Book Image

Containerization with LXC

Book Image

Containerization with LXC

Overview of this book

In recent years, containers have gained wide adoption by businesses running a variety of application loads. This became possible largely due to the advent of kernel namespaces and better resource management with control groups (cgroups). Linux containers (LXC) are a direct implementation of those kernel features that provide operating system level virtualization without the overhead of a hypervisor layer. This book starts by introducing the foundational concepts behind the implementation of LXC, then moves into the practical aspects of installing and configuring LXC containers. Moving on, you will explore container networking, security, and backups. You will also learn how to deploy LXC with technologies like Open Stack and Vagrant. By the end of the book, you will have a solid grasp of how LXC is implemented and how to run production applications in a highly available and scalable way.
Table of Contents (10 chapters)

Chapter 5. Networking in LXC with the Linux Bridge and Open vSwitch

To enable network connectivity for a newly built container we need a way to connect the virtual network interfaces from the container's network namespace to the host and provide routing to either other containers or the Internet, if needed. Linux provides a software bridge that allows us to wire LXC containers together in a variety of ways, as we'll explore in this chapter.

There are two popular software bridge implementations – the Linux bridge provided by the bridge-utils package and the Open vSwitch project. These extend the basic functionality of the Linux bridge even further, by separating the control and management planes of the switch, allowing for the control of the traffic flow and providing for hardware integration among other things.

By default, when we build a container from the provided templates, the template script sets up networking by configuring a software bridge on the host OS...