Tag: lxd

Running X11 software in LXD containers

Updated instructions for LXD 4.5 (September 2020) LXD 4.5 has added features that make proxy devices more secure in the sense that if something goes wrong on the proxy device, your system is safer. Specifically, the proxy devices are now under AppArmor confinement. In doing so, however, something broke and it was not possible to …

Continue reading

Permanent link to this article: https://blog.simos.info/running-x11-software-in-lxd-containers/

Discussion on running X11 applications from within LXD system containers

With LXD, you can create system containers. These system containers are similar to virtual machines, while at the same time they are very lightweight. In a VM, you boot a full Linux kernel and you run your favorite Linux distribution in a virtualized environment that has a fixed disk size and dedicated allocation of RAM …

Continue reading

Permanent link to this article: https://blog.simos.info/discussion-on-running-x11-applications-from-within-lxd-system-containers/

Comparison between LXC and LXD

More, but on the same hardware Traditionally, we would have a physical computer and expect to run a single operating system on it. One way to go over this limitation, is to use virtualization, which allows us to run multiple operating systems (virtual machines) on a computer. For virtualization to work efficiently, we would need …

Continue reading

Permanent link to this article: https://blog.simos.info/comparison-between-lxc-and-lxd/

How to add multi-line raw.lxc configuration to LXD

In LXD, you can add multiple settings in a single command line. For example, to both limit the memory to 2GB and the CPUs to a single core, you would run the following in a single line. Obviously, you can set these separately as well. lxc config set mycontainer limits.memory=2GB limits.cpu=1 See the LXD key/value …

Continue reading

Permanent link to this article: https://blog.simos.info/how-to-add-multi-line-raw-lxc-configuration-to-lxd/

How to setup Netdata in a LXD container for real-time monitoring

Netdata does real-time health monitoring and performance troubleshooting for systems and applications. It helps you instantly diagnose slowdowns and anomalies in your infrastructure with thousands of metrics, interactive visualizations, and insightful health alarms. When you set it up on your system, Netdata sets up a Web page where you can view real-time information, including CPU …

Continue reading

Permanent link to this article: https://blog.simos.info/how-to-setup-netdata-in-a-lxd-container-for-real-time-monitoring/

Testing CVE-2019-11043 (php-fpm security vulnerability) with LXD system containers

CVE-2019-11043 is a buffer overflow in php-fpm that under certain conditions, can lead to remote execution. There is an exploit at PHuiP-FPizdaM that targets certain nginx and php-fpm configurations. On their page, the describe how to use Docker to test this exploit. In this post, we use LXD to test the exploit and verify whether …

Continue reading

Permanent link to this article: https://blog.simos.info/testing-cve-2019-11043-php-fpm-security-vulnerability-with-lxd-system-containers/

%d bloggers like this: