On 06/06/2010 09:57 PM, Nirmal Guhan wrote: > On Sun, Jun 6, 2010 at 11:16 AM, Daniel Lezcano<daniel.lezc...@free.fr>wrote: > > >> On 06/04/2010 05:44 PM, Nirmal Guhan wrote: >> >> >>> Hi, >>> >>> I tried to extend the fstab as below: >>> >>> /etc/resolv.conf /lxc/lenny/rootfs.lenny/etc/ >>> resolv.conf none bind 0 0 >>> /test /testdir none bind 0 0<--- I added this line >>> >>> >>>> From the host : >>>> >>> # ls /testdir >>> a b c >>> >>> >>>> From the container : >>>> >>> [r...@test-fedora lenny]# chroot rootfs.lenny/ >>> test-fedora:/# ls /test >>> test-fedora:/# >>> >>> But when I do lxc-start I get an error as : >>> #lxc-start -n lencon >>> lxc-start: No such file or directory - failed to mount '/test' on >>> '/testdir' >>> >>> Basically what am trying to do is to share the host library files (/lib) >>> between the containers. >>> >>> Any clues on the error above? Please let me know. Also, any better way to >>> share the files between host and container will be helpful. >>> >>> >>> >> Hi Nimal, >> >> I am not sure to understand what you are trying to achieve. You created a >> system container, but you want to launch it as an application container. Can >> you give your use case if possible, so I may be able to give more clues on >> how to set ip up. >> >> Thanks >> -- Daniel >> >> > Hi Daniel, > > I want to run my application on fedora as a container and use the libraries > (/lib, /usr/lib) from the host (so my application container size is small). > I did lxc-create but lxc-execute failed (I had sent a mail earlier on this). > Suggestion was to use lxc-start itself and run as system container. > > I changed the fstab file and could share the lib directory. > > Please let me know if there are better solution for my use case. I would > like to try it too. >
What do you want to isolate ? AFAICS, you would like to share the filesystem, maybe you not need to specify a rootfs. I suggest you remove the containers you previously created in order to restart on a sane base. In case, list them with "lxc-ls" to make sure you have no remaining containers set on your system. Then just do without any previous creation: lxc-execute -n foo <myapplication> Your application will run with its own private mount points, pids, ipcs, uts and setup with a cgroup. If you need more isolation like the network: create a configuration file "eg. lxc.conf" lxc.utsname = myapplication lxc.network.type = veth lxc.network.flags = up lxc.network.link = br0 lxc.network.ipv4 = 1.2.3.5/24 and launch it with the command lxc-execute -n foo -f lxc.conf <myapplication> Or alternatively without a configuration file, lxc-execute -n foo -s lxc.utsname=myapplication -s lxc.network.type=veth -s lxc.network.flags=up -s lxc.network.link=br0 -s lxc.network.ipv4=1.2.3.5/24 <myapplication> At this point, if you need to be more secure or the application you are launching is writing to a directory and this is conflicting with another instance of the same application, let me know, I will give you a more complex configuration. What is needed are informations about the application (a web server, a sshd, an autistic application, etc ...). Thanks -- Daniel ------------------------------------------------------------------------------ ThinkGeek and WIRED's GeekDad team up for the Ultimate GeekDad Father's Day Giveaway. ONE MASSIVE PRIZE to the lucky parental unit. See the prize list and enter to win: http://p.sf.net/sfu/thinkgeek-promo _______________________________________________ Lxc-users mailing list Lxc-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lxc-users
