How to backup LXC containers

Moving LXC containers between host systems

This is how I migrate LXC containers between systems. I’ve successfully moved ubuntu based 12.04 containers to a 14.04 host, and they work great.

  • Shutdown the container
    # lxc-stop -n $NAME
    
  • Archive container rootfs & config
    # cd /var/lib/lxc/$NAME/
    # tar --numeric-owner -czvf container_fs.tar.gz ./*
    

    The ‘–numeric-owner’ flag is very important! Without it, the container may not boot because the uid/gids get mangled in the extracted filesystem. When tar creates an archive, it preserves user / group ownership information. By default, when extracting, tar tries to resolve the archive user/group ownership names with the ids on the system running tar. This is intended to ensure that user ownership is resolved on the new system, in case the UID numeric values differ between systems.

    This is bad for an LXC filesystem because the numeric uid/gid ownership is intended to be preserved for the whole filesystem. If it gets resolved to a different value, bad things happen.

  • Copy the file to your new server
    # rsync -avh container_fs.tar.gz user@newserver:/var/lib/lxc/
    
  • Extract rootfs
    # mkdir /var/lib/lxc/$NAME/
    # cd /var/lib/lxc/$NAME/
    # tar --numeric-owner -xzvf container_fs.tar.gz ./*
    

If you’re using an overlay backed container, you’ll also need to migrate the container this new one is based off of. Lastly, you might see a few warnings about skipped socket files:

tar: /var/lib/lxc/$NAME/rootfs/dev/log: socket ignored

I’ve ignored this error, and haven’t had any issues with any of the containers I manage. If you have further issues, add your error messages to the original post and I’ll elaborate.

 

Source: http://stackoverflow.com/a/34194341

Advertisements
How to backup LXC containers

LXC share folder

Exposing a directory on the host machine to an LXC container

  1. Log into the container and create an empty directory, this will be the mount point
  2. Log out and stop the container.
  3. Open to your container’s config file
    • For regular LXC containers: /var/lib/lxc/mycontainer/config
    • For unprivileged LXC containers: $HOME/.local/share/lxc/mycontainer/config
  4. Add a new line above the lxc.mount directive, that follows the format below. Substitute proper paths as necessary:
    • lxc.mount.entry = /path/to/folder/on/host /path/to/mount/point none bind 0 0
    • Both of these paths are relative to the host machine.
    • Location of the root fs in the container can be found at:
      • For regular LXC containers: /var/lib/lxc/mycontainer/rootfs/
      • For unprivileged LXC containers: $HOME/.local/share/lxc/mycontainer/rootfs

Note: If the host’s user does not exist in the container, the container will still be mounted, but with nobody:nogroup as the owner. This may not be a problem unless you need to write to these files, in which case you’ll need to give everybody write permission to that folder. (i.e. chmod -R go+w /folder/to/share)

Example

I want to share /home/julianlam/foobar to my unprivileged container bazquux. In bazquux, I want this folder to be found at /mnt/baz.

In the container:

$ cd /mnt
$ sudo mkdir baz
$ logout

In the host, I will add the following line above lxc-mount in /home/julianlam/.local/share/lxc/bazquux/config:

lxc.mount.entry = /home/julianlam/foobar /home/julian/.local/share/lxc/bazquux/rootfs/mnt/baz none bind 0 0

Source: https://gist.github.com/julianlam/07abef272136ea14a627

LXC share folder

Bridge interface for lxc-containers

Script for creating bridge interface and applying  iptable routing rule:

#!/bin/bash

CMD_BRCTL=/sbin/brctl
CMD_IFCONFIG=/sbin/ifconfig
CMD_IPTABLES=/sbin/iptables
CMD_ROUTE=/sbin/route
NETWORK_BRIDGE_DEVICE_NAT=lxc-br0
HOST_NETDEVICE=eth0
PRIVATE_GW_NAT=192.168.0.1
PRIVATE_NETMASK=255.255.255.0

${CMD_BRCTL} addbr ${NETWORK_BRIDGE_DEVICE_NAT}
${CMD_BRCTL} setfd ${NETWORK_BRIDGE_DEVICE_NAT} 0
${CMD_IFCONFIG} ${NETWORK_BRIDGE_DEVICE_NAT} ${PRIVATE_GW_NAT} netmask ${PRIVATE_NETMASK} promisc up
${CMD_IPTABLES} -t nat -A POSTROUTING -o ${HOST_NETDEVICE} -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

Edit the container config:

# Network configuration
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = lxc-br0
lxc.network.name = eth0
lxc.network.hwaddr = 00:FF:AA:00:00:01
lxc.network.ipv4 = 192.168.0.2/24
lxc.network.ipv4.gateway = 192.168.0.1

Edit the container interfaces:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
address 192.168.0.2
netmask 255.255.255.0
gateway 192.168.0.1
dns-nameservers 8.8.8.8

Enjoy the working network inside your lxc-container!

Bridge interface for lxc-containers

Relocating Firefox profile and cache to tmpfs

To reduce disk IO I’m mount Firefox profile to tmpfs.

.mozilla/firefox/dj8vbpx8.default


But some time ago Mozilla developer splitted cache and profile.

.cache/mozilla/firefox/dj8vbpx8.default


So here is modified script for running Firefox:

cat bin/firefox-sync
#!/bin/sh

static=main
link=dj8vbpx8.default
volatile=/dev/shm/firefox-$USER
cache=/dev/shm/firefox-cache-$USER

IFS=
set -efu

cd ~/.mozilla/firefox

if [ ! -r $volatile ]; then
mkdir -m0700 $volatile
fi

if [ "$(readlink $link)" != "$volatile" ]; then
mv $link $static
ln -s $volatile $link
fi

if [ -e $link/.unpacked ]; then
rsync -av --delete --exclude .unpacked ./$link/ ./$static/
else
rsync -av ./$static/ ./$link/
touch $link/.unpacked
fi

cd ~/.cache/mozilla/firefox

if [ ! -r $cache ]; then
mkdir -m0700 $cache
fi

if [ "$(readlink $link)" != "$cache" ]; then
mv $link $static
ln -s $cache $link
fi

if [ -e $link/.unpacked ]; then
rsync -av --delete --exclude .unpacked ./$link/ ./$static/
else
rsync -av ./$static/ ./$link/
touch $link/.unpacked
fi


Enjoy!

Relocating Firefox profile and cache to tmpfs

Debian, radeon and vdpau

Recently I encountered some warning message in terminal while playing video:

Failed to open VDPAU backend libvdpau_r600.so: cannot open shared object file: No such file or directory
[vdpau] Error when calling vdp_device_create_x11: 1


I’m use open source vide driver radeon with such videocard:

lspci | grep VGA
00:01.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Wrestler [Radeon HD 6310]


So to fix this I downloaded from Arch Linux repos this files:

ls tmp/vdpau/ | grep pkg
ati-dri-10.2.5-1-i686.pkg.tar.xz
llvm-libs-3.4.2-1-i686.pkg.tar.xz


And extracted all libraried to lib directory:

ls tmp/vdpau/lib/
libLLVM-3.4.2.so libvdpau_r600.so libvdpau_r600.so.1.0.0
libLLVM-3.4.so libvdpau_r600.so.1


Create script with something like this:

export VDPAU_DRIVER=r600
export LIBVA_DRIVER_NAME=vdpau
export LD_LIBRARY_PATH="/home/max/tmp/vdpau/lib"


After this you will achieve working vdpau:

Starting playback...
VIDEO: 1280x720 25.000 fps 1739.2 kbps (217.4 kB/s)
VO: [vdpau] 1280x720 => 1280x720 Planar YV12
[vdpau] Got display refresh rate 59.973 Hz.
[vdpau] If that value looks wrong give the -vo vdpau:fps=X suboption manually.


Enjoy!

vdpau

Debian, radeon and vdpau