In LXD, you can add multiple settings in a single command line. For example, to both limit the memory to 2GB and the CPUs to a single core, you would run the following in a single line. Obviously, you can set these separately as well. lxc config set mycontainer limits.memory=2GB limits.cpu=1 See the LXD key/value …
Permanent link to this article: https://blog.simos.info/how-to-add-multi-line-raw-lxc-configuration-to-lxd/
Nov 04 2019
How to setup Netdata in a LXD container for real-time monitoring
Netdata does real-time health monitoring and performance troubleshooting for systems and applications. It helps you instantly diagnose slowdowns and anomalies in your infrastructure with thousands of metrics, interactive visualizations, and insightful health alarms. When you set it up on your system, Netdata sets up a Web page where you can view real-time information, including CPU …
Permanent link to this article: https://blog.simos.info/how-to-setup-netdata-in-a-lxd-container-for-real-time-monitoring/
Oct 28 2019
Testing CVE-2019-11043 (php-fpm security vulnerability) with LXD system containers
CVE-2019-11043 is a buffer overflow in php-fpm that under certain conditions, can lead to remote execution. There is an exploit at PHuiP-FPizdaM that targets certain nginx and php-fpm configurations. On their page, the describe how to use Docker to test this exploit. In this post, we use LXD to test the exploit and verify whether …
Permanent link to this article: https://blog.simos.info/testing-cve-2019-11043-php-fpm-security-vulnerability-with-lxd-system-containers/
Oct 22 2019
How to add both a private and public network to LXD using cloud-init
When you launch a new LXD container, LXD applies the default LXD profile unless you specify a different profile. By adding configuration to a LXD profile, you can launch containers with specific parameters such as specific network configuration. In the following we see how this default LXD profile looks like, and then use cloud-init instructions …
Permanent link to this article: https://blog.simos.info/how-to-add-both-a-private-and-public-network-to-lxd-using-cloud-init/
Sep 06 2019
How to use the LXD Proxy Device to map ports between the host and the containers
LXD supports proxy devices, which is a way to proxy connections between the host and containers. This includes TCP, UDP and Unix socket connections. For example, when someone connects to your host on port 80 (http), then this connection can be proxied to a container using a proxy device. In that way, you can isolate …
Permanent link to this article: https://blog.simos.info/how-to-use-the-lxd-proxy-device-to-map-ports-between-the-host-and-the-containers/
Aug 30 2019
Cloud-init support in LXD container images
cloud-init is a tool to help you customize cloud images. When you launch a cloud image, you can provide to it with your cloud-init instructions, and the cloud image will execute them. In that way, you can start with a generic cloud image, and as soon as it booted up, it will be configured to …
Permanent link to this article: https://blog.simos.info/cloud-init-support-in-lxd-container-images/
Recent Comments