| Previous Post | Top | Next Post |
TOC
Here is a series of memos of me trying to use LXC/LXD and INCUS on Debian 12 (bookworm).
In order to make full transition to incus, I will trace what I did with lxc
with incus while addressing not only container systems but also virtual
machine systems.
I am using Incus for Debian 12 from Zabbly package repository.
Simple start of Container and VM with Incus
Let me trace Container with LXC/LXD (1).
Since I have enough CPU and memory, I started container systems and VM systems as follows. (I assigned more CPU and memory)
$ incus launch images:debian/12 ct -c limits.cpu=4 -c limits.memory=4GiB
$ incus launch images:debian/12/cloud ctc -c limits.cpu=4 -c limits.memory=4GiB
$ incus launch images:debian/12 vm --vm -c limits.cpu=4 -c limits.memory=4GiB
$ incus launch images:debian/12/cloud vmc --vm -c limits.cpu=4 -c limits.memory=4GiB
After some time waiting for the DHCP resolution:
$ incus ls
+------+---------+-------------------------+------------------------------------------------+-----------------+-----------+
| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS |
+------+---------+-------------------------+------------------------------------------------+-----------------+-----------+
| ct | RUNNING | 10.214.117.246 (eth0) | fd42:4c3b:8e2d:60d:216:3eff:fe75:d242 (eth0) | CONTAINER | 0 |
+------+---------+-------------------------+------------------------------------------------+-----------------+-----------+
| ctc | RUNNING | 10.214.117.158 (eth0) | fd42:4c3b:8e2d:60d:216:3eff:fe7b:9c42 (eth0) | CONTAINER | 0 |
+------+---------+-------------------------+------------------------------------------------+-----------------+-----------+
| vm | RUNNING | 10.214.117.171 (enp5s0) | fd42:4c3b:8e2d:60d:216:3eff:fe0a:a43d (enp5s0) | VIRTUAL-MACHINE | 0 |
+------+---------+-------------------------+------------------------------------------------+-----------------+-----------+
| vmc | RUNNING | 10.214.117.118 (enp5s0) | fd42:4c3b:8e2d:60d:216:3eff:fefb:e649 (enp5s0) | VIRTUAL-MACHINE | 0 |
+------+---------+-------------------------+------------------------------------------------+-----------------+-----------+
As I check default primary user’s GID issue:
$ incus exec ct -- grep ":1000:" /etc/passwd
$ incus exec vm -- grep ":1000:" /etc/passwd
$ incus exec ctc -- grep ":1000:" /etc/passwd
debian:x:1000:1001:Debian:/home/debian:/bin/bash
$ incus exec vmc -- grep ":1000:" /etc/passwd
debian:x:1000:1001:Debian:/home/debian:/bin/bash
I confirmed the situation mentioned in Container with LXC/LXD(1) is still around:
- basic image doesn’t have the primary user
- cloud image has the primary user created by cloud-init with obscure GID.
Clean start of Container and VM with Incus
Let me trace Container with LXC/LXD (2) to get
rid of this ugly GID=1001.
Let me clean up existing instances.
$ incus delete -f ct vm ctc vmc
Let me double-check available cloud images for Debian Bookworm.
$ incus image ls images: debian amd64 cloud bookworm -f compact
ALIAS FINGERPRINT PUBLIC DESCRIPTION ARCHITECTURE TYPE SIZE UPLOAD DATE
debian/12/cloud (3 more) 5b56844619e2 yes Debian bookworm amd64 (20240315_05:24) x86_64 CONTAINER 122.04MiB 2024/03/15 09:00 JST
debian/12/cloud (3 more) db744150188f yes Debian bookworm amd64 (20240315_05:24) x86_64 VIRTUAL-MACHINE 394.61MiB 2024/03/15 09:00 JST
Let me check default profile.
$ incus profile show default
config: {}
description: Default Incus profile
devices:
eth0:
name: eth0
network: incusbr0
type: nic
root:
path: /
pool: default
type: disk
name: default
used_by: []
Let me make a customized YAML profile osamu0.yaml:
description: Osamu's default Incus profile
config:
user.user-data: |-
#cloud-config
users:
- name: osamu
groups: adm, mail
Let me make customized profile osamu0 based on osamu0.yaml:
$ incus profile create osamu0
$ incus profile edit <osamu0.yaml
$ incus profile show osamu0
config:
user.user-data: |-
#cloud-config
users:
- name: osamu
groups: adm, mail
description: Osamu's default Incus profile 0
devices: {}
name: osamu
used_by: []
TBH, I initially had trouble making the above YAML to work as intended since I dropped #cloud-config line thinking it as the mere comment.
I then found a cloud-init page listing the two most common issues with cloud config user data:
- Incorrectly formatted YAML
- The first line does not start with #cloud-config
I also made another profile osamu1 based on osamu1.yaml which uses
cloud-init.user-data: |- instead of user.user-data: |-.
$ incus launch images:debian/12/cloud ctc0 -c limits.cpu=4 -c limits.memory=4GiB --profile default --profile osamu0
$ incus launch images:debian/12/cloud ctc1 -c limits.cpu=4 -c limits.memory=4GiB --profile default --profile osamu1
$ incus launch images:debian/12/cloud vmc0 -c limits.cpu=4 --vm -c limits.memory=4GiB --profile default --profile osamu0
$ incus launch images:debian/12/cloud vmc1 -c limits.cpu=4 --vm -c limits.memory=4GiB --profile default --profile osamu1
$ sleep 5
$ incus ls -f compact
NAME STATE IPV4 IPV6 TYPE SNAPSHOTS
ctc0 RUNNING 10.214.117.73 (eth0) fd42:4c3b:8e2d:60d:216:3eff:fe35:ac44 (eth0) CONTAINER 0
ctc1 RUNNING 10.214.117.113 (eth0) fd42:4c3b:8e2d:60d:216:3eff:fe41:a4a8 (eth0) CONTAINER 0
vmc0 RUNNING 10.214.117.242 (enp5s0) fd42:4c3b:8e2d:60d:216:3eff:fe52:8840 (enp5s0) VIRTUAL-MACHINE 0
vmc1 RUNNING 10.214.117.222 (enp5s0) fd42:4c3b:8e2d:60d:216:3eff:fe76:2b84 (enp5s0) VIRTUAL-MACHINE 0
$ incus exec ctc0 -- grep ":1000:" /etc/passwd
osamu:x:1000:1000::/home/osamu:/bin/sh
$ incus exec ctc1 -- grep ":1000:" /etc/passwd
osamu:x:1000:1000::/home/osamu:/bin/sh
$ incus exec vmc1 -- grep ":1000:" /etc/passwd
osamu:x:1000:1000::/home/osamu:/bin/sh
$ incus exec vmc0 -- grep ":1000:" /etc/passwd
osamu:x:1000:1000::/home/osamu:/bin/sh
So both cloud-init.user-data: |- instead of user.user-data: |- are valid
YAML configuration.
I put all my INCUS YAML files under the 018_incus directory.
YAML syntax for chomp
There are two styles for scalar content in block notation:
- literal style (indicated by “
|”) where all line breaks are significant. - folded style (denoted by “
>”) where each line break is folded to a space unless it ends an empty or a more-indented line.
There are Block Chomping Indicator:
- “
-”: STRIP – the final line break character and any trailing empty lines are excluded - “
+”: KEEP – the final line break and any trailing empty lines are included - “``”: CLIP – the final line break character is included but any trailing empty lines are excluded
This is where “+” in “|+” comes from.
Setting up VM with incus exec ...
Let me set the password for root and osamu accounts.
$ incus exec vmc0 -- passwd
New password:
Retype new password:
passwd: password updated successfully
$ incus exec vmc0 -- passwd osamu
New password:
Retype new password:
passwd: password updated successfully
Let’s also configure system:
$ incus exec vmc0 -- apt update
...
$ incus exec vmc0 -- apt install aptitude sudo wget git mc neovim
...
$ incus exec vmc0 -- usermod -aG sudo osamu
$ incus exec vmc0 -- chsh osamu
Password:
Changing the login shell for osamu
Enter the new value, or press ENTER for the default
Login Shell [/bin/sh]: /bin/bash
Starting VM with VGA console
$ incus restart vmc0 --console=vga
Nice VGA screen shows up ;-) This --console=vga is only for VM.
If I get to manage VMs via incus with VGA console, I don’t need to use
virt-manager any more. (I didn’t like XML based configuration used by
virt-manager platform. YAML is cleaner and incus CLI is more consistent
UX for me.)
| Previous Post | Top | Next Post |