Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Configuring an LXD Container

Common Configurations

  • Grant the perf collection permission to other users. 
    1
    		 
    echo "-1">/proc/sys/kernel/perf_event_paranoid

    This operation is not required if only the HPC application or process/thread performance analysis task is running. The parameter following echo cannot be set to 3 and needs to be changed on the host machine.

  • Enable the privileged option for the container. 
    1
    		 
    lxc config set template security.privileged=true

    This operation enables that files in the same directory on the host machine can be accessed. It is not required if only the HPC application or process/thread performance analysis task is running.

    Enabling the privileged option for a container will assign all kernel functions to the container, so that the container can execute most events at the host layer. This may pose risks to the system security. You are advised to harden the container and restore the option after using the container.

    Figure 1 Granting permissions
  • Modify the container configurations to ensure that the files in the /sys/kernel/debug directory can be accessed and the /proc/kcore file can be read. 
    1
    		 
    lxc config edit template
    Figure 2 Modifying configurations 
    1
    		 
    ls  

    1
    		 
    console.log forkexec.log forkstart.log lxc.conf lxc.log lxc.log.old

    Check the access permission on the files in /sys/kernel/debug.

    Figure 3 Permissions

    This operation is not required if only the HPC application or process/thread performance analysis task is running. You need to restart the container by running the lxc stop and lxc start commands in sequence.

  • Install libunwind.

    libunwind is mandatory for installing the tool. Currently, you can only manually install libunwind by copying libunwind to the container environment and compiling it. In this example, libunwind 1.5.0 is used.

    1
2
3
4
    		 
    tar -zxvf libunwind-1.5.0.tar.gz
cd libunwind-1.5.0/
./configure --prefix=/usr/lib64/
make && make install

Configuring the Network Environment (Routing Mode)

In this mode, make sure the host machine and agent server are in the same network segment.

Figure 4 Viewing the network segment

Run the following command on the server of the LXD container to be accessed:

1
 
route add -net 10.*.*.*/24 gw  90.*.*.*
Figure 5 Checking connectivity

Configuring the Network Environment (Bridging Mode)

The following host machine runs Ubuntu 20.04, and the LXD container runs CentOS 8.

  1. Configure the network of the host machine.
    1. Modify the network configuration file of the host machine. 
      1
      		 
      vim /etc/netplan/00-installer-config.yaml
      Figure 6 Before modification
      Figure 7 After modification
    2. Make the configuration take effect. 
      1
      		 
      sudo netplan apply
      Figure 8 Viewing the network configuration
  2. Add a NIC to the LXD container.
    1. Bind a NIC. 
      1
      		 
      sudo lxc network attach NIC_name_of_the_host_machine container_name
      Figure 9 Viewing the NIC of the container
    2. Restart the container. 
      1
      		 
      lxc restart container_name
  3. Configure the network of the LXD container.
    1. Access the container. 
      1
      		 
      lxc exec container_name /bin/bash
    2. Modify the NIC configuration in the container. 
      1
      		 
      vi /etc/sysconfig/network-scripts/ifcfg-eth1

      Specify an unused IP address on the LAN of the host machine. The mask of the container must be the same as that of the host machine.

      Figure 10 After modification
    3. Restart the network in the container. 
      1
      		 
      systemctl restart network.service
    4. View the container address on the host machine. 
      1
      		 
      lxc list
      Figure 11 Viewing the network address
Parent topic: Common Operations