scripts useful for running a server with several lxc containers
Clone or download
tpokorra only copy the certificate file if the container exists.
avoid copying to alias website name
Latest commit 59b1b7c Jan 6, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Readme.md small fix in Readme Apr 1, 2016
backup.sh add support for https sites provided by nginx proxy Sep 3, 2014
initCentOS.sh make bionic the default release for Ubuntu Dec 9, 2018
initDebian.sh make bionic the default release for Ubuntu Dec 9, 2018
initFedora.sh make bionic the default release for Ubuntu Dec 9, 2018
initIPTables.sh save IPTables permanently when using firewalld Nov 11, 2017
initLXC.sh support LXC 2.0: Fedora, do not drop setfcap. change in fedora.common… Oct 1, 2016
initMount.sh another fix for the mounting problem with relative paths Sep 30, 2015
initUbuntu.sh make bionic the default release for Ubuntu Dec 9, 2018
initWebproxy.sh simplify initWebproxy with letsencrypt cert generation Jan 5, 2019
letsencrypt.sh only copy the certificate file if the container exists. Jan 6, 2019
lib.sh adjust for Ubuntu Bionic host and LXC 3 May 18, 2018
listcontainers.sh adjust for Ubuntu Bionic host and LXC 3 May 18, 2018
loadKey.sh load the private key May 5, 2015
lxc-fedora.patch fix building Fedora containers with squashfs f20 image Aug 1, 2015
lxc-fedora_dnf.patch init Fedora machine: use dnf instead of yum Jun 21, 2016
nginx.conf.tpl seems for port 80 we still need the HostIP May 13, 2017
nginx.sslconf.tpl fixes for letsencrypt, adding new domains etc Dec 3, 2018
reconf_container.sh move a container from Ubuntu host to Fedora host Jan 27, 2018
stopall.sh improve speed of stopping all containers Nov 11, 2017
tunnelport.sh tunnelport: only check in PREROUTING for existing tunnelled port Aug 23, 2018
upgradecontainers.sh upgradecontainers: don't use --force-yes for apt-get upgrade Jul 12, 2018

Readme.md

Purpose

These scripts are useful to manage your own server, with several Linux containers.

Installation

  • Either clone this code repository: cd ~; git clone https://github.com/tpokorra/lxc-scripts.git scripts
  • Or install a package from LBS: https://lbs.solidcharity.com/package/tpokorra/lbs/lxc-scripts
  • There is a lxc-scripts package for CentOS7, Fedora 22, and Ubuntu 14.04, with instructions how to install the package
  • To make things easier, I usually create a symbolic link: cd ~; ln -s /usr/share/lxc-scripts scripts

After installing the package, run these scripts for initializing the firewall and some fixes for the LXC templates:

/usr/share/lxc-scripts/initLXC.sh
/usr/share/lxc-scripts/initIPTables.sh

CheatSheet for my LXC scripts

  • Initialise the host IPTables so that they will be survive a reboot: ~/scripts/initIPTables.sh
  • Small fixes to the LXC system for CentOS7 and Fedora containers, and create ssh keys: ~/scripts/initLXC.sh
  • Create a container (with networking etc): ~/scripts/initFedora.sh $name $id
  • Call the script without parameters to see additional parameters, eg to specify the version of the OS etc: ~/scripts/initFedora.sh
  • There are scripts for creating Fedora, CentOS, Debian, and Ubuntu containers
  • Containers are created in /var/lib/lxc/$name, see the file config and the directory rootfs
  • Start a container: lxc-start --name $name
  • Start a container without console: lxc-start -d --name $name
  • Stop a container: lxc-stop -n $name
  • Destroy a container: lxc-destroy --name $name
  • List all containers, with running state and IP address: lxc-ls -f
  • alternatively, there is this script: ~/scripts/listcontainers.sh which works even on CentOS where python3 is not (yet) available
  • this also shows the OS of the container
  • ~/scripts/listcontainers.sh running: shows only running containers
  • ~/scripts/listcontainers.sh stopped: shows only stopped containers
  • Stop all containers: ~/scripts/stopall.sh

Snapshots:

  • are stored in /var/lib/lxcsnaps/
  • first stop the container: lxc-stop -n $name
  • then create the snapshot: lxc-snapshot -n $name
  • create with comment: echo "mycomment" > /tmp/comment && lxc-snapshot -n $name -c /tmp/comment && rm -f /tmp/comment
  • list all snapshots: lxc-snapshot -LC -n $name
  • restore a snapshot: lxc-snapshot -n $name -r snap@
  • create a new container from snapshot: lxc-snapshot -n $name -r snap@ new$name
  • delete a snapshot: lxc-snapshot -n $name -d snap@