LXC Best Practice

Container Name

  • always use FQDNs as container names, otherwise you can’t drop the capability for setting the hostname.

Directories

  • move /var/lib/lxc to /srv/lxc/containers (lxc-stuff does that through a debconf question already).

Container Data

  • move all container data to /srv/lxc/data/$FQDN and mount /srv/lxc/data/$FQDN to /srv/$FQDN within the container.

LXC Stuff

Some additional scripts are included in the LXC packages:

  • lxc: a convenience wrapper for lxc which allows using commands in the more convenient form of ‘lxc COMMAND CONTAINER’ rather than ‘lxc-COMMAND -n CONTAINER’.
  • lxc-list: lists all containers with status (running/stopped, with information about auto start).
  • lxc-backup/lxc-restore: simple rootfs backup and restore scripts usefull when prototyping.

Bugs

  • Using two bridges with lxc on a kernel version before 2.6.36 results in a kernel panic. With kernel versions prior 2.6.36, either use only one bridge or upgrade your kernel.
  • Google Chrome and Chromium browsers require the suid bit for sandboxing (see Issues 31077 for more information). As a workaround the –no-sandbox parameter can be used.