PVE Adopt a Native LXD/LXC: Difference between revisions

From WikiMLT
Spas (talk | contribs)
Spas (talk | contribs)
m Text replacement - "mlw-continue" to "code-continue"
 
(25 intermediate revisions by the same user not shown)
Line 1: Line 1:
<noinclude>{{ContentArticleHeader/Proxmox|toc=off}}{{ContentArticleHeader/Containers}}</noinclude>
<noinclude>{{ContentArticleHeader/Proxmox|toc=off}}{{ContentArticleHeader/Containers|toc-limit=3}}</noinclude>
Converting an LXD/LXC to a ProxmoxVE/LXC is pretty easy, because the are (almost) the same thing.
Converting an LXD/LXC to a ProxmoxVE/LXC is pretty easy, because the are (almost) the same thing.


== Export the Container ==
== Export the Container ==
Go into the instance where the LXD is installed and create a backup of the LXC you want to clone. If the container is installed within LVM you need to mount the root filesystem somewhere and create the archive from inside the mount point. I will going to play the other scenario where the LXC is installed within a directory on Ubuntu 22.04.
Go into the instance where the LXD is installed and create a backup of the LXC you want to clone. If the container is installed within LVM you need to mount the root filesystem somewhere and create the archive from inside the mount point. I will going to play the other scenario where the LXC is installed within a directory on Ubuntu 22.04.
<syntaxhighlight lang="shell" line="1" class="root-prompt mlw-continue mlw-shell-gray">
<syntaxhighlight lang="shell" line="1" class="root-prompt code-continue mlw-shell-gray">
lxc config show --expanded webserver | grep 'privileged'
lxc config show --expanded webserver | grep 'privileged'


</syntaxhighlight>
</syntaxhighlight>
<syntaxhighlight lang="bash" class="root-prompt mlw-continue">
<syntaxhighlight lang="bash" class="root-prompt code-continue">
security.privileged: "false"
security.privileged: "false"
</syntaxhighlight>
</syntaxhighlight>
Line 21: Line 21:
* <code>webserver</code> is the name of the container.
* <code>webserver</code> is the name of the container.
* <code>lxc-webserver.tar.gz</code> is the name of the archive file of that container.
* <code>lxc-webserver.tar.gz</code> is the name of the archive file of that container.
* The backup is created while the container is running, otherwise the <code>--exclude</code> options may not be needed.
In this case the backup is created while the container is running, otherwise the <code>--exclude</code> options may not be needed. In addition I would say using this approach is much easier than using a [[LXD/LXC Basic Setup#Backup LXC Containers|native LXD/LXC backup]], where we need to extract only the <code>rootfs/</code> and archive it again.


== Transfer the Container to the PVE Instance ==
== Transfer the Container to the PVE Instance ==
Copy the backup of an LXD/LXC to a ProxmoxVE's template directory within its storage. In my case I'm using a command as the shown below.<syntaxhighlight lang="shell" line="1">
Copy the backup of an LXD/LXC to a ProxmoxVE's template directory within its storage. In my case I'm using a command as the shown below.<syntaxhighlight lang="shell" line="1" class="root-prompt">
rsync --progress \
rsync --progress \
remote.host:/home/backups/lxc-webserver.tar.gz \
remote.host:/home/backups/lxc-webserver.tar.gz \
Line 30: Line 30:
</syntaxhighlight>Note in the commands above:
</syntaxhighlight>Note in the commands above:


* <code>ssd-1TB</code> is one of my PVE's storage devices that where Container templates is allowed as Content type.
* <code>ssd-1TB</code> is one of my PVE's storage devices {{Pti|s=1|i=A|c=green}} where Container templates {{Pti|s=1|i=B|c=green}} are allowed as Content type.


== Create CT within ProxmoxVE ==
== Create CT within ProxmoxVE ==
At this point we can use the backup file <code>lxc-webserver.tar.gz</code> as container template. And we have two potions: 1) to use WEB GUI or 2) to use the CLI of PVE.
At this point we can use the backup file <code>lxc-webserver.tar.gz</code> as container template {{Pti|s=1|i=C|c=green}}. And we have two potions: 1) to use WEB GUI or 2) to use the CLI of PVE.


=== Create CT via WEB GUI of PVE ===
=== Create CT via WEB GUI of PVE ===
It is pretty easy to use the GUI but it can't be used for scripting. The specific steps are shown at  
It is pretty easy to use the GUI but it can't be used for scripting. The specific steps are shown at {{Media-cite|sf|1}}.
{{Sform
{{Sform
| n = 1
| n = 1
| image = Pve-web-gui-create-ct.webp
| image = Pve-web-gui-create-ct.webp
| m =  
| m = {{pt|s=1|i=A|c=green|a=270|x=14|y=254|z=1.2}}
{{pt|s=1|i=B|c=green|a=90|x=344|y=386|z=1.2}}
{{pt|s=1|i=C|c=green|a=270|x=302|y=468|z=1.2}}
{{pt|s=1|i=1|c=orange|a=0|x=1000|y=634|z=1.2}}
{{pt|s=1|i=2,3|c=orange|a=45|x=578|y=400|z=1.2}}
{{pt|s=1|i=A|c=blue|a=55|x=784|y=350|z=1.2}}
{{pt|s=1|i=C|c=blue|a=125|x=784|y=294|z=1.2}}
| s = 1
| s = 1
| side = 16
| side = 16
}}
}}


=== Create CT via CLI of PVE ===
Gere is how to create <u>un</u>privileged container by using the command <code>[https://pve.proxmox.com/pve-docs/pct.1.html pct]</code>.<syntaxhighlight lang="shell" line="1" class="root-prompt code-continue mlw-shell-gray">
pveam list ssd-1TB
</syntaxhighlight>
<syntaxhighlight lang="terraform" class="root-prompt code-continue">
NAME                                                        SIZE 
ssd-1TB:vztmpl/lxc-webserver.tar.gz                          2541.03MB
ssd-1TB:vztmpl/ubuntu-20.04-standard_20.04-1_amd64.tar.gz    204.28MB
</syntaxhighlight>
<syntaxhighlight lang="shell" line="1" class="root-prompt">
pct create 177 ssd-1TB:vztmpl/lxc-webserver.tar.gz --password "SuperStrong:)" \
--description "LXC migrated" --hostname "webserver" --ostype "ubuntu" \
--cores 2 --memory 2048 --swap 512 --rootfs ssd-1TB:32 \
--features fuse=1,nesting=1 --unprivileged 1 \
--nameserver 172.16.17.151,8.8.8.8 \
--net0 name=eth0,hwaddr=64:6B:5C:36:48:E3,ip=172.16.17.177/24,gw=172.16.17.1,bridge=vmbr0
</syntaxhighlight>
<syntaxhighlight lang="terraform" class="root-prompt code-continue">
Formatting '/mnt/pve/ssd-1TB/images/177/vm-177-disk-0.raw', fmt=raw size=34359738368 preallocation=off
Creating filesystem with 8388608 4k blocks and 2097152 inodes
Filesystem UUID: f7f1fa30-0906-482c-9b5d-afc9be42533f
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624
extracting archive '/mnt/pve/ssd-1TB/template/cache/lxc-webserver.tar.gz'
Total bytes read: 6269102080 (5.9GiB, 124MiB/s)
Detected container architecture: amd64...
</syntaxhighlight>
Notes:
* Instead of <code class="noTypo">-storage ssd-1TB</code> we need to use <code class="noTypo">-rootfs ssd-1TB:32</code> in order to create large enough ''vm-disk'' (32G in this case), otherwise with the default size in most cases you will end up with insufficient disk space space.
* Instead of <code class="noTypo">ssd-1TB&shy;:vztmpl&shy;/&shy;lxc&shy;-&shy;webserver&shy;.&shy;tar&shy;.&shy;gz</code>, we can use <code class="noTypo">/mnt&shy;/&shy;pve&shy;/&shy;ssd&shy;-&shy;1TB&shy;/&shy;tem&shy;pla&shy;te&shy;/&shy;cache&shy;/&shy;lxc&shy;-webserver.tar.gz</code> or even just <code class="noTypo">lxc&shy;-&shy;webserver&shy;.&shy;tar&shy;.&shy;gz</code>.
* Also the options could be provided by double <code class="noTypo">--</code> or by single <code class="noTypo">-</code> dash.


== Post Installation Setup ==
'''1.''' Depending on the way how the original container is initially created, you may need to [https://discuss.linuxcontainers.org/t/run-parts-etc-update-motd-d-98-fsck-at-reboot-exited-with-return-code-2/7985 remove some files] from <code>/etc/update-motd.d/</code>. Here is the  content of that directory of a naively created PVE CT (Linux container).<syntaxhighlight lang="shell" line="1">
ls -1 /etc/update-motd.d/
</syntaxhighlight><syntaxhighlight lang="terraform">
00-header
10-help-text
50-motd-news
88-esm-announce
91-contract-ua-esm-status
91-release-upgrade
92-unattended-upgrades
</syntaxhighlight>'''2.''' Depending on your LAN DHCP setup you may want manually set a static IP from the instance.<syntaxhighlight lang="shell" line="1">
sudo nano /etc/netplan/50-cloud-init.yaml  # The name of your conf file culd be different
</syntaxhighlight><syntaxhighlight lang="yaml" class="code-continue">
network:
    version: 2
    ethernets:
        eth0:
            addresses:
                - 172.16.17.177/24
            nameservers:
                addresses: [172.16.17.151, 1.1.1.1, 8.8.8.8, 8.8.4.4]
            routes:
                - to: default
                  via: 172.16.17.1
</syntaxhighlight><syntaxhighlight lang="shell" line="1">
sudo nano /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
</syntaxhighlight><syntaxhighlight lang="yaml" class="code-continue">
network: {config: disabled}
</syntaxhighlight><syntaxhighlight lang="shell" line="1" class="code-continue">
sudo netplan apply
</syntaxhighlight><syntaxhighlight lang="shell" line="1" class="code-continue mlw-shell-gray">
sudo ip addr show eth0 | grep -w 'inet'
</syntaxhighlight>
<syntaxhighlight lang="terraform" class="code-continue">
inet 172.16.17.177/24 metric 100 brd 172.16.17.255 scope global dynamic eth0
</syntaxhighlight>'''3.''' Finally you may want to remove some packages and <code>apt</code> repositories.<syntaxhighlight lang="shell" line="1" class="code-continue">
sudo rm /etc/apt/sources.list.d/droplet-agent.list
sudo apt remove droplet-agent droplet-agent-keyring
</syntaxhighlight>
== References ==
== References ==
*ProxmoxVE Documentation: <code>[https://pve.proxmox.com/pve-docs/pct.1.html pct]</code>
*ProxmoxVE Wiki: [[pve:Linux_Container|Linux Container]]
*ProxmoxVE Wiki: [[pve:Unprivileged_LXC_containers|Unprivileged LXC containers]]
*Proxmox Forum: [https://forum.proxmox.com/threads/custom-disksize-and-storage-with-pct-create.54928/ Custom disk size and storage with 'pct create']
*Linux Containers: [https://linuxcontainers.org/lxc/security/ LXC > Security > Privileged and Unprivileged containers]  
*Linux Containers: [https://linuxcontainers.org/lxc/security/ LXC > Security > Privileged and Unprivileged containers]  
*Linux Containers Discuss: [https://discuss.linuxcontainers.org/t/check-privileged-or-unprivileged/238 Check privileged or unprivileged]
*Linux Containers Discuss: [https://discuss.linuxcontainers.org/t/check-privileged-or-unprivileged/238 Check privileged or unprivileged]
*Linux Containers Discuss: [https://discuss.linuxcontainers.org/t/run-parts-etc-update-motd-d-98-fsck-at-reboot-exited-with-return-code-2/7985 '''Run-parts: /etc/update-motd.d/98-fsck-at-reboot exited with return code 2'''] (<u>post</u> i<u>nstallation</u> <u>setup</u>)
*Linux Containers Discuss: [https://discuss.linuxcontainers.org/t/simple-script-to-convert-any-gnu-linux-machine-into-a-proxmox-lxc-container/10339/3 Simple script to convert any gnu/linux machine into a proxmox lxc container] (more directories and files which can be excluded)
* Server Fault: '''[https://serverfault.com/q/731400/364207 How to migrate a regular LXC container to a Proxmox LXC container?]'''
* Mi blog lah!: [https://blog.simos.info/how-to-view-the-files-of-your-lxd-container-from-the-host/ How to view the files of your LXD container from the host]
* Mi blog lah!: [https://blog.simos.info/how-to-view-the-files-of-your-lxd-container-from-the-host/ How to view the files of your LXD container from the host]
* Server Fault: [https://serverfault.com/a/1036931/364207 '''How to migrate a regular LXC container to a Proxmox LXC container?''']
* GitHub Gist: [https://gist.github.com/tinoji/7e066d61a84d98374b08d2414d9524f2 tinoji/'''proxmox_lxc_pct_provisioner'''.sh] (more commands and ideas)
* TecAdmin: [https://tecadmin.net/how-to-configure-static-ip-address-on-ubuntu-22-04/ <nowiki>How to Configure Static IP Address on Ubuntu 22.04 [Method 2]</nowiki>] (<u>post</u> <u>installation</u> <u>setup</u>)
* TechMint: [https://www.tecmint.com/ip-command-examples/ '''10 Useful “IP” Commands to Configure Network Interfaces'''] (<u>post</u> <u>installation</u> <u>setup</u>)
<noinclude>
<noinclude>
<div id='devStage'>
<div id='devStage'>
{{devStage
{{devStage  
  | Прндл  = Proxmox
  | Прндл  = Proxmox
  | Пдрдб  = g
  | Пдрдб  = g
  | Прндл1 = Containers
  | Прндл1 = Containers
  | Стадий = 3
  | Стадий = 6
  | Фаза  = Разработване
  | Фаза  = Утвърждаване
  | Статус = Разработван
  | Статус = Утвърден
  | ИдтПт  = Spas
  | ИдтПт  = Spas
  | РзбПт  = {{REVISIONUSER}}
  | РзбПт = Spas
| АвтПт  = Spas
| УтвПт = {{REVISIONUSER}}
  | ИдтДт  = 8.09.2022
  | ИдтДт  = 8.09.2022
  | РзбДт  = {{Today}}
  | РзбДт = 23.09.2022
| АвтДт  = 23.09.2022
| УтвДт = {{Today}}
  | ИдтРв  = [[Special:Permalink/31328|31328]]
  | ИдтРв  = [[Special:Permalink/31328|31328]]
  | РзбРв  = {{REVISIONID}}
  | РзбРв = [[Special:Permalink/31750|31750]]
| АвтРв  = [[Special:Permalink/31751|31751]]
| УтвРв = {{REVISIONID}}
}}
}}
</div>
</div>
</noinclude>
</noinclude>

Latest revision as of 07:28, 26 September 2022

Con­vert­ing an LXD/LXC to a ProxmoxVE/​​​LXC is pret­ty easy, be­cause the are (al­most) the same thing.

Ex­port the Con­tain­er

Go in­to the in­stance where the LXD is in­stalled and cre­ate a back­up of the LXC you want to clone. If the con­tain­er is in­stalled with­in LVM you need to mount the root filesys­tem some­where and cre­ate the archive from in­side the mount point. I will go­ing to play the oth­er sce­nario where the LXC is in­stalled with­in a di­rec­to­ry on Ubun­tu 22.04.

lxc config show --expanded webserver | grep 'privileged'
security.privileged: "false"
cd /var/snap/lxd/common/lxd/storage-pools/default/containers/webserver/rootfs
tar --exclude=dev --exclude=sys --exclude=proc --exclude=tmp/* \
-czvf /home/backups/lxc-webserver.tar.gz ./

Note in the com­mands above:

  • web­serv­er is the name of the con­tain­er.
  • lxc-webserver.tar.gz is the name of the archive file of that con­tain­er.

In this case the back­up is cre­at­ed while the con­tain­er is run­ning, oth­er­wise the –ex­clude op­tions may not be need­ed. In ad­di­tion I would say us­ing this ap­proach is much eas­i­er than us­ing a na­tive LXD/LXC back­up, where we need to ex­tract on­ly the rootfs/​​​ and archive it again.

Trans­fer the Con­tain­er to the PVE In­stance

Copy the back­up of an LXD/LXC to a ProxmoxVE's tem­plate di­rec­to­ry with­in its stor­age. In my case I'm us­ing a com­mand as the shown be­low.

rsync --progress \
remote.host:/home/backups/lxc-webserver.tar.gz \
/mnt/pve/ssd-1TB/template/cache/

Note in the com­mands above:

  • ssd-1TB is one of my PVE's stor­age de­vices A where Con­tain­er tem­plates B are al­lowed as Con­tent type.

Cre­ate CT with­in Prox­moxVE

At this point we can use the back­up file lxc-webserver.tar.gz as con­tain­er tem­plate C. And we have two po­tions: 1) to use WEB GUI or 2) to use the CLI of PVE.

Cre­ate CT via WEB GUI of PVE

It is pret­ty easy to use the GUI but it can't be used for script­ing. The spe­cif­ic steps are shown at Screen 1.

Screen 1. Create Linux container (CT) within ProxmoxVE 7.2.
Screen 1. Cre­ate Lin­ux con­tain­er (CT) with­in Prox­moxVE 7.2. Screen 1. Create Linux container (CT) within ProxmoxVE 7.2.

Cre­ate CT via CLI of PVE

Gere is how to cre­ate unpriv­i­leged con­tain­er by us­ing the com­mand pct.

pveam list ssd-1TB
NAME                                                         SIZE  
ssd-1TB:vztmpl/lxc-webserver.tar.gz                          2541.03MB
ssd-1TB:vztmpl/ubuntu-20.04-standard_20.04-1_amd64.tar.gz    204.28MB
pct create 177 ssd-1TB:vztmpl/lxc-webserver.tar.gz --password "SuperStrong:)" \
--description "LXC migrated" --hostname "webserver" --ostype "ubuntu" \
--cores 2 --memory 2048 --swap 512 --rootfs ssd-1TB:32 \
--features fuse=1,nesting=1 --unprivileged 1 \
--nameserver 172.16.17.151,8.8.8.8 \
--net0 name=eth0,hwaddr=64:6B:5C:36:48:E3,ip=172.16.17.177/24,gw=172.16.17.1,bridge=vmbr0
Formatting '/mnt/pve/ssd-1TB/images/177/vm-177-disk-0.raw', fmt=raw size=34359738368 preallocation=off
Creating filesystem with 8388608 4k blocks and 2097152 inodes
Filesystem UUID: f7f1fa30-0906-482c-9b5d-afc9be42533f
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 
	4096000, 7962624
extracting archive '/mnt/pve/ssd-1TB/template/cache/lxc-webserver.tar.gz'
Total bytes read: 6269102080 (5.9GiB, 124MiB/s)
Detected container architecture: amd64...

Notes:

  • In­stead of -storage ssd-1TB we need to use -rootfs ssd-1TB:32 in or­der to cre­ate large enough vm-disk (32G in this case), oth­er­wise with the de­fault size in most cas­es you will end up with in­suf­fi­cient disk space space.
  • In­stead of ssd-1TB­:vztmpl­/­lxc­-­webserver­.­tar­.­gz, we can use /mnt­/­pve­/­ssd­-­1TB­/­tem­pla­te­/­cache­/­lxc­-webserver.tar.gz or even just lxc­-­webserver­.­tar­.­gz.
  • Al­so the op­tions could be pro­vid­ed by dou­ble -- or by sin­gle - dash.

Post In­stal­la­tion Set­up

1. De­pend­ing on the way how the orig­i­nal con­tain­er is ini­tial­ly cre­at­ed, you may need to re­move some files from /etc/update-motd.d/. Here is the con­tent of that di­rec­to­ry of a naive­ly cre­at­ed PVE CT (Lin­ux con­tain­er).

ls -1 /etc/update-motd.d/
00-header
10-help-text
50-motd-news
88-esm-announce
91-contract-ua-esm-status
91-release-upgrade
92-unattended-upgrades

2. De­pend­ing on your LAN DHCP set­up you may want man­u­al­ly set a sta­t­ic IP from the in­stance.

sudo nano /etc/netplan/50-cloud-init.yaml   # The name of your conf file culd be different
network:
    version: 2
    ethernets:
        eth0:
            addresses:
                - 172.16.17.177/24
            nameservers:
                addresses: [172.16.17.151, 1.1.1.1, 8.8.8.8, 8.8.4.4]
            routes:
                - to: default
                  via: 172.16.17.1
sudo nano /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg
network: {config: disabled}
sudo netplan apply
sudo ip addr show eth0 | grep -w 'inet'
inet 172.16.17.177/24 metric 100 brd 172.16.17.255 scope global dynamic eth0

3. Fi­nal­ly you may want to re­move some pack­ages and apt repos­i­to­ries.

sudo rm /etc/apt/sources.list.d/droplet-agent.list
sudo apt remove droplet-agent droplet-agent-keyring

Ref­er­ences