Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[documentation] create one own images.linuxcontainers store #1581

Closed
erickeller opened this issue Feb 9, 2016 · 11 comments

Comments

4 participants
@erickeller
Copy link

commented Feb 9, 2016

I was wondering if there is more information about how the images.linuxcontainers.org:8443 server is setup.

I would like to create my own image store where users can grab the latest version of a specific image.
Could someone explain or point me to a spec file?

Cheers
Eric

@stgraber

This comment has been minimized.

Copy link
Member

commented Feb 9, 2016

images.linuxcontainers.org:8443 is a weirdly setup apache server which pretends to be a LXD server, I'm not sure I'd recommend you do something like that youself :)

What you can do however is just run a public facing LXD server, then copy a bunch of images to it by using:

lxc copy <your image> <remote name>: --alias <some name> --public

That --public flag means that the image will be accessible to "untrusted" users. Those users can add your image server with:

lxc remote <some name> <your server URL> --public

and then use it as you usually would:

lxc launch <some name>:<image identifier> <container name>
@stgraber

This comment has been minimized.

Copy link
Member

commented Feb 15, 2016

Did the above steps help you?

@stgraber stgraber added the Incomplete label Feb 15, 2016

@erickeller

This comment has been minimized.

Copy link
Author

commented Feb 22, 2016

Hi Stéphane, unfortunately I had no time to try this out, I will give some feed back as soon as I played around.

@erickeller

This comment has been minimized.

Copy link
Author

commented Feb 22, 2016

Re I did some experimentation using some 2 vagrant boxes:

  • lxcserver: ubuntu willy, exposing the port 8443 ( 192.168.1.134)
  • lxcclient: ubuntu willy ( 192.168.1.116)

unfortunately when trying to add the lxcserver as remote in my lxcclient box it fails:

vagrant@vagrant-ubuntu-wily-64:~$ sudo lxc remote add mylxd 192.168.1.134
Generating a client certificate. This may take a minute...
If this is your first run, you will need to import images using the 'lxd-images' script.
For example: 'lxd-images import ubuntu --alias ubuntu'.
error: Get https://192.168.1.134:8443/1.0: Unable to connect to: 192.168.1.134:8443

Does the lxd service run on port 8443 per default or should I install a nginx to host the /var/lib/lxd/images?

thanks for your help

@stgraber

This comment has been minimized.

Copy link
Member

commented Feb 23, 2016

By default LXD won't listen to the network, you'd have to run:

lxc config set core.https_address "[::]:8443"

To have it bind all IP addresses on port 8443

@erickeller

This comment has been minimized.

Copy link
Author

commented Feb 23, 2016

Well I was able to setup a local LXD server when configuring lxc as specified in you last comment.

in your first comment there is an "image" keyword missing:
lxc copy <your image> <remote name>: --alias <some name> --public
should be
lxc image copy <your image> <remote name>: --alias <some name> --public

if one have to copy an image from one host to another the lxc config set core.https_address "[::]:8443" has to be done on both side otherwise the following error showed up:
error: The source remote isn't available over the network

I also had to set to an empty password on the server side:
lxc config set core.trust_password ""

and finally by adding a LXD remote server automatically I had to use --accept-certificate:
lxc remote <some name> <your server URL> --public --accept-certificate

Note about the trust_password option: some feature would be nice to have a download channel (without password) and an upload channel (with password or key) as a minimal access control to the central LXD server.

thanks for your help again, you can close this issue!

@stgraber stgraber closed this Feb 29, 2016

@JedMeister

This comment has been minimized.

Copy link

commented Oct 19, 2016

Hi,

Apologies on necroposting...

I work with TurnKey Linux and we have had a request (via our forums) to provide our (LXC) images via something like this (that's where I got the link to this thread).

However, we don't use LXC/LXD internally (I use LXC personally, but we don't have any infrastructure that is running it). As such we don't want to run a new server (with LXD), instead it would suit us much better to use a

weirdly setup apache server which pretends to be a LXD server

as provided by images.linuxcontainers.org:8443 (noted above by @stgraber).

So is it possible to share that "weird" Apache setup? Even better if it can be adapted to Nginx!?

If we had something like that then we could just add the config to our existing webserver and provide the LXC images directly from our existing file mirror. Is that doable? Any hints on how we might achieve that?

@stgraber

This comment has been minimized.

Copy link
Member

commented Oct 19, 2016

@JedMeister so it's likely that providing a simplestreams server may be easier since it's also entirely static and just needs a bunch of json files to be placed at the right location.

Note however that whichever way you go, LXD only supports https, so you will need an https enabled web server (though with letsencrypt, it's pretty easy to get nowadays).

You can look at the simplestreams bits of our image server here:

If you publish those two files at /streams/v1/ on your image server and publish information about your image in the same format we are, you'll then be able to add this as an image server to LXD with:

lxc remote add turnkey https://your-server.com --protocol=simplestreams

And then interact with it through the usual LXD commands.

@JedMeister

This comment has been minimized.

Copy link

commented Oct 19, 2016

Thanks tons @stgraber - You rock! 😄

@GavrielNsof

This comment has been minimized.

Copy link

commented Aug 21, 2018

Hey @stgraber, is there a way to publish on a simplestreams server a unified tar ball?
(and not a split tarball)

How image.json should look in that way? (or any other json)?

@stgraber

This comment has been minimized.

Copy link
Member

commented Aug 21, 2018

Not at this time no, it probably wouldn't be too difficult to implement though, we'd need a new ftype value to indicate that it's a unified tarball and then add support in LXD's simplestreams handler for that.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.