Starting centos done. $ lxc list +--------+---------+------------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | EPHEMERAL | SNAPSHOTS | +--------+---------+------------+------+-----------+-----------+ | centos | RUNNING | 10.0.3.113 | | NO | 0 | +--------+---------+------------+------+-----------+-----------+ $ lxc stop centos   Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 16 / 24

17. ϦϞʔταʔόͷίϯςφͷૢ࡞ αʔόଆ σϑΥϧτͰ͸ Unix domain socket ܦ༝ͰϩʔΧϧ͔Βͷ ઀ଓͷΈड͚෇͚ΔɻϦϞʔτ͔Β઀ଓΛड͚෇͚ΔΑ͏ʹ ઃఆ͠ɺ઀ଓύεϫʔυΛઃఆ͢Δඞཁ͕͋Δɻ 

     $ lxc config set core.https_address [::] $ lxc config set core.trust_password hogehoge   ΫϥΠΞϯτଆ ϦϞʔταʔόΛొ࿥͢Δ   $ lxc remote add lxdtest02 188.166.252.161 Certificate fingerprint: 80978deed77211dd06127bd7c74421a14c8e3cbc8911b9f109 ok (y/n)? y Admin password for lxdtest02: Client certificate stored at server: lxdtest02   Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 17 / 24

18. ϦϞʔταʔόͷίϯςφૢ࡞ ొ࿥ͨ͠ϦϞʔταʔό໊Λ “remote:” ͷܗͰίϯςφ໊ͷ લʹ෇͚Δ   $ lxc launch

    lxdtest02:trusty lxdtest02:trusty Creating trusty done. Starting trusty done. $ lxc list lxdtest02: +--------+---------+-----------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | EPHEMERAL | SNAPSHOTS | +--------+---------+-----------+------+-----------+-----------+ | trusty | RUNNING | 10.0.3.41 | | NO | 0 | +--------+---------+-----------+------+-----------+-----------+ $ lxc stop lxdtest02:trusty   Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 18 / 24

19. ίϯςφͷҠಈ lxc move ίϚϯυ ϩʔΧϧͰ࣮ߦ͢ΔͱίϯςφͷϦωʔϜ ϦϞʔτؒͰ࣮ߦ͢Δͱ (ϚΠάϨʔγϣϯ) ίϯςφఀࢭதͳΒίϯςφσʔλͷϗετؒҠಈ ίϯςφಈ࡞தͳΒϥΠϒϚΠάϨʔγϣϯ ϥΠϒϚΠάϨʔγϣϯ͸

    CRIU Λར༻͍ͯ͠Δ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 19 / 24

20. ϚΠάϨʔγϣϯ Ҡಈݩ΋Ҡಈઌ΋ϦϞʔτొ࿥ (lxc remote add) ͍ͯ͠Δ ඞཁ͋Γ CRIU ͸ඇಛݖίϯςφʹରԠ͍ͯ͠ͳ͍ͷͰಛݖίϯςφ ʹ͢Δඞཁ͕͋Δ

    profile ͰඞཁͳઃఆΛߦ͏   $ lxc profile show criu name: criu config: raw.lxc: | lxc.tty = 0 lxc.console = none lxc.cgroup.devices.deny = c 5:1 rwm security.privileged: "true" devices: eth0: nictype: bridged parent: lxcbr0 type: nic   Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 20 / 24

21. ϚΠάϨʔγϣϯ ίϯςφʹ profile Λద༻   $ lxc profile apply

    local:trusty criu Profile criu applied to trusty $ lxc config show trusty name: trusty profiles: - criu :(ུ)   Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 21 / 24

22. ϚΠάϨʔγϣϯ   $ lxc start trusty $ lxc list

    +--------+---------+------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | EPHEMERAL | SNAPSHOTS | +--------+---------+------+------+-----------+-----------+ | trusty | RUNNING | | | NO | 0 | +--------+---------+------+------+-----------+-----------+ $ lxc move lxdtest01:trusty lxdtest02:trusty $ lxc list lxdtest02: +--------+---------+------+------+-----------+-----------+ | NAME | STATE | IPV4 | IPV6 | EPHEMERAL | SNAPSHOTS | +--------+---------+------+------+-----------+-----------+ | trusty | RUNNING | | | NO | 0 | +--------+---------+------+------+-----------+-----------+   σϞ͠Α͏ͱࢥ͍·͕ͨ͠ݱ࣌఺ͷόʔδϣϯͰ͸ಈ͖·ͤ ΜͰͨ͠ɻ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 22 / 24

23. ·ͱΊ LXD ͱ͸ ϓϩδΣΫτ֓ཁ LXC ͱͷؔ܎ ߏ੒ ಛ௕ LXD Λ࢖ͬͯΈΔ

    Πϯετʔϧ Πϝʔδૢ࡞ ίϯςφૢ࡞ ϚΠάϨʔγϣϯ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 23 / 24

24. ͝ਗ਼ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ Ճ౻ହจ ୈ 8 ճίϯςφܕԾ૝Խͷ৘ใަ׵ձˏ౦ژ 2015-09-26 24 / 24