Book Image

Containerization with LXC

By : Konstantin Ivanov
Book Image

Containerization with LXC

By: Konstantin Ivanov

Overview of this book

In recent years, containers have gained wide adoption by businesses running a variety of application loads. This became possible largely due to the advent of kernel namespaces and better resource management with control groups (cgroups). Linux containers (LXC) are a direct implementation of those kernel features that provide operating system level virtualization without the overhead of a hypervisor layer. This book starts by introducing the foundational concepts behind the implementation of LXC, then moves into the practical aspects of installing and configuring LXC containers. Moving on, you will explore container networking, security, and backups. You will also learn how to deploy LXC with technologies like Open Stack and Vagrant. By the end of the book, you will have a solid grasp of how LXC is implemented and how to run production applications in a highly available and scalable way.
Table of Contents (17 chapters)
Containerization with LXC
About the Author
About the Reviewer
Customer Feedback


Not too long ago, we used to deploy applications on a single server, scaling up by adding more hardware resources—we called it "the monolith approach." Achieving high availability was a matter of adding more single purpose servers/monoliths behind load balancers, more often than not ending with a cluster of under-utilized systems. Writing and deploying applications also followed this monolithic approach—the software was usually a large binary that provided most, if not all of the functionality. We either had to compile it from source and use some kind of installer, or package it and ship it to a repository.

With the advent of virtual machines and containers, we got away from the server monolith, fully utilizing the available compute resources by running our applications in isolated, resource-confined instances. Scaling up or down applications become a matter of adding more virtual machines or containers on a fleet of servers, then figuring a way to automatically deploy them. We also broke down the single binary application into microservices that communicate with each other through a message bus/queue, taking full advantage of the low overhead that containers provide. Deploying the full application stack is now just a matter of bundling the services into their own containers, creating a single, fully isolated, dependency-complete work unit that is ready to deploy. Using continuous integration patterns and tools such as Jenkins allowed us to automate the build and deploy process even further.

This book is about LXC containers and how to run your applications inside them. Unlike other container solutions such, as Docker, LXC is designed to run an entire Linux system, not just a single process, though the latter is also possible. Even though an LXC container can contain an entire Linux filesystem, the underlined host kernel is shared, no hypervisor layer needed.

This book takes a direct and practical approach to LXC. You will learn how to install, configure, and operate LXC containers along with multiple examples explaining how to run highly scalable and highly available applications inside LXC. You will use monitoring and deployment applications and other third-party tools. You will also learn how to write your own tools that extend the functionality provided by LXC and its various libraries. Finally, you will see a complete OpenStack deployment that adds the intelligence to managing a fleet of compute resources to easily deploy your application inside LXC containers.

What this book covers

Chapter 1Introduction to Linux Containers, provides an in-depth exploration of the history of containers in the Linux kernel, along with some fundamental terminology. After going through the basics, you will have a detailed view of how kernel namespaces and control groups (cgroups) are implemented and will be able to experiment with some C system calls.

Chapter 2Installing and Running LXC on Linux Systems, covers everything that is needed to install, configure, and run LXC on Ubuntu and Red Hat systems. You will learn what packages and tools are required along with different ways of configuring LXC. By the end of this chapter, you will have a Linux system with running LXC containers.

Chapter 3Command-Line Operations Using Native and Libvirt Tools, is all about running and operating LXC on the command line. The chapter will cover various tools from a list of packages and demonstrate different ways of interacting with your containerized application. The focus will be on the functionality that libvirt and the native LXC libraries provide in controlling the full life cycle of an LXC container.

Chapter 4LXC Code Integration with Python, will show examples of how to write tools and automate LXC provisioning and management using Python libraries. You will also learn how to create a development environment using Vagrant and LXC.

Chapter 5Networking in LXC with the Linux Bridge and Open vSwitch, will be a deep dive into networking in the containerized world—connecting LXC to the Linux bridge, using direct connect, NAT, and various other methods. It will also demonstrate more advanced technics of traffic management using Open vSwitch.

Chapter 6Clustering and Horizontal Scaling with LXC, builds upon the knowledge presented in earlier chapters to build a cluster of Apache containers and demonstrate how to connect them using GRE tunnels with Open vSwitch. The chapter also presents examples of running single process applications inside minimal root filesystem containers.

Chapter 7Monitoring and Backups in a Containerized World, is about backing up your LXC application containers and deploying monitoring solutions to alert and trigger actions. We are going to see examples of using Sensu and Monit for monitoring, and iSCSI and GlusterFS for creating hot and cold backups.

Chapter 8Using LXC with OpenStack, demonstrates how to provision LXC containers with OpenStack. It begins by introducing the various components that make OpenStack and how to use the LXC nova driver to automatically provision LXC containers among a pool of compute resources.

Appendix, LXC Alternatives to Docker and OpenVZ, ends the book by demonstrating how other popular container solutions, such as Docker and OpenVZ, came to be and the similarities and differences between them. It also explores practical examples of installing, configuring, and running them alongside LXC.

What you need for this book

A beginner-level knowledge of Linux and the command line should be enough to follow along and run the examples. Some Python and C knowledge is required to fully understand and experiment with the code snippets, though the book is not about software development and you can skip Chapter 4LXC Code Integration with Python altogether, if not interested.

In terms of hardware and software requirements, most examples in the book have been tested in virtual machines utilizing various cloud providers such as Amazon AWS and Rackspace Cloud. We recommend using the latest version of Ubuntu, given Canonical's involvement with the LXC project, though we provide examples with CentOS whenever the installation/operation methods diverge.

Who this book is for

This book is for anyone who is curious about Linux containers, from Linux administrators who are looking for in-depth understanding of how LXC works, to software developers who need a quick and easy way to prototype code in an isolated environment without the overhead of a full hypervisor. A DevOps engineer is most likely the best job title for those who want to read the book from cover to cover.


In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning.

Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "Manually building the root filesystem and configuration files using tools such as debootstrap and yum."

A block of code is set as follows:

#define _GNU_SOURCE
staticintchildFunc(void *arg)
  printf("UID inside the namespace is %ld\n", (long) geteuid());
  printf("GID inside the namespace is %ld\n", (long) getegid());

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

#define _GNU_SOURCE

staticintchildFunc(void *arg)
  printf("UID inside the namespace is %ld\n", (long) geteuid());
  printf("GID inside the namespace is %ld\n", (long) getegid());

Any command-line input or output is written as follows:

root@ubuntu:~# lsb_release -dc
Description:   	Ubuntu 14.04.5 LTS
Codename:      	trusty

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "Navigate to Networking support | Networking options | 802.1d Ethernet Bridging and select either Y to compile the bridging functionality in the kernel, or M to compile it as a module."


Warnings or important notes appear in a box like this.


Tips and tricks appear like this.

Reader feedback

Feedback from our readers is always welcome. Let us know what you think about this book-what you liked or disliked. Reader feedback is important for us as it helps us develop titles that you will really get the most out of. To send us general feedback, simply e-mail [email protected], and mention the book's title in the subject of your message. If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, see our author guide at

Customer support

Now that you are the proud owner of a Packt book, we have a number of things to help you to get the most from your purchase.

Downloading the example code

You can download the example code files for this book from your account at If you purchased this book elsewhere, you can visit and register to have the files e-mailed directly to you.

You can download the code files by following these steps:

  1. Log in or register to our website using your e-mail address and password.

  2. Hover the mouse pointer on the SUPPORT tab at the top.

  3. Click on Code Downloads & Errata.

  4. Enter the name of the book in the Search box.

  5. Select the book for which you're looking to download the code files.

  6. Choose from the drop-down menu where you purchased this book from.

  7. Click on Code Download.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

  • WinRAR / 7-Zip for Windows

  • Zipeg / iZip / UnRarX for Mac

  • 7-Zip / PeaZip for Linux

The code bundle for the book is also hosted on GitHub at We also have other code bundles from our rich catalog of books and videos available at Check them out!

Downloading the color images of this book

We also provide you with a PDF file that has color images of the screenshots/diagrams used in this book. The color images will help you better understand the changes in the output. You can download this file from


Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you find a mistake in one of our books-maybe a mistake in the text or the code-we would be grateful if you could report this to us. By doing so, you can save other readers from frustration and help us improve subsequent versions of this book. If you find any errata, please report them by visiting, selecting your book, clicking on the Errata Submission Form link, and entering the details of your errata. Once your errata are verified, your submission will be accepted and the errata will be uploaded to our website or added to any list of existing errata under the Errata section of that title.

To view the previously submitted errata, go to and enter the name of the book in the search field. The required information will appear under the Errata section.


Piracy of copyrighted material on the Internet is an ongoing problem across all media. At Packt, we take the protection of our copyright and licenses very seriously. If you come across any illegal copies of our works in any form on the Internet, please provide us with the location address or website name immediately so that we can pursue a remedy.

Please contact us at [email protected] with a link to the suspected pirated material.

We appreciate your help in protecting our authors and our ability to bring you valuable content.


If you have a problem with any aspect of this book, you can contact us at [email protected], and we will do our best to address the problem.