Enabling LXD containers
Background
Running bare metal containers via the LXD hypervisor is supported on HyperCloud. The HyperCloud implementation of bare metal containers are also known as full system containers. If application containers are desired, using something like Docker, it is recommended to deploy those in a KVM virtual machine to act as the host for the application container.
LXD containers are supported on both the x86_64 (64-bit Intel) and aarch64 (64-bit ARM) architectures.
Enabling LXD Bare Metal Container Functionality
Warning
This functionality is currently experimental.
Please review caveats below carefully. It is presently recommended to only use this feature in a dev/test environment.
To enable and use, follow the directions below.
- On a the dashboard node, add one or more compute nodes by IP address
similar to the below command:
hypercloud host create <IP Address> --im lxd --vm lxd- Once the node transitions to the
ONstate you may now deploy LXD containers. Caveats apply and the feature is presently highly experimental. Your mileage may vary.
Contextualization, Networking, and even VNC console access are all supported. Not all features supported by virtual machines have been thoroughly tested in this release and thus may not be supported.
Caveats
- There is presently a limitation of approximately 8 containers per compute node.
- This can be worked around manually by adding additional loopback and nbd devices to the compute nodes. This was not done in this release due to the potential to cause compatibility or reliability regressions on compute nodes.
- LXD containers cannot be fetched directly from the Linux Container Marketplace due to the LXD daemon on compute nodes having no route to the internet.
- In general, KVM images CAN be used, and many standard KVM images in the HyperCloud Marketplace can be used with LXD, such as the Debian 10 KVM image. In general, an image can be used for a container if it has a flat file system (a single partition
rootfs) formatted usingext4. This is the only requirement.
- In general, KVM images CAN be used, and many standard KVM images in the HyperCloud Marketplace can be used with LXD, such as the Debian 10 KVM image. In general, an image can be used for a container if it has a flat file system (a single partition
- When creating templates for LXD, be sure to specify the below
metadata:
LXD_SECURITY_PRIVILEGED = trueSCHED_REQUIREMENTS = HYPERVISOR=`lxd`HYPERVISOR = lxd- Due to the production-scale untested nature of all container functions, it is entirely possible that LXD operations may intermittently fail. If this happens, the system may be out of sync with the container state on the compute node. To clean up a container in the terminating state, follow these steps:
- Log into the compute node where the container was deployed.
- Unmount the loopback device if contextualization was enabled, if applicable.
- Unmount the root file system for the container, if applicable.
- Delete the container from LXC (using
lxc delete), if applicable. - Unmap the loopback device (using
losetup -d), if applicable. - Unmap the NBD device (using
rbd-nbd unmap), if applicable. - Process the VM deletion action from HyperCloud again, if applicable.
- Delete the RBD image for the container, if applicable.