LXC is the userspace control package for Linux Containers, a lightweight virtual system mechanism sometimes described as “chroot on steroids”.
LXC builds up from chroot to implement complete virtual systems, adding resource management and isolation mechanisms to Linux’s existing process management infrastructure.
Linux Containers (lxc) implement:
Resource management via “process control groups” (implemented via the cgroup filesystem)
Resource isolation via new flags to the clone(2) system call (capable of create several types of new namespaces for things like PIDs and network routing)
Several additional isolation mechanisms (such as the “-o newinstance” flag to the devpts filesystem).
The LXC package combines these Linux kernel mechanisms to provide a userspace container object, a lightweight virtual system with full resource isolation and resource control for an application or a system.
For those who know a little bit about FreeBSD, it can be compare to the Jail system.
For example, if you're running a server, you can easily setup a container and isolate your apache/php/mysql instance and be sure that a f*cking bad guy will never compromise your main system.
So, I have forked the Slackware template that let you install a very minimal Slackware system to let you easily install a Salix-core system and be productive quickly.
All that we need is already installed in your Salix system.
You need the lxc-salix template: http://salix.svn.sourceforge.net/viewvc ... lix/trunk/
Copy it to /usr/lib(64)/lxc/templates and make it executable.
Then, set up control groups, manually first , with the commands:
- Code: Select all
mkdir -p /cgroup
mount none -t cgroup /cgroup
If that works OK, add the following line to /etc/fstab:
- Code: Select all
none /cgroup cgroup defaults 0 0
And follow these very good HowTos:
http://slackware.ponce.cc/blog/2011/07/ ... ontainers/
So, please test and write here your tips and tricks. A wiki article will follow.
Patches are welcome
https://github.com/Ponce/lxc-slackware/ ... -slackware
http://www.freebsd.org/doc/en_US.ISO885 ... jails.html