LXC - In a Nutshell
Before the emergence of container technologies like Docker and Rkt, LXC was one of the main container technology that was being in use. This post discusses LXC in a nutshell. Learn more about LXC, its architecture and components.
What is LXC?
LXC (LinuX Containers) is an operating system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host. LXC provides operating system-level virtualization not via a full blown virtual machine, but rather provides a virtual environment that has its own process and network space. LXC is an userspace API which supports Linux Kernel’s support for containment. With containers, you have the option of kicking off any individual process you like inside any container. Instead, what we do is set up a file system containing a copy of a minimal operating system image, and kick off /sbin/init on that partition, in that file system, with its own Ethernet interface. We get the appearance of a VM, each container getting its own IP address, and disk file systems, its own set of software packages installed, and its own set of OS daemons processes.
Features
LXC provides following features of Linux Kernel to support containment:
- Chroot
- Control groups (cgroups)
- Kernel namespaces (ipc, uts, mount, pid, network and user)
- Apparmor and SELinux
- Kernel capabilities and many more…
Chroot and LXC
In simple words, LXC builds up from chroot to implement complete virtual systems, adding resource management and isolation mechanisms to Linux’s existing process management infrastructure. LXC is often considered as a virtualization solution between chroot on steroids and complete full blown virtual machine. The main goal of LXC is to create a closest possible environment as that of a standard Linux installation but without the need for a separate kernel.
Container Life Cycle
When the container is created, it contains the configuration information. When a process is launched, the container will be starting and running. When the last process running inside the container exits, the container is stopped. In case of failure when the container is initialized, it will pass through the aborting state.
Container Management
The containers can be managed with the help of some popular container-management utilites like lxc-tools and other libraries like libvirt. Libvirt is an open source API, daemon and management tool for managing platform virtualization.
Get LXC
LXC is free software and is released under the terms of the GNU LGPLv2.1+ license. You can get it using git clone from git clone git://github.com/lxc/lxc