visionwiki

User Tools

Site Tools

Trace: sto3_configuration visiesrv2_lxc_containers
visiesrv2_lxc_containers

Table of Contents

LXC containers

The current defined containers are listed here. Note that the actual active container for visionlab website is visielab-test

NAME STATE IPV4 IPV6 TYPE SNAPSHOTS
nextcloud RUNNING 10.27.117.84 (eth0) PERSISTENT 6
openaudit RUNNING 10.27.117.9 (eth0) PERSISTENT 2
visielab STOPPED PERSISTENT 3
visielab-test RUNNING 10.27.117.155 (eth0) PERSISTENT 7
visielab-wiki RUNNING 10.27.117.55 (eth0) PERSISTENT 0

To do some testing on the visielab website, just make a snapshot, and then copy the snapshot. Then you can experiment on that copy after starting it. For example, visielab-test is currently the active visielab website. To test some special stuff on that website, we do the following. 

#lxc snapshot visielab-test
#lxc info visielab-test
Name: visielab-test
Remote: unix://
Architecture: x86_64
Created: 2018/01/05 12:22 UTC
Status: Running
Type: persistent
Profiles: default
Pid: 14568
Ips:
  eth0: inet    10.27.117.155   vethQK0QJ3
  eth0: inet6   fe80::216:3eff:fe85:6ba6        vethQK0QJ3
  lo:   inet    127.0.0.1
  lo:   inet6   ::1
Resources:
  Processes: 83
  Disk usage:
    root: 10.10GB
  Memory usage:
    Memory (current): 847.15MB
    Memory (peak): 862.75MB
  Network usage:
    eth0:
      Bytes received: 316.82MB
      Bytes sent: 10.25GB
      Packets received: 1772073
      Packets sent: 1675147
    lo:
      Bytes received: 106.16kB
      Bytes sent: 106.16kB
      Packets received: 1100
      Packets sent: 1100
Snapshots:
  snap0 (taken at 2018/01/12 13:34 UTC) (stateless)
  snap1 (taken at 2018/01/26 14:44 UTC) (stateless)
  snap2 (taken at 2018/01/31 12:28 UTC) (stateless)
  snap3 (taken at 2018/02/23 12:21 UTC) (stateless)
  snap4 (taken at 2018/02/26 12:10 UTC) (stateless)
  snap5 (taken at 2018/03/30 13:52 UTC) (stateless)
  snap6 (taken at 2018/04/04 06:58 UTC) (stateless)
  
#lxc copy visielab-test/snap6 visielab-test2
root@visionsrv2:/etc/apache2/sites-available# lxc list
+----------------+---------+----------------------+------+------------+-----------+
|      NAME      |  STATE  |         IPV4         | IPV6 |    TYPE    | SNAPSHOTS |
+----------------+---------+----------------------+------+------------+-----------+
| nextcloud      | RUNNING | 10.27.117.84 (eth0)  |      | PERSISTENT | 6         |
+----------------+---------+----------------------+------+------------+-----------+
| openaudit      | RUNNING | 10.27.117.9 (eth0)   |      | PERSISTENT | 2         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab       | STOPPED |                      |      | PERSISTENT | 3         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab-test  | RUNNING | 10.27.117.155 (eth0) |      | PERSISTENT | 7         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab-test2 | STOPPED |                      |      | PERSISTENT | 0         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab-wiki  | RUNNING | 10.27.117.55 (eth0)  |      | PERSISTENT | 0         |
+----------------+---------+----------------------+------+------------+-----------+

#lxc start visielab-test2
#lxc start visielab-test2
root@visionsrv2:/etc/apache2/sites-available# lxc list 
+----------------+---------+----------------------+------+------------+-----------+
|      NAME      |  STATE  |         IPV4         | IPV6 |    TYPE    | SNAPSHOTS |
+----------------+---------+----------------------+------+------------+-----------+
| nextcloud      | RUNNING | 10.27.117.84 (eth0)  |      | PERSISTENT | 6         |
+----------------+---------+----------------------+------+------------+-----------+
| openaudit      | RUNNING | 10.27.117.9 (eth0)   |      | PERSISTENT | 2         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab       | STOPPED |                      |      | PERSISTENT | 3         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab-test  | RUNNING | 10.27.117.155 (eth0) |      | PERSISTENT | 7         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab-test2 | RUNNING | 10.27.117.250 (eth0) |      | PERSISTENT | 0         |
+----------------+---------+----------------------+------+------------+-----------+
| visielab-wiki  | RUNNING | 10.27.117.55 (eth0)  |      | PERSISTENT | 0         |
+----------------+---------+----------------------+------+------------+-----------+

networking of the LXC containers

We defined all networking in /etc/lxd_bridge.conf .To use dnsmasq with this data, the correct variable must be defined in /etc/default/lxd-bridge → LXD_CONFILE=“/etc/lxd_bridge.conf”. If you modify something in this file, you have to stop dnsmasq manually (kill) and restart it afterwards. dnsmasq doesn't seem to run as a service. the process and it's parameters can be copied from here : 

dnsmasq --conf-file=/etc/lxd_bridge.conf -s ua.ac.be -S /ua.ac.be/ -u lxd --strict-order --bind-interfaces --pid-file=/run/lxd-bridge//dnsmasq.pid --dhcp-no-override --except-interface=lo --interface=lxdbr0 --dhcp-leasefile=/var/lib/lxd-bridge//dnsmasq.lxdbr0.leases --dhcp-authoritative --listen-address 10.27.117.1 --dhcp-range 10.27.117.2,10.27.117.254 --dhcp-lease-max=252
cat lxd_bridge.conf 
domain=ac.ua.be
dhcp-host=nextcloud,10.27.117.84
dhcp-host=openaudit,10.27.117.9
dhcp-host=visielab,10.27.117.144
dhcp-host=visielab-test,10.27.117.155
dhcp-host=visielab-test2,10.27.117.250
dhcp-host=visielab-wiki,10.27.117.55

reverse proxying via apache

to address the different websites in the lxc containers, we use reverse proxying with apache2. We define the lxc backends and there ip addresses in /etc/hosts (lso check that the ip addresses match with the above lxd_bridge.conf definitions): 

127.0.0.1       localhost
127.0.1.1       visionsrv2.ua.ac.be     visionsrv2
10.27.117.84    nextcloud_be
10.27.117.9     openaudit_be
10.27.117.144   visielab_be
10.27.117.155   visielab-test_be
10.27.117.250   visielab-test2_be
10.27.117.55    visielab_wiki_be

For apache the following sites are available :

site config DNS domain LXC backend description
visieinv visieinv ua.ac.be openaudit_be for inventory of the PC's at visionlab
visielab-pc visielab-pc ua.ac.be
uantwerpen.be 		nextcloud_be private cloud for visionlab , secured with a SSL certificate
visielab-ssl visielab ua.ac.be
uantwerpen.be 		visielab-test_be visielab's website, secured with a SSL certificate
visielab visielab ua.ac.be
uantwerpen.be 		visielab-test_be redirect of http to https
visielab-test visielab-test ua.ac.be visielab-test2_be visielab test website , to test things out
visielab-wiki visiedoc ua.ac.be visielab_wiki_be the dokuwiki website of visionlab
visiesrv2_lxc_containers.txt · Last modified: 2018/06/15 14:15 by 143.169.49.96

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki