Create Ubuntu minimal image container
lxc remote add --protocol simplestreams ubuntu-minimal https://cloud-images.ubuntu.com/minimal/releases/ lxc launch ubuntu-minimal:lts ults lxc launch ubuntu-minimal:jammy u2204m # lxc exec u2004m -- apt install -y dnsutils vim inetutils-ping
#!/bin/bash if [ $# -lt 1 ]; then echo "Usage $0 <CONTAINER_NAME>" exit 1 else CONTAINER=$1 fi OS_VERSION=${2-lts} # create container lxc launch ubuntu:${OS_VERSION} ${CONTAINER} sleep 10 # deploy SSH key lxc file push --uid 0 --gid 0 --mode 600 ~/.ssh/id_rsa.pub ${CONTAINER}/root/.ssh/authorized_keys # configure http(s) proxy inside of container (if set on host) [ -z ${http_proxy} ] || echo "export http_proxy=$http_proxy" | lxc shell ${CONTAINER} -- tee -a /etc/environment [ -z ${https_proxy} ] || echo "export https_proxy=$https_proxy" | lxc shell ${CONTAINER} -- tee -a /etc/environment # update APT repository lxc exec ${CONTAINER} -- bash -c ". /etc/environment && apt update -qq && apt -qqq -y dist-upgrade" # Optional: install applications #lxc exec ${CONTAINER} -- bash -c ". /etc/environment && apt install -y haproxy"
Create default container
# launch from image lxc launch images:grafana-usage-dev grafana-usage-dev -p storage-zfs -p nic-mgmt-dev -p nic-mgmt-stage -c boot.autostart=true CONTAINER_NAME=www1-dev lxc launch ubuntu:20.04 ${CONTAINER_NAME} -c boot.autostart=true -p disk-zfs -p nic-dev-mgmt # -c security.privileged=true # lxc exec ${CONTAINER_NAME} -- rm /etc/netplan/50-cloud-init.yaml # lxc exec ${CONTAINER_NAME} -- bash -c "cat <<EOF> /etc/netplan/dev-mgmt.yaml # network: # version: 2 # ethernets: # dev-mgmt: # dhcp4: no # addresses: [10.33.0.131/24] # gateway4: 10.33.0.1 # routes: # - to: 10.33.0.0/16 # via: 10.33.0.1 # nameservers: # addresses: [10.0.0.111, 10.0.2.222] # search: [dev.example.com] # EOF # " lxc file push /root/.ssh/authorized_keys ${CONTAINER_NAME}/root/.ssh/authorized_keys lxc exec ${CONTAINER_NAME} -- apt update lxc exec ${CONTAINER_NAME} -- apt dist-upgrade -y lxc exec ${CONTAINER_NAME} -- apt purge -y lxd lxd-client unattended-upgrades packagekit linux-image-unsigned-5.6.0-1026-oem lxc exec ${CONTAINER_NAME} -- systemctl disable snapd.service && umount /snap && apt purge -y snapd lxc exec ${CONTAINER_NAME} -- apt autoremove -y lxc exec ${CONTAINER_NAME} -- apt clean lxc exec ${CONTAINER_NAME} -- locale-gen en_US.UTF-8
Create container with Ansible
- name: Create container
hosts: lxd.example.com
tasks:
- name: Create LXD container
lxd_container:
name: www1-dev
source:
type: image
mode: pull
server: https://cloud-images.ubuntu.com/minimal/releases
# server: https://images.linuxcontainers.org
alias: "lts"
# alias: ubuntu/focal/cloud
protocol: simplestreams
config:
limits.cpu: "2"
boot.autostart: "true"
volatile.eth0.hwaddr: "00:16:3e:aa:bb:cc"
user.user-data: |
#cloud-config
locale: en_US.UTF-8
timezone: Europe/Berlin
apt:
sources_list: |
deb [arch=amd64] http://mirror.example.com/current/ubuntu $RELEASE main restricted universe multiverse
deb [arch=amd64] http://mirror.example.com/current/ubuntu $RELEASE-updates main restricted universe multiverse
deb [arch=amd64] http://mirror.example.com/current/ubuntu $RELEASE-security main restricted universe multiverse
deb [arch=amd64] http://mirror.example.com/current/ubuntu $RELEASE-backports main restricted universe multiverse
apt_upgrade: true
package_upgrade: true
packages:
- openssh-server
disable_root: false
ssh_authorized_keys:
- "{{ lookup('file', '~/.ssh/id_rsa.pub') }}"
user.network-config: |
version: 1
config:
- type: physical
name: dev-mgmt
subnets:
- type: static
address: 10.3.161.44/20
gateway: 10.3.160.1
routes:
- gateway: 10.4.16.1
network: 10.4.0.0/16
dns_nameservers:
- 10.88.2.74
- 10.88.2.174
dns_search:
- dev.example.com
profiles: ["disk-zfs", "nic-dev-mgmt"]