Skip to main content

My LXC crash course:

Remember chroot? Container is far beyond a chrooted environment. Think of it as an isolated subsystem in a host OS, which allows running processes in complete isolation - even the hardware visible to the container is virtualized. Containers typically take much less resources than a full virtual machine because containers leverage features in host OS to facilitate isolation.

LXC is one such user interface that leverages containment features in Linux kernel and allows creation and management of containers. Each container running on the same Linux host can run a separate linux distribution. Amazing isn't it?

Containers come in very handy to create isolated environments which do not take up as much resources as running separate virtual machines do. You can use containers to host multiple web services in isolation on a single system. Another good use could be to create multiple development environments.

To create a container in LXC, you first need to have LXC installed on your Linux distribution. Once you have LXC installed, you can type this command to create a container:
lxc-create -t download -n my-container
The download template will list available distributions to choose from. Shortly after you make a choice, your container will be ready to run your selected distribution.

To start your container:
lxc-start -n my-container -d
You can check its status by a couple methods:
lxc-info -n my-container
lxc-ls -f
To drop to shell inside your container environment:
lxc-attach -n my-container
To stop the container:
lxc-stop -n my-container
To remove the container:
lxc-destroy -n my-container
Containers are fun. If you have not yet played around with containers, you should.
Disclaimer: If you follow the information here, there is no warranty, I am not liable if it deletes your data, gets you hacked, burns your house down or anything else. If you follow the information contained here you do so entirely at your own risk.  My views and opinions are my own and not necessarily represent the views of my current or former employers.

© Raheel Hameed and www.raheelhameed.com, 2017. Unauthorized use and/or duplication of this material without express and written permission from this site’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to author and this website with appropriate and specific direction to the original content.

Comments

Popular posts from this blog

My AWS S3 crash course

This post aims to be your quick start guide to AWS S3, ie. Amazon Web Services. Follow along and you'll feel like you just had a roller coaster ride in AWS S3 world.

First of all, get a free AWS account. AWS includes many services and as mentioned above I will only cover S3 here. You may be wondering what is S3. In simple words S3 is Amazon's cloud backup service. Their Free tier is limited, and any usage beyond the limit will incur charges. So make sure you read through the pricing structure and understand it. Charges can accumulate fast if you don't pay attention or are not careful of your usage. You have been warned. You and only you are responsible for your bills. See disclaimer at the end of this post. Your reading of this post implies your understanding and agreement to the disclaimer.

Once you are equipped with an AWS account, login to it and launch AWS management console. Create a Bucket In S3's terminology, a bucket is a collection of files or objects that …

How to make internet browsing family safe

This post covers a couple methods you can use to implement safer internet browsing for your family. As usual I'm not going into too much details, just providing you with high level pointers. It is yours to find out details by yourself.

First thing you would need is to disable the ability to recognize malicious hosts, or hosts that provide contents you do not want to see. For every website you visit, your browser makes a request to one or more DNS servers, typically your ISP's DNS servers, to resolve website hostname into an internet addressable address called "IP address". That IP address is the address of the host that serves the contents of the website. Without knowing this IP, your browser cannot reach the website. So the idea is to limit your browser to recognize safe websites only. How you'd do that? Simple answer, use OpenDNS's DNS servers rather than your ISP's. OpenDNS's servers would limit name resolution to only safe websites. Their list of …

Using XPerf

XPerf comes with Windows SDK. You can get it from MSFT website. During installation there is an option to install just the performance tools should you want only perf tools and not the whole SDK.

To collect a trace from administrator command line:
Begin your workload.xperf -on base+cswitch+power -stackwalk Profile -f c:\kernel.etl  Let the workload execute for a while.
xperf -stop If you have previously created c:\merged.etl, delete it.xperf -merge c:\kernel.etl c:\merged.etl  Now, before you can view your trace in UI, setup your symbol path:
set _NT_SYMBOL_PATH=<path to PDB files>  You should now be all set to launch the viewer:
xperf c:\merged.etl (this launches the viewer)  On the UI, there are several different type of graphs for various measurements. From inside the Graph menu, you can enable these views:

CPU Usage by Process.
CPU Sampling by CPU.
Stack Counts by type.

Happy XPerf-ing!