lxcfs | LXC | |
---|---|---|
1 | 7 | |
999 | 4,449 | |
1.2% | 0.9% | |
6.8 | 9.2 | |
2 days ago | 7 days ago | |
C | C | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
lxcfs
-
Go, Containers, and the Linux Scheduler
> I wondered for a while if docker could make a fake /proc/cpuinfo
This exists: https://github.com/lxc/lxcfs
lxcfs is a FUSE filesystem that mocks /proc by inferring cgroup values in a way that makes other applications and libraries work without having to care about whether it runs in a container (to the best of its ability - there are definitely caveats).
One such example is that /proc/uptime should reflect the uptime of the container, not the host; additionally /proc/cpuinfo reflects the number of CPUs as a combination of cpu.max and cpuset.cpus (whichever the lower bound is).
As others also mentioned, inferring the number of CPUs could also be done using the sched_getaffinity syscall - this doesn't depend on /proc/cpuinfo, so depending on the library you're using you might be in a pickle.
LXC
-
LXD Moves into Canonical
I hope this doesn't affect LXC negatively.
LXC and LXD share plenty of contributors.
https://github.com/lxc/lxc/graphs/contributors
https://github.com/canonical/lxd/graphs/contributors
I use an "unprivileged LXC container" setup on several Debian bullseye hosts. It works fantastic, and each LXC container feels like a real server.
Compare that to Docker's "one-container-one-process" philosophy, reinventing the wheel by awkwardly composing multiple containers.
-
Support for Android apps
There is an issue with lxc as stated here: https://github.com/lxc/lxc/issues/4283 and https://github.com/Vanilla-OS/apx/issues/118
-
LXC & AD
I'm currently attempting to enroll my Ubuntu (20.04) (Unprivileged) LXC hosts to my windows AD server but am having difficulty. I'm using SSSD and KRB5 to manage the user directory and authentication. Once joining the domain with realmd, all seems ok, I can use the id command, etc to lookup users and groups and the host appears in Windows Users and Computers. The issue I'm having is with authentication, I believe it to be related to this issue however I don't entirely understand the solution and can't seem to find much else on the matter (Note the method I'm using works fine on full VMs). Would anybody please be able to provide more clarity in layman's terms?
-
LXC and LXD: a different container story
I don't recall having to do any uid/gid fixup last time I made an unprivileged container. I did have to prepare the unprivileged host user, of course, by reserving a range of subordinate uids/gids (/etc/sub?id) and configuring a virtual network interface limit (/etc/lxc/lxc-usernet).
To create the container, I did this:
lxc-create -t download -n -- -d debian -r bullseye -a amd64
Note that this runs the 'download' template, which (IIRC) is better suited to unprivileged containers than the 'debian' template is. The 'download' template will list its available distros if you do this:
lxc-create -t download -n -- --list
Note that some versions of lxc-create may fail with a keyserver error because sks-keyservers.net died somewhat recently. Workaround: DOWNLOAD_KEYSERVER=hkp://keyserver.ubuntu.com lxc-create
https://github.com/lxc/lxc/issues/3894
-
Lxc container still gives Cannot open TUN/TAP dev /dev/net/tun: Operation not permitted after following graysky's edit of wiki
Found this issue and edited the config file of the lxc container:
-
How to - Create LXC containers FROM Docker and OCI images
and on this thread... an different approach is described
-
Finally joining the club
https://github.com/lxc/lxc/issues/1629#issuecomment-311379508
What are some alternatives?
x11fs - A tool for manipulating X windows
Portainer - Making Docker and Kubernetes management easy.
automaxprocs - Automatically set GOMAXPROCS to match Linux container CPU quota.
Docker Compose - Define and run multi-container applications with Docker
GlusterFS - Gluster Filesystem : Build your distributed storage in minutes
Docker - Notary is a project that allows anyone to have trust over arbitrary collections of data
go - The Go programming language
Docker Swarm - Source repo for Docker's Documentation
Dokku - A docker-powered PaaS that helps you build and manage the lifecycle of applications
Harbor - An open source trusted cloud native registry project that stores, signs, and scans content.
Habitus - A build flow tool for Docker.
Starter - Helping you get started with containerized apps.