Lxops - create devices, launch, and rebuild LXD or Incus containers

At various posts in this forum I’ve mentioned how I launch, configure, and rebuild LXD containers
in such a way that I can rebuild a container with a new image and have it back in operation in seconds.

I have now ported this to support Incus, and named it lxops.

Any comments or questions are welcome.

Some excerpts from the README file:


Here is a simple configuration file (example.yaml):

ostype: alpine
image: images:alpine/3.18
- default
- ../packages/base.cfg
- ../packages/bash.cfg
- ../cfg/doas.cfg
- ../cfg/user.cfg

You can create containers a1, a2, using these commands:

	lxops launch -name a1 example.yaml
	lxops launch -name a2 example.yaml

It’s even better if you create an image from this configuration, and create the containers from your image.
The examples repository demonstrates that.

Disk Devices

A central feature of lxops is the ability to create and attach container-specific external disk devices to a container it launches.

The intent is that the combination of external devices and configuration
makes it possible to rebuild a container with a new image without losing data.

ZFS and plain directory devices are supported. ZFS is the implementation tested most.

I typically attach disk devices to all these directories:

  • /home
  • /etc/opt
  • /var/opt
  • /opt
  • /usr/local/bin
  • /var/log
  • /tmp

And make sure I put my application data in these directories only (except /tmp, of course).

When I rebuild a container with a new image, my data persists, since it is not in the root filesystem.
If the container is configured properly (via cloud-config files), the container will reboot with the new image, and keep running its applications.

For example, when launching a container a1, the following ZFS filesystems are automatically created and attached to the container:

  • z/host/a1
  • z/log/a1
  • z/tmp/a1

When the container is rebuilt, the container is deleted, re-launched, and reconfigured, using the existing filesystems.

The paths and locations of these filesystems are specified in the configuration file, parameterized by the instance name.

I make backups of these devices (except /tmp). I do not need to backup the container itself, since it can be reconstructed.
I keep backups of the images I use, so I can reconstruct a container from the configuration file, the image, and the disk devices.

Here is the configuration that creates the above devices (which can be in separate file, included by other configuration files):

device-owner: 1000000:1000000
    pattern: (fsroot)/host/(instance)
    destroy: true
    pattern: (fsroot)/log/(instance)
    destroy: true
    pattern: (tmproot)/(instance)
    destroy: true
    transient: true
    path: /usr/local/bin
    filesystem: host
    path: /etc/opt
    filesystem: host
    path: /home
    filesystem: host
    path: /var/log
    filesystem: log
    dir: .
    path: /opt
    filesystem: host
    path: /tmp
    filesystem: tmp
    dir: .
    path: /var/opt
    filesystem: host
1 Like