I have a class on distributed systems that I would like to move to using lxc. Previously I had them simulating the network using classes and a simulated network library. Now I would like them to use containers connected to virtual networks. Each container will be running a single program that is part of the larger distributed system. It will also be a big difference this year is that that multiple groups will have to collaborate. Each group will be responsible for one of the containers in the larger project. I was looking a docker, but docker by default gives everyone root access, which is no go for academic integrity purposes. I was looking at docker rootless, but that seems to have a significant overhead of running docker servers for every user. I was looking at lxc unprivileged. As far as I can tell lxd or incus doesn’t give the fine grained access control to allow individual users to create images and then only manage the images that they create. So far lxc unprivileged seems to be the closes to what I envision for the class.
My initial experiments are promising, but the images are a bit larger that I was hoping given the number of containers for the number of students. The server is running Ubuntu 20.04 lts. I’d like the students to compile on the server and copy the executables into the containers. I’ve tried the standard ubuntu and the cloud ubuntu minimal daily, but they clock in at about 1/2 G of disk space, and are running extras such as the automatic updates and the networkd-manager. I’d advise on how to strip down to a minimal image with manual network configurations that will only run for a limited time while the students test their networking code.
Thanks.
