Wednesday, August 14, 2013

lxc with fast cloning via overlayfs and userdata via clone hooks

Serge Hallyn and Stéphane Graber made some really nice improvements to LXC in the last few months.  These include:
  • user namespaces, which will bring us secure containers in 14.04 and the ability to safely run containers without root. 
  • a library with bindings for C, go and python3.
  • cloning with overlayfs
  • hooks executed at clone time.
I had previously worked with Ben Howard on the 'ubuntu cloud' template, and I just finished some updates to it that take advantage of overlayfs and clone hooks to provide a great environment to use or test cloud-init.

Previously the ubuntu cloud template (which downloads a cloud image to create a container) allowed the user to specify userdata or public keys at container creation time.  The change was really just to move the container customization code to a clone hook.

Thanks to the daily build ppa, you can do this on any release from 12.04 to 13.10.

Hopefully the example below explains this better.  The times reported are from my Thinkpad X120e, which is a netbook class cpu and slow disk.  Times clearly will vary, and these are not meant to be scientific results.
If you do not see the embedded file below, please read the remainder of this post in the gist on github.