Mixed System Containers &

Home , LXC, OpenVZ, Snap (package manager)

Mixed system containers & VMs

Introducing LXD virtual machine support

Stéphane Graber LXD project leader

@stgraber https://stgraber.org [email protected] What are system containers?

They are the oldest type of containers 01 BSD jails, Linux vServer, Solaris Zones, OpenVZ, LXC and LXD.

They behave like standalone systems 02 No need for specialized software or custom images.

Low overhead, easy management 03 Thousands can be run on one system, as easy to manage as a bunch of processes. What are virtual machines?

Virtualized hardware & ﬁrmware 01 Behaves in many ways like a physical system.

Hardware accelerated 02 Useful virtualization requires hardware support, additional performance gain comes from using virtualization-aware devices (e.g. virtio). Can run just about any OS 03 Not constrained to Linux only. LXD

System container CLI Ansible Juju OpenNebula your own client?

& VM manager LXD REST API

LXD LXD LXD LXD

LXC QEMU LXC QEMU LXC QEMU LXC QEMU

Linux kernel Linux kernel Linux kernel Linux kernel

Host A Host B Host C Host ... Chromebooks Travis-CI What LXD is

Simple 01 Clean command line interface, simple REST API and clear terminology.

Fast 02 Image based, optimized storage & migration, direct hardware access.

Secure 03 Safe by default. Combines all available kernel security features.

Scalable 04 From a single instance on a laptop to tens of thousands of instances in a cluster. Wide selection of images

Updated daily LXD clustering

Built-in clustering support 01 No external dependencies, all LXD 3.0 or higher installations can be instantly turned into a cluster. Same API as a single node 02 Clients that aren’t clustering aware just see it as a very large LXD instance.

Scales to thousands of containers on dozens of nodes 03 Uses a built-in distributed database and cross-connections between the nodes to oﬀer a consistent view to clients and load-balance containers. LXD virtual machines

Modern machines 01 UEFI with Secure Boot (where available), virtio devices only, based on QEMU 4.2.

Same API and semantics as our containers 02 No particular VM knowledge needed by existing clients.

Integrates seamlessly with LXD networks, storage, projects, profiles, ... 03 All existing configuration can be shared between containers and virtual machines, profiles with resource limits or devices can apply to both types. LXD

Main Certiﬁcates components Cluster Events

Images Aliases

Instances Snapshots Backups

Networks

Operations

Projects

Storage pools Storage volumes Snapshots Demo time! What’s next

Images for more distributions 01 Get feature parity with our set of container images, done by adding VM image building capability to Distrobuilder and having those images built as part of our normal pipeline. Live update of VM conﬁguration 02 Device hotplug, live adjustments of resource restrictions, ...

Security 03 Integrate with our existing AppArmor and Seccomp generators.

Close feature gap with containers 04 Publishing, backups, migration, ﬁlesystem passthrough, usb devices, GPUs, ...

Agent on other operating systems 05 Port the VM agent to using newly implemented virtio-vsock driver for Windows. LXD everywhere

snap install lxd Support Managed serv. requires snapd on a supported Linux distribution

Native packages Linux available for some releases on Alpine, ArchLinux, Fedora, Gentoo, OpenSUSE and Ubuntu On your Chromebook Search for “Terminal” in your app launcher

MacOS brew install lxc requires Homebrew on current MacOS

Windows choco install lxc requires Chcoolatey on current Windows 10 Contributing to LXD

Written in Go Apache2 licensed 01 With low level logic in C through a 04 Re-use and improve any of our Go variety of libraries. packages in your own projects.

Fully translatable client No copyright assignment 02 An easy way to contribute to LXD, 05 Easy contributions, no legal paperwork, translate our CLI in your language! just send a pull request.

API client libraries Online user community 03 Oﬃcial ones for Go and Python 06 Very active discussion forum with active Additional ones in Ruby, Node, Java, experts in container networking, security Haskell, ... and more.

git clone https://github.com/lxc/lxd Questions ?

Website: https://linuxcontainers.org/lxd Code: https://github.com/lxc/lxd Online demo: https://linuxcontainers.org/lxd/try-it

We have stickers, come Stéphane Graber get them in front! LXD project leader @stgraber https://stgraber.org [email protected]