Beginner LXD Questions

GeorgeL · June 4, 2018, 2:32am

Hi being new to LXD, I have a few questions I need clarification on for my intended usage. I plan to setup Ubuntu 18.0.4 with LXD and create 2 LXD containers one for Ubuntu 18.0.4 LEMP stack and one for CentOS 7.5 Centmin Mod LEMP stack for intended purposes in benchmarking the performance between the 2 LXD container’s LEMP stacks.

Questions

1. system TCP/Kernel tuning /etc/sysctl.conf at LXD container and host level.

Where does /etc/sysctl.conf come into this setup ? LXD container’s inherit host level /etc/sysctl.conf settings ? or can each LXD container set it’s own /etc/sysctl.conf settings separate from host level ?

2. LXD container identification methods ?

My CentOS Centmin Mod LEMP stack project auto installer auto tunes a server environment based on server resources as well as virtualisation type detected i.e. kvm, xen and openvz and optimises accordingly. For OpenVZ detection, i script and check for /proc/user_beancounters. So with LXD containers, is there anything similar within the container to allow me to identify that the environment is LXD container based ?

3. Container CPU limits

I read about cpu limits at http://lxd.readthedocs.io/en/stable-3.0/containers/#cpu-limits. If I am benchmarking and comparing 2x LXD containers, should I be messing with CPU limits for better comparison or the default out of box ok ?

Any help in clarifying the above questions is very much appreciated

cheers

George

stgraber · June 4, 2018, 3:14am

Containers will inherit sysctls from the host and in most cases cannot override them. There are a number of exceptions to that, mostly around IPC and network sysctls where some of them will be tied to the IPC or NET namespaces. Easiest here is to try, if the LXD container can modify the sysctl, it’s namespaced, if not, then it’s not.
systemd-detect-virt if present should do the trick. Otherwise you can manually check the environment of PID1 for the container= variable (cat /proc/1/environ | tr '\0' '\n')
The Linux scheduler is usually pretty smart and so in most cases, even in production, you’re unlikely to really need to use any CPU limits. That being said, for benchmarking purposes, if you can afford it, having each container pinned to two CPU cores that aren’t used for anything else would likely give the fairest environment (while still allowing for multi-threading). You could set limits.cpu=1-2 on the first container and limits.cpu=3-4 on the second. That assumes that you have at least 5 cores/threads available on your system (as CPU count starts at 0). CPU 0 is the usual target for IRQs so not particualrly fair to use that one when benchmarking.

GeorgeL · June 4, 2018, 3:56am

Cheers @stgraber just the info I need. Thanks for the clarification

GeorgeL · June 5, 2018, 12:04am

One more noob question. My scripted LEMP installer checks to see Linux Kernel has IPSET module support. But what’s the best way to check this within the LXD guest container itself ?

from lxd guest I get

find /lib/modules/`uname -r` -name 'ipset'
find: '/lib/modules/4.15.0-22-generic': No such file or directory

while on lxd host I get

find /lib/modules/`uname -r` -name 'ipset'                       
/lib/modules/4.15.0-22-generic/kernel/net/netfilter/ipset

GeorgeL · June 5, 2018, 1:06am

Another question, how to deal with locale differences in CentOS lxd guest container ?

lxd guest CentOS 7.5

localectl status
Could not get properties: Connection timed out

localectl list-locales | grep 'en_US'
en_US
en_US.iso88591
en_US.iso885915
en_US.utf8

csf -u
perl: warning: Setting locale failed.
perl: warning: Please check that your locale settings:
        LANGUAGE = (unset),
        LC_ALL = (unset),
        LANG = "C.UTF-8"
    are supported and installed on your system.
perl: warning: Falling back to the standard locale ("C").
csf is already at the latest version: v12.04

locale
locale: Cannot set LC_CTYPE to default locale: No such file or directory
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
locale: Cannot set LC_ALL to default locale: No such file or directory
LANG=C.UTF-8
LC_CTYPE="C.UTF-8"
LC_NUMERIC="C.UTF-8"
LC_TIME="C.UTF-8"
LC_COLLATE="C.UTF-8"
LC_MONETARY="C.UTF-8"
LC_MESSAGES="C.UTF-8"
LC_PAPER="C.UTF-8"
LC_NAME="C.UTF-8"
LC_ADDRESS="C.UTF-8"
LC_TELEPHONE="C.UTF-8"
LC_MEASUREMENT="C.UTF-8"
LC_IDENTIFICATION="C.UTF-8"
LC_ALL=

on lxd host Ubuntu 18.04

localectl status
   System Locale: LANG=en_US.UTF-8
       VC Keymap: n/a
      X11 Layout: us
       X11 Model: pc105

localectl list-locales | grep 'en_US'
en_US.utf8

edit: looks like one is in CentOS 7 lxd guest do

echo "export LANG=en_US.UTF-8" >> /etc/profile.d/locale.sh
echo "export LANGUAGE=en_US.UTF-8" >> /etc/profile.d/locale.sh

simos · June 5, 2018, 2:12am

The containers are using the Linux kernel of the host.
Therefore, you would first need to load that kernel module on the host.
Then, it’s up to the way that the LXD confinement works, whether that kernel module is accessible.
Obviously, the unprivileged container cannot load a Linux kernel module.

You might have to relax the confinement of the containers in order to provide access to that kernel module.
But try first whether you can use it in the container.

simos · June 5, 2018, 2:13am

To set environment variables such as the locale, see

Ideally, you would configure your default profile to set the proper locale string.

GeorgeL · June 5, 2018, 3:17am

where in official documentation should I be looking for that info to do that ?

cheers, didn’t even realise date output was off in containers ! another item to take note of

on lxd host

date
Mon Jun  4 20:18:50 PDT 2018

within my centos lxd guest container

date
Tue Jun  5 03:15:50 UTC 2018

mytimes
Tue Jun  5 03:18:45 UTC 2018    [UTC]
Tue Jun  5 13:18:45 AEST 2018   [Australia/Brisbane]
Mon Jun  4 20:18:45 PDT 2018    [America/Los_Angeles]
Mon Jun  4 22:18:45 CDT 2018    [America/Chicago]
Mon Jun  4 23:18:45 EDT 2018    [America/New_York]
Mon Jun  4 23:18:45 EDT 2018    [America/Montreal]
Tue Jun  5 04:18:45 BST 2018    [Europe/London]
Tue Jun  5 05:18:45 CEST 2018   [Europe/Berlin]
Tue Jun  5 10:18:45 +07 2018    [Asia/Bangkok]
Tue Jun  5 10:18:45 +07 2018    [Asia/Ho_Chi_Minh]
Tue Jun  5 10:18:45 WIB 2018    [Asia/Jakarta]
Tue Jun  5 11:18:45 +08 2018    [Asia/Kuala_Lumpur]
Tue Jun  5 11:18:45 +08 2018    [Asia/Singapore]

simos · June 5, 2018, 7:36am

First, you need to check whether it works or not.
I do not know where you can get documentation for that.

I think it’s a natural default to set the default timezone to UTC. People use containers in different timezones depending on the location of the datacenter and it would be very messy to try to autoguess what timezone to use. Therefore, it is up to use to set a timezone or other parameters.
Use lxc profile to set these to the default profile, so that they are applied automatically.
If you have existing containers, you can re-apply a profile to them.

GeorgeL · June 5, 2018, 8:04am

Cheers i actually set my lemp stack installer to default to UTC too. So actually don’t need to do anything within the container

springerst94 · June 8, 2018, 4:55pm

I am new to lxd containers. I have a three node cluster - with two containers per node. The containers on a single node can communicate via the network. But I can not communicate to containers on other nodes.
All of my containers are on one bridge
lxdbr0 | bridge | YES | | 6 | CREATED

I am running lxd 3.0.

What do I need to do/configure to facilitate communication between all containers across all nodes? I also want to communicate to other servers in my lab.

thanks