How to check if an LXD container runs privileged?

ByPieter Bakker 08/05/202408/05/2024

It is not recommended to run LXD containers in privileged mode because this can seriously compromise the isolation and/or security of the host system. A privileged container can do things that affect the entire host – for example, it can use things in /sys to reset the network card, which will reset it for the entire host, causing network blips. Unfortunately, this is sometimes necessary for certain applications that require direct access to system files to run properly. To check which LXD containers are effectively running in privileged mode, run the following command on the host:

lxc list security.privileged=true

LXD | ZFS

Fix “dataset is busy” error when deleting container in LXD.

ByPieter Bakker 06/10/202224/10/2022

If you try to delete a LXD container, you may get a “dataset is busy” error message because the dataset the container uses in the ZFS storage pool remains mounted in the namespace used by LXD. In this example, we will simulate this problem by trying to delete a container “alpine”. # lxc delete alpine…

LXD

LXD container with static IPv4 address?

ByPieter Bakker 01/06/202124/04/2023

By default, a new LXD container is assigned a dynamic IPv4 address by the internal LXD DHCP server. However, in many cases it is necessary to assign a static IP address, for example to make a web server available on a separate container behind a proxy server running on another container on the same host,…

LXD | apt | Ubuntu

Automatically update all your running LXD containers.

ByPieter Bakker 20/09/202225/12/2022

While you could perform common management of multiple LXD containers with tools like Ansible or Puppet, in this tutorial we are going to show how to work with a simple script that runs on the host and automatically updates/upgrades all running Debian/Ubuntu-based containers. We could extend the script to perform other tasks or include updates/upgrades…

LXD | LXC

Copy files and directories between host and a LXD container?

ByPieter Bakker 03/10/202203/10/2022

In this tutorial, we will show you how to use the “push” and “pull” command to easily copy files and directories between a host server and a LXC container and visa versa. In this example, on the host server, we will first create a file “myfile.txt” in the “tmp” directory. # touch /tmp/myfile.txt Now copy…

LXD

How to Limit Resources on a LXD Container?

ByPieter Bakker 02/02/202302/02/2023

LXD containers are lightweight virtual machines that provide isolated environments for applications to run. While they are designed to be lightweight and resource-efficient, it is still possible for applications to consume excessive resources and affect the overall performance of the system. To ensure that the resources of your LXD containers are used efficiently, it is…

LXD | LXC | Rsync | ZFS

How to Backup LXD Containers to a Remote Host with Rsync.

ByPieter Bakker 09/03/202310/03/2023

In this tutorial, you will learn how to use Rsync to backup your LXD containers running on a ZFS storage pool to a remote host. Backing up your containers is an essential step in protecting your data and ensuring business continuity in case of any disaster. With Rsync, you can easily transfer the snapshot of…

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Similar Posts