Sanya LXC (Containers Linux) a cikin RHEL, Rocky & AlmaLinux
An kwatanta LXD a matsayin kwantena na gaba mai zuwa da manajan injin kama-da-wane wanda ke ba da immersive don tsarin Linux masu gudana a cikin kwantena ko azaman injina.
Yana ba da hotuna don adadi marar iyaka na rarrabawar Linux tare da goyan baya ga zaɓi mai yawa na ɗakunan ajiya da nau'ikan cibiyar sadarwa. Hakanan yana ba da zaɓi na shigar da hotuna akan PC/kwamfyutar mutum ɗaya har ma akan misalin gajimare.
LXD yana ba ku damar sarrafa kwantena da VM ta amfani da hanyoyi uku. Kuna iya yin amfani da abokin ciniki na lxc ko kayan aikin layin umarni, API REST, ko ma haɗin kai na ɓangare na uku.
Fitattun abubuwan LXD sun haɗa da:
- LXD tushen hoto ne tare da hotuna don zaɓi mai faɗi na rarraba Linux.
- An gina shi da tsaro a matsayin babban fifiko.
- Yana bayar da REST API da kayan aikin layin umarni lxc don yin hulɗa tare da kwantena.
- Yana ba da tallafi don ɗimbin kewayon ma'ajiyar baya, kundin ajiya, da wuraren ajiya.
- Gudanar da hanyar sadarwa ta hanyar samar da hanyoyin sadarwa na gada da ramuka masu shiga tsakani.
- Babban sarrafa albarkatu kamar CPU, RAM, amfani da faifai, toshe I/O, da albarkatun kernel.
- mai sassauƙa da daidaitawa - Kuna iya tura kwantena akan PC ɗin ku kuma saita tari wanda zai iya tara dubban kwantena akan nodes daban-daban.
Kada ku ruɗe da kayan aikin abokin ciniki na lxc umarni-layi wanda LXD ke bayarwa, LXC (Container Linux) sanannen fasaha ce ta matakin OS wanda ke amfani da API mai ƙarfi da sauran kayan aikin don baiwa masu amfani damar ƙirƙira da sarrafa kwantena da injunan kama-da-wane a ciki. mai masaukin baki daya. Ya ƙunshi samfuri, yaren kayan aiki, da ɗaurin ɗakin karatu.
LXC yana ba da fa'idodin kernel masu zuwa don sarrafa matakai:
- Sanarwar sunaye: pid, mount, uts network, da mai amfani.
- Groups (ƙungiyoyin sarrafawa).
- Croots - Amfani da pivot_root.
- Manufofin biyu.
- SELinux da bayanan bayanan Apparmor.
Linuxcontainers.org shine aikin laima a bayan duka LXD da LXC. Manufarta ita ce bayar da distro da dandamali na tsaka-tsakin mai siyarwa don fasahar kwantena na Linux.
Tare da wannan gabatarwar daga hanya, yanzu za mu nuna yadda ake ƙirƙira da sarrafa kwantena LXC akan rarrabawar Linux na tushen RHEL kamar CentOS, Rocky Linux, da AlmaLinux.
Tsarin aiki na Linux mai aiki tare da ƙaramin shigarwa:
- Shigar da RHEL Linux
- Shigar da CentOS Linux
- Shigar da Rocky Linux
- Shigar da AlmaLinux
Mataki 1: Saita SELinux zuwa Yanayin Izinin
Nan da nan daga bat, za mu fara ta hanyar daidaita SELinux da saita shi zuwa izini. Amma kafin mu yi haka, bari mu sabunta fakitin tsarin kamar haka:
$ sudo dnf update
Don saita SELinux zuwa izini, aiwatar da umarnin:
$ sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
Domin wannan ya fara aiki, sake kunna sabar ku.
$ sudo reboot
Kuma tabbatar da matsayin SELinux.
$ getenforce
Mataki 2: Sanya Ma'ajiyar EPEL
EPEL ma'auni ne daga Fedora Project wanda ke ba da saitin fakiti masu inganci don RedHat Enterprise Linux da sauran rarrabawar tushen RHEL.
$ sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm OR $ sudo yum install epel-release
Mataki 3: Ƙara Ma'auni na Kernel
Kafin mu shigar da LXD, ana buƙatar wasu ƙarin sigogi. Don haka canza zuwa tushen mai amfani:
$ su -
Kuma ƙara sigogi kamar haka.
$ grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)" $ grubby --args="namespace.unpriv_enable=1" --update-kernel="$(grubby --default-kernel)" $ echo "user.max_user_namespaces=3883" | sudo tee -a /etc/sysctl.d/99-userns.conf
Da zarar sigogi sun kasance a wurin, sannan ci gaba kuma kunna Snap.
Mataki 4: Shigar kuma Kunna Snap
Hanya mafi sauƙi don shigar da LXD akan RHEL 8 shine shigar da shi azaman fakitin karye. Amma da farko, bari mu shigar da snap kamar haka.
$ sudo dnf install snapd
Wannan zai shigar da snapd daemon ko sabis tare da sauran abubuwan dogaro da Python kamar yadda aka nuna.
Tare da shigar da karyewa, ci gaba kuma kunna babban soket ɗin sadarwar karye.
$ sudo systemctl enable --now snapd.socket
Bugu da kari, ba da damar tallafi na yau da kullun ta hanyar ƙirƙirar alamar haɗin gwiwa daga /var/lib/snapd/snap zuwa /snap.
$ sudo ln -s /var/lib/snapd/snap /snap
Don sabunta hanyoyin karye, sake kunna tsarin ku.
$ sudo reboot
Mataki 5: Shigar LXD Containerization Manager
Akwai hanyoyi guda biyu na shigar da LXD daga karye. Kuna iya shigar da sabuwar sigar LXD kamar yadda aka nuna.
$ sudo snap install —-classic lxd
A madadin, zaku iya shigar da sabuwar sigar LTS mai tsayi kamar haka:
$ sudo snap install lxd --channel=4.0/stable
Don samun damar aiwatar da umarnin lxc ba tare da canzawa zuwa mai amfani da sudo ba, ƙara mai amfani a halin yanzu zuwa rukunin lxd.
$ sudo usermod -aG lxd $USER
Tabbatar cewa an ƙara mai amfani zuwa ƙungiyar lxd ta jera duk ƙungiyoyin da mai amfani yake da su.
$ groups tecmint
Na gaba, gudanar da umurnin newgrp kamar haka.
$ newgrp lxd
Umurnin yana canza ID na rukuni na yanzu yayin zaman shiga. Yana saita ID na rukunin yanzu zuwa rukunin mai suna wanda shine lxd.
Mataki 6: Fara Muhalli na LXD
Kafin mu fara ƙirƙira da sarrafa kwantena na LXD, muna buƙatar fara yanayin LXD ta hanyar aiwatar da umarni.
$ lxc init
Abin da ke biyo baya shine jerin faɗakarwa waɗanda zasu ba ku damar saita yanayin ku. Matsalolin za su yi aiki da kyau, amma jin daɗin ƙayyadaddun abubuwan da kuka zaɓa.
Mun ƙirƙiri wurin ajiya mai suna tec-pool tare da zaɓi na lvm azaman baya.
Don tabbatar da yanayin LXD da kuka tsara yanzu, akwai umarni da yawa da zaku iya amfani da su. Misali, don nuna tsoffin bayanan martaba na LXD aiwatarwa:
$ lxc profile show default
Don nuna adaftar cibiyar sadarwa da adiresoshin IPv4 da IPv6, gudanar:
$ lxc network list
Kuna iya ƙara taƙaita shi kuma ku nuna mafi kyawun bayani game da mu'amalar lxdbr0 kamar haka.
$ lxc network show lxdbr0
Hakanan zaka iya tabbatar da wurin ajiya.
$ lxc storage list
Kuna iya ƙara samun cikakkun bayanai game da wurin ajiya.
$ lxc storage show tec-pool
Don lissafin kwantena lxc masu gudana, gudanar da umarni:
$ lxc list
A halin yanzu, ba mu da kwantena masu aiki tukuna. Don haka zaku sami tebur mara komai tare da alamun shafi kawai.
Mataki 7: Lissafa Hotunan Kwantena LXC da Aka Gina
Kamar Docker, dandalin LXC yana ba da ma'ajiyar hotuna da aka riga aka gina waɗanda za ku iya ƙirƙirar kwantena daga. Don jera duk hotunan da aka riga aka gina don duk tsarin aiki gami da injina, gudanar da umarni:
$ lxc image list images:
Wannan yana cika ɗimbin jerin hotuna na kwantena da injunan kama-da-wane don duk tsarin aiki. Don taƙaitawa zuwa takamaiman rarraba Linux, yi amfani da haɗin gwiwar:
$ lxc image list images: grep -i os-type
Misali, don bincika samammun hotuna don Rocky Linux, gudanar da umarni:
$ lxc image list images: grep -i rocky
Idan kuna neman hotunan Debian, gudanar da umarni:
$ lxc image list images: grep -i debian
Mataki 8: Ƙaddamar da kwantena LXC
Don ƙaddamar da kwantena na lxc, yi amfani da syntax:
$ lxc launch images:{distro}/{version}/{arch} {container-name-here}
Anan, zamu ƙaddamar da kwantena 2: tec-container1 daga Debian 10 da tec-container2 daga Rocky Linux 8.
$ lxc launch images:debian/10/amd64 tec-container1 $ lxc launch images:rockylinux/8/amd64 tec-container2
Don jera kwantena lxc, aiwatar da umarni:
$ lxc list
Fitowar tana nuna tarin bayanai game da kwantena. Wannan ya haɗa da sunan kwantena, jihar - ko yana gudana ko ya tsaya - adiresoshin IPv4 da IPv6, nau'in (ko akwati ko injin kama-da-wane), da adadin hotuna.
Don lissafin kwantena masu gudana kawai, gudanar da umarni:
$ lxc list | grep -i running
Hakanan, don kwantena da aka dakatar, aiwatar da:
$ lxc list | grep -i stopped
Kuna iya bincika bayanan kwantena da ma'auni kamar tafiyar matakai, CPU & amfani da ƙwaƙwalwar ajiya, da bandwidth don ambaci kaɗan ta amfani da umarnin:
$ lxc info tec-container1
Mataki na 9: Samun damar Shell zuwa kwantena LXC
Kuna iya samun damar bash zuwa akwati ta amfani da syntax:
$ lxc exec container-name name-of-the-shell
Don samun damar harsashi zuwa tec-container1, za mu gudanar da umarni:
$ lxc exec tec-container1 bash
Da zarar kun sami damar harsashi, zaku iya fara hulɗa tare da akwati azaman tushen mai amfani ta hanyar aiwatar da umarnin harsashi gama gari gami da sabunta tsarin kamar yadda aka nuna:
$ apt update
Don fita daga akwati, gudanar da umarni:
$ exit
A madadin, zaku iya aiwatar da umarni kai tsaye akan akwati ba tare da samun damar harsashi ta amfani da tsari mai zuwa ba:
$ lxc exec container-name command
Misali, zaku iya aiwatar da umarni masu zuwa waɗanda zasu sabunta jerin fakitin, duba sigar OS da ke gudana akan kwandon Debian kuma duba kwanan wata.
$ lxc exec tec-container1 apt update $ lxc exec tec-container1 cat /etc/debian_version $ lxc exec tec-container1 date
Mataki 10: Ja/Tura Fayil zuwa Akwatin LXC
Wani aiki da zaku iya aiwatarwa shine don canja wurin fayiloli zuwa ko daga akwati. Don nuna wannan, za mu ƙirƙiri sabon kundin adireshi a cikin kwandon LXD kuma mu shiga ciki.
# mkdir data && cd data
Na gaba, za mu ƙirƙiri fayil ɗin samfurin kuma mu ƙara wasu bayanai. Don yin haka za mu ƙirƙiri fayil ɗin samfurin tare da editan vim
# vim file1.txt
Na gaba, za mu buga wasu rubutun samfurin kuma mu adana fayil ɗin.
Hello World, Welcome to LXD containers.
Don cire fayil ɗin daga akwati zuwa tsarin masaukin gida, za mu yi amfani da ma'anar:
$ lxc file pull {container-name}/{path/to/file} {/path/to/local/dest}
A wannan yanayin, umarnin zai kasance:
$ lxc file pull tec-container2/root/data/file1.txt /home/tecmint
Don tura ko kwafe fayil daga kundin adireshin gida zuwa akwati yi amfani da ma'anar:
$ lxc file push {/path/to/file} {container-nane} /path/to/dest/dir/
A wannan yanayin, muna da fayil ɗin samfuri a cikin kundin adireshin gida mai suna file2.txt ana kwafi zuwa/tushen/data/ hanya a cikin akwati tec-container2.
$ lxc file push /home/tecmint/file2.txt tec-container2/root/data/
Don tabbatar da wanzuwar fayil ɗin a cikin akwati, za mu gudu:
$ lxc exec tec-container2 ls /root/data
Mataki 11: Tsaya/Fara/Sake kunnawa kuma Share Kwantenan LXC
Tare da mai amfani da layin umarni lxc zaku iya yin ayyukan sarrafa kwantena kamar tsayawa, farawa, sake farawa da share kwantena.
Don tsayar da kwandon lxc, yi amfani da ma'anar:
$ lxc stop container-name
Misali, don dakatar da tec-container1, za mu gudanar da umarni:
$ lxc stop tec-container1
Don fara kwandon lxc, yi amfani da ma'anar:
$ lxc start container-name
Misali, don fara tec-container1, za mu aiwatar:
$ lxc start tec-container1
Don sake farawa duka kwantena lxc, za mu gudanar da umarni:
$ lxc restart tec-container1 $ lxc restart tec-container2
Don share akwati na lxc, dole ne, da farko, dakatar da kwandon sannan a goge shi. Misali, don sharewa, za mu gudanar da umarni:
$ lxc stop tec-container1 $ lxc delete tec-container1
A madadin, zaku iya haɗa waɗannan umarni guda biyu kamar yadda aka nuna.
$ lxc stop tec-container1 && lxc delete tec-container1
Mataki 12: Nemo Taimako akan Zaɓuɓɓukan Layi na LXC
Don samun taimako akan wasu zaɓuɓɓukan umarni da LXC ke bayarwa, kawai gudanar da umarni:
$ lxc --help OR $ lxc command --help e.g $ lxc file --help
Wannan nutsewa ne mai zurfi cikin kwantena na LXD da kuma yadda zaku iya ƙirƙira da sarrafa su ta amfani da kayan aikin lxc-layi mai amfani. Mun yi imanin cewa kun sami wannan jagorar mai taimako.