Sanya LXC (Containers Linux) a cikin RHEL, Rocky & AlmaLinux


An kwatanta LXD a matsayin kwantena na gaba mai zuwa da manajan injin kama-da-wane wanda ke ba da immersive don tsarin Linux masu gudana a cikin kwantena ko azaman injina.

Yana ba da hotuna don adadi marar iyaka na rarrabawar Linux tare da goyan baya ga zaɓi mai yawa na ɗakunan ajiya da nau'ikan cibiyar sadarwa. Hakanan yana ba da zaɓi na shigar da hotuna akan PC/kwamfyutar mutum ɗaya har ma akan misalin gajimare.

LXD yana ba ku damar sarrafa kwantena da VM ta amfani da hanyoyi uku. Kuna iya yin amfani da abokin ciniki na lxc ko kayan aikin layin umarni, API REST, ko ma haɗin kai na ɓangare na uku.

Fitattun abubuwan LXD sun haɗa da:

  • LXD tushen hoto ne tare da hotuna don zaɓi mai faɗi na rarraba Linux.
  • An gina shi da tsaro a matsayin babban fifiko.
  • Yana bayar da REST API da kayan aikin layin umarni lxc don yin hulɗa tare da kwantena.
  • Yana ba da tallafi don ɗimbin kewayon ma'ajiyar baya, kundin ajiya, da wuraren ajiya.
  • Gudanar da hanyar sadarwa ta hanyar samar da hanyoyin sadarwa na gada da ramuka masu shiga tsakani.
  • Babban sarrafa albarkatu kamar CPU, RAM, amfani da faifai, toshe I/O, da albarkatun kernel.
  • mai sassauƙa da daidaitawa - Kuna iya tura kwantena akan PC ɗin ku kuma saita tari wanda zai iya tara dubban kwantena akan nodes daban-daban.

Kada ku ruɗe da kayan aikin abokin ciniki na lxc umarni-layi wanda LXD ke bayarwa, LXC (Container Linux) sanannen fasaha ce ta matakin OS wanda ke amfani da API mai ƙarfi da sauran kayan aikin don baiwa masu amfani damar ƙirƙira da sarrafa kwantena da injunan kama-da-wane a ciki. mai masaukin baki daya. Ya ƙunshi samfuri, yaren kayan aiki, da ɗaurin ɗakin karatu.

LXC yana ba da fa'idodin kernel masu zuwa don sarrafa matakai:

  • Sanarwar sunaye: pid, mount, uts network, da mai amfani.
  • Groups (ƙungiyoyin sarrafawa).
  • Croots - Amfani da pivot_root.
  • Manufofin biyu.
  • SELinux da bayanan bayanan Apparmor.

Linuxcontainers.org shine aikin laima a bayan duka LXD da LXC. Manufarta ita ce bayar da distro da dandamali na tsaka-tsakin mai siyarwa don fasahar kwantena na Linux.

Tare da wannan gabatarwar daga hanya, yanzu za mu nuna yadda ake ƙirƙira da sarrafa kwantena LXC akan rarrabawar Linux na tushen RHEL kamar CentOS, Rocky Linux, da AlmaLinux.

Tsarin aiki na Linux mai aiki tare da ƙaramin shigarwa:

  • Shigar da RHEL Linux
  • Shigar da CentOS Linux
  • Shigar da Rocky Linux
  • Shigar da AlmaLinux

Mataki 1: Saita SELinux zuwa Yanayin Izinin

Nan da nan daga bat, za mu fara ta hanyar daidaita SELinux da saita shi zuwa izini. Amma kafin mu yi haka, bari mu sabunta fakitin tsarin kamar haka:

$ sudo dnf update

Don saita SELinux zuwa izini, aiwatar da umarnin:

$ sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

Domin wannan ya fara aiki, sake kunna sabar ku.

$ sudo reboot

Kuma tabbatar da matsayin SELinux.

$ getenforce

Mataki 2: Sanya Ma'ajiyar EPEL

EPEL ma'auni ne daga Fedora Project wanda ke ba da saitin fakiti masu inganci don RedHat Enterprise Linux da sauran rarrabawar tushen RHEL.

$ sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
OR
$ sudo yum install epel-release

Mataki 3: Ƙara Ma'auni na Kernel

Kafin mu shigar da LXD, ana buƙatar wasu ƙarin sigogi. Don haka canza zuwa tushen mai amfani:

$ su -

Kuma ƙara sigogi kamar haka.

$ grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
$ grubby --args="namespace.unpriv_enable=1" --update-kernel="$(grubby --default-kernel)"
$ echo "user.max_user_namespaces=3883" | sudo tee -a /etc/sysctl.d/99-userns.conf

Da zarar sigogi sun kasance a wurin, sannan ci gaba kuma kunna Snap.

Mataki 4: Shigar kuma Kunna Snap

Hanya mafi sauƙi don shigar da LXD akan RHEL 8 shine shigar da shi azaman fakitin karye. Amma da farko, bari mu shigar da snap kamar haka.

$ sudo dnf install snapd

Wannan zai shigar da snapd daemon ko sabis tare da sauran abubuwan dogaro da Python kamar yadda aka nuna.

Tare da shigar da karyewa, ci gaba kuma kunna babban soket ɗin sadarwar karye.

$ sudo systemctl enable --now snapd.socket

Bugu da kari, ba da damar tallafi na yau da kullun ta hanyar ƙirƙirar alamar haɗin gwiwa daga /var/lib/snapd/snap zuwa /snap.

$ sudo ln -s /var/lib/snapd/snap  /snap

Don sabunta hanyoyin karye, sake kunna tsarin ku.

$ sudo reboot

Mataki 5: Shigar LXD Containerization Manager

Akwai hanyoyi guda biyu na shigar da LXD daga karye. Kuna iya shigar da sabuwar sigar LXD kamar yadda aka nuna.

$ sudo snap install —-classic lxd

A madadin, zaku iya shigar da sabuwar sigar LTS mai tsayi kamar haka:

$ sudo snap install lxd --channel=4.0/stable

Don samun damar aiwatar da umarnin lxc ba tare da canzawa zuwa mai amfani da sudo ba, ƙara mai amfani a halin yanzu zuwa rukunin lxd.

$ sudo usermod -aG lxd $USER

Tabbatar cewa an ƙara mai amfani zuwa ƙungiyar lxd ta jera duk ƙungiyoyin da mai amfani yake da su.

$ groups tecmint

Na gaba, gudanar da umurnin newgrp kamar haka.

$ newgrp lxd

Umurnin yana canza ID na rukuni na yanzu yayin zaman shiga. Yana saita ID na rukunin yanzu zuwa rukunin mai suna wanda shine lxd.

Mataki 6: Fara Muhalli na LXD

Kafin mu fara ƙirƙira da sarrafa kwantena na LXD, muna buƙatar fara yanayin LXD ta hanyar aiwatar da umarni.

$ lxc init

Abin da ke biyo baya shine jerin faɗakarwa waɗanda zasu ba ku damar saita yanayin ku. Matsalolin za su yi aiki da kyau, amma jin daɗin ƙayyadaddun abubuwan da kuka zaɓa.

Mun ƙirƙiri wurin ajiya mai suna tec-pool tare da zaɓi na lvm azaman baya.

Don tabbatar da yanayin LXD da kuka tsara yanzu, akwai umarni da yawa da zaku iya amfani da su. Misali, don nuna tsoffin bayanan martaba na LXD aiwatarwa:

$ lxc profile show default

Don nuna adaftar cibiyar sadarwa da adiresoshin IPv4 da IPv6, gudanar:

$ lxc network list

Kuna iya ƙara taƙaita shi kuma ku nuna mafi kyawun bayani game da mu'amalar lxdbr0 kamar haka.

$ lxc network show lxdbr0

Hakanan zaka iya tabbatar da wurin ajiya.

$ lxc storage list

Kuna iya ƙara samun cikakkun bayanai game da wurin ajiya.

$ lxc storage show tec-pool

Don lissafin kwantena lxc masu gudana, gudanar da umarni:

$ lxc list

A halin yanzu, ba mu da kwantena masu aiki tukuna. Don haka zaku sami tebur mara komai tare da alamun shafi kawai.

Mataki 7: Lissafa Hotunan Kwantena LXC da Aka Gina

Kamar Docker, dandalin LXC yana ba da ma'ajiyar hotuna da aka riga aka gina waɗanda za ku iya ƙirƙirar kwantena daga. Don jera duk hotunan da aka riga aka gina don duk tsarin aiki gami da injina, gudanar da umarni:

$ lxc image list images: 

Wannan yana cika ɗimbin jerin hotuna na kwantena da injunan kama-da-wane don duk tsarin aiki. Don taƙaitawa zuwa takamaiman rarraba Linux, yi amfani da haɗin gwiwar:

$ lxc image list images: grep -i os-type

Misali, don bincika samammun hotuna don Rocky Linux, gudanar da umarni:

$ lxc image list images: grep -i rocky

Idan kuna neman hotunan Debian, gudanar da umarni:

$ lxc image list images: grep -i debian

Mataki 8: Ƙaddamar da kwantena LXC

Don ƙaddamar da kwantena na lxc, yi amfani da syntax:

$ lxc launch images:{distro}/{version}/{arch} {container-name-here}

Anan, zamu ƙaddamar da kwantena 2: tec-container1 daga Debian 10 da tec-container2 daga Rocky Linux 8.

$ lxc launch images:debian/10/amd64 tec-container1
$ lxc launch images:rockylinux/8/amd64 tec-container2 

Don jera kwantena lxc, aiwatar da umarni:

$ lxc list

Fitowar tana nuna tarin bayanai game da kwantena. Wannan ya haɗa da sunan kwantena, jihar - ko yana gudana ko ya tsaya - adiresoshin IPv4 da IPv6, nau'in (ko akwati ko injin kama-da-wane), da adadin hotuna.

Don lissafin kwantena masu gudana kawai, gudanar da umarni:

$ lxc list | grep -i running

Hakanan, don kwantena da aka dakatar, aiwatar da:

$ lxc list | grep -i stopped

Kuna iya bincika bayanan kwantena da ma'auni kamar tafiyar matakai, CPU & amfani da ƙwaƙwalwar ajiya, da bandwidth don ambaci kaɗan ta amfani da umarnin:

$ lxc info tec-container1 

Mataki na 9: Samun damar Shell zuwa kwantena LXC

Kuna iya samun damar bash zuwa akwati ta amfani da syntax:

$ lxc exec container-name  name-of-the-shell

Don samun damar harsashi zuwa tec-container1, za mu gudanar da umarni:

$ lxc exec tec-container1 bash

Da zarar kun sami damar harsashi, zaku iya fara hulɗa tare da akwati azaman tushen mai amfani ta hanyar aiwatar da umarnin harsashi gama gari gami da sabunta tsarin kamar yadda aka nuna:

$ apt update

Don fita daga akwati, gudanar da umarni:

$ exit

A madadin, zaku iya aiwatar da umarni kai tsaye akan akwati ba tare da samun damar harsashi ta amfani da tsari mai zuwa ba:

$ lxc exec container-name command

Misali, zaku iya aiwatar da umarni masu zuwa waɗanda zasu sabunta jerin fakitin, duba sigar OS da ke gudana akan kwandon Debian kuma duba kwanan wata.

$ lxc exec tec-container1 apt update
$ lxc exec tec-container1 cat /etc/debian_version
$ lxc exec tec-container1 date

Mataki 10: Ja/Tura Fayil zuwa Akwatin LXC

Wani aiki da zaku iya aiwatarwa shine don canja wurin fayiloli zuwa ko daga akwati. Don nuna wannan, za mu ƙirƙiri sabon kundin adireshi a cikin kwandon LXD kuma mu shiga ciki.

# mkdir data && cd data

Na gaba, za mu ƙirƙiri fayil ɗin samfurin kuma mu ƙara wasu bayanai. Don yin haka za mu ƙirƙiri fayil ɗin samfurin tare da editan vim

# vim file1.txt

Na gaba, za mu buga wasu rubutun samfurin kuma mu adana fayil ɗin.

Hello World, Welcome to LXD containers.

Don cire fayil ɗin daga akwati zuwa tsarin masaukin gida, za mu yi amfani da ma'anar:

$ lxc file pull {container-name}/{path/to/file} {/path/to/local/dest}

A wannan yanayin, umarnin zai kasance:

$ lxc file pull tec-container2/root/data/file1.txt /home/tecmint

Don tura ko kwafe fayil daga kundin adireshin gida zuwa akwati yi amfani da ma'anar:

$ lxc file push {/path/to/file} {container-nane} /path/to/dest/dir/

A wannan yanayin, muna da fayil ɗin samfuri a cikin kundin adireshin gida mai suna file2.txt ana kwafi zuwa/tushen/data/ hanya a cikin akwati tec-container2.

$ lxc file push /home/tecmint/file2.txt tec-container2/root/data/

Don tabbatar da wanzuwar fayil ɗin a cikin akwati, za mu gudu:

$ lxc exec tec-container2 ls /root/data

Mataki 11: Tsaya/Fara/Sake kunnawa kuma Share Kwantenan LXC

Tare da mai amfani da layin umarni lxc zaku iya yin ayyukan sarrafa kwantena kamar tsayawa, farawa, sake farawa da share kwantena.

Don tsayar da kwandon lxc, yi amfani da ma'anar:

$ lxc stop container-name

Misali, don dakatar da tec-container1, za mu gudanar da umarni:

$ lxc stop tec-container1

Don fara kwandon lxc, yi amfani da ma'anar:

$ lxc start container-name

Misali, don fara tec-container1, za mu aiwatar:

$ lxc start tec-container1

Don sake farawa duka kwantena lxc, za mu gudanar da umarni:

$ lxc restart tec-container1
$ lxc restart tec-container2

Don share akwati na lxc, dole ne, da farko, dakatar da kwandon sannan a goge shi. Misali, don sharewa, za mu gudanar da umarni:

$ lxc stop tec-container1
$ lxc delete tec-container1

A madadin, zaku iya haɗa waɗannan umarni guda biyu kamar yadda aka nuna.

$ lxc stop tec-container1 && lxc delete tec-container1

Mataki 12: Nemo Taimako akan Zaɓuɓɓukan Layi na LXC

Don samun taimako akan wasu zaɓuɓɓukan umarni da LXC ke bayarwa, kawai gudanar da umarni:

$ lxc --help
OR
$ lxc command --help e.g
$ lxc file --help

Wannan nutsewa ne mai zurfi cikin kwantena na LXD da kuma yadda zaku iya ƙirƙira da sarrafa su ta amfani da kayan aikin lxc-layi mai amfani. Mun yi imanin cewa kun sami wannan jagorar mai taimako.