lxc/doc/lxc.conf.sgml.in

	lxc.conf.sgml.in revision b0a33c1eb65d2c87e886c740a0dadd8ad5f8d87d
a5ba96715d4ef264c43d4f187251de491ba198c0KATOH Yasufumi<!--
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumilxc: linux Container library
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi(C) Copyright IBM Corp. 2007, 2008
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
9d0cda4f22f76d693e2ceef0f77f2ba24227433cStéphane GraberAuthors:
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiDaniel Lezcano <dlezcano at fr.ibm.com>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiThis library is free software; you can redistribute it and/or
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumimodify it under the terms of the GNU Lesser General Public
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiLicense as published by the Free Software Foundation; either
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiversion 2.1 of the License, or (at your option) any later version.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiThis library is distributed in the hope that it will be useful,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumibut WITHOUT ANY WARRANTY; without even the implied warranty of
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiMERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiLesser General Public License for more details.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiYou should have received a copy of the GNU Lesser General Public
a5ba96715d4ef264c43d4f187251de491ba198c0KATOH YasufumiLicense along with this library; if not, write to the Free Software
57da8c32f85c0255efa61ee32e260068afdaa565KATOH YasufumiFoundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
8900b9eb2514c07047541833286428572493a9fdStéphane Graber
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi-->
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi<!DOCTYPE refentry PUBLIC "-//Davenport//DTD DocBook V3.0//EN">
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
faefa7f8584a7d1567df2e6f1f9240a28a6466abStéphane Graber<refentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi  <docinfo><date>@LXC_GENERATE_DATE@</date></docinfo>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi  <refmeta>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refentrytitle>lxc.conf</refentrytitle>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <manvolnum>5</manvolnum>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi  </refmeta>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi  <refnamediv>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refname>lxc.conf</refname>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refpurpose>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      linux container configuration file
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </refpurpose>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi  </refnamediv>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi  <refsect1>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <title>Description</title>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <para>
6127da6b3f5815028bee187ac98840cd94313841KATOH Yasufumi      The linux containers (<command>lxc</command>) are always created
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      before being used. This creation defines a set of system
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      resources to be virtualized / isolated when a process is using
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      the container. By default, the pids, sysv ipc and mount points
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      are virtualized and isolated. The other system resources are
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      shared across containers, until they are explicitly defined in
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      the configuration file. For example, if there is no network
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      configuration, the network will be shared between the creator of
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      the container and the container itself, but if the network is
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      specified, a new network stack is created for the container and
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      the container can no longer use the network of its ancestor.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi    <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      The configuration file defines the different system resources to
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      be assigned for the container. At present, the utsname, the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      network, the mount points, the root file system and the control
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      groups are supported.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <para>
9a97d4e4bdf331bb2c2b8ed14bcefa53358c288fKATOH Yasufumi      Each option in the configuration file has the form <command>key
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      = value</command> fitting in one line. The '#' caracter means
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      the line is a comment.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refsect2>
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi      <title>Hostname</title>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    The utsname section defines the hostname to be set for the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    container. That means the container can set its own hostname
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    without changing the one from the system. That makes the
9a97d4e4bdf331bb2c2b8ed14bcefa53358c288fKATOH Yasufumi    hostname private for the container.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <option>lxc.utsname</option>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          specify the hostname for the container
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <title>Network</title>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    The network section defines how the network is virtualized in
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    the container. The network virtualization acts at the layer
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    two, so in order to use the network, a few information should
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    be specified to define the network interfaces to be used by
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    the container. Several virtual interfaces can be assigned and
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    used in a container either if the system has only one physical
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    network interface.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <option>lxc.network.type</option>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          specify what kind of network virtualization to be used
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          for the container. Each time
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          a <option>lxc.network.type</option> field is found a new
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          round of network configuration begins. By this way
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          several network virtualization can be specified for the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          same container, as well as assigning several network
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi          interfaces for one container. The different
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi          virtualization types can be:
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          <option>empty:</option> a new network stack is created
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          for the container, but it will not contain any network
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          interface.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          <option>veth:</option> a new network stack is created, a
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          peer network device is created with one side assigned to
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          the container and the other side attached to a bridge
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          specified by the <option>lxc.network.link</option>. The
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          bridge has to be setup before on the
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi          system, <command>lxc</command> won't handle
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi          configuration outside of the container.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          <option>macvlan:</option> a new network stack is
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          created, a macvlan interface is linked with the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          interface specified by
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          the <option>lxc.network.link</option> and assigned to
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          the container.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          <option>phys:</option> a new network stack is created
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          and the interface specified by
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          the <option>lxc.network.link</option> is assigned to the
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi          container.
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <option>lxc.network.flags</option>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          specify an action to do for the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          network.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi        <para><option>up:</option> activates the interface.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi    <varlistentry>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi      <term>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi        <option>lxc.network.link</option>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi      </term>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi      <listitem>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi        <para>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi          specify the interface to be used for real network
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi          traffic.
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi        </para>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi      </listitem>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi    </varlistentry>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi    <varlistentry>
8128cf421081b683bca4610aa2db3e3ed851ab92KATOH Yasufumi      <term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <option>lxc.network.name</option>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          the interface name is dynamically allocated, but if an
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          other name is needed because the configuration files
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          being used by the container use a generic name,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          eg. eth0, this option will rename the interface in the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          container.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi      </listitem>
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi    </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <option>lxc.network.hwaddr</option>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          the interface mac address is dynamically allocated by
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          default to the virtual interface, but in some case, this
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          is needed to resolve a mac address conflict or to have
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          always the same link-locak ipv6 address.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <option>lxc.network.ipv4</option>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          specify the ipv4 address to assign to the virtualized
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          interface. Several lines specify several ipv4 addresses.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          The address is in format x.y.z.t/m,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          eg. 192.168.1.123/24.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </varlistentry>
56e4a18564f8ab3d93c0f2b5f91aa5cff4f171c9KATOH Yasufumi
56e4a18564f8ab3d93c0f2b5f91aa5cff4f171c9KATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
56e4a18564f8ab3d93c0f2b5f91aa5cff4f171c9KATOH Yasufumi        <option>lxc.network.ipv6</option>
56e4a18564f8ab3d93c0f2b5f91aa5cff4f171c9KATOH Yasufumi      </term>
56e4a18564f8ab3d93c0f2b5f91aa5cff4f171c9KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          specify the ipv6 address to assign to the virtualized
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          interface. Several lines specify several ipv6 addresses.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          The address is in format x::y/m,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          eg. 2003:db8:1:0:214:1234:fe0b:3596/64
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <title>Console through the ttys</title>
38d626f8bee1a2163f221f0c274c289a66bc08d2KATOH Yasufumi      <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    If the container is configured with a root filesystem and the
38d626f8bee1a2163f221f0c274c289a66bc08d2KATOH Yasufumi    inittab file is setup to launch a getty on the ttys. This
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    option will specify the number of ttys to be available for the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    container. The number of getty in the inittab file of the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    container and the number of tty specified in this
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    configuration file should be equal, otherwise the getty will
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    die and respawn indefinitly giving annoying messages on the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    console.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi        <option>lxc.tty</option>
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          Specify the number of tty to make available to the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          container.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <title>Mount points</title>
dc421f3aac1f0e516c763dd156629a8ed2a7b4caKATOH Yasufumi      <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    The mount points section specifies the different places to be
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    mounted. These mount points will be private to the container
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    and won't be visible by the processes running outside of the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    container. This is useful to mount /etc, /var or /home for
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    examples.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <option>lxc.mount</option>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </term>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          specify a file location in
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          the <filename>fstab</filename> format, containing the
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi          mount informations.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi        </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </listitem>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </varlistentry>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    </refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <refsect2>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <title>Root file system</title>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    The root file system is the location where the container will
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    chroot.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      </para>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi      <variablelist>
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    <varlistentry>
      <term>
        <option>lxc.rootfs</option>
      </term>
      <listitem>
        <para>
          specify a file location containing the new file tree for
          a root file system.
        </para>
      </listitem>
    </varlistentry>
      </variablelist>
    </refsect2>

    <refsect2>
      <title>Control group</title>
      <para>
    The control group section contains the configuration for the
    different subsystem. <command>lxc</command> does not check the
    correctness of the subsystem name. This has the inconvenient
    to have the error being detected at runtime, but the advantage
    to support any future subsystem.
      </para>
      <variablelist>
    <varlistentry>
      <term>
        <option>lxc.cgroup.[subsystem name]</option>
      </term>
      <listitem>
        <para>
          specify the control group value to be set. This field is
          the identifier to tell the following keyword is the
          literal name of the control group subsystem,
          eg. <option>lxc.cgroup.cpuset.cpus</option>
        </para>
      </listitem>
    </varlistentry>
      </variablelist>
    </refsect2>

  </refsect1>

  <refsect1>
    <title>Examples</title>
    <refsect2>
      <title>Network</title>
      <para>This configuration sets up a container to use a veth pair
    device with one side plugged to a bridge br0 (which has been
    configured before on the system by the administrator). The
    virtual network device visible in the container is renamed to
    eth0.</para>

      <variablelist>

    <varlistentry>
      <term>lxc.utsname = myhostname</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.network.type = veth</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.network.flags = up</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.network.link = br0</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.network.name = eth0</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.network.hwaddr = 4a:49:43:49:79:bf</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.network.ipv4 = 1.2.3.5/24</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3597</term>
      <listitem><para></para></listitem>
    </varlistentry>

      </variablelist>

    </refsect2>

    <refsect2>
      <title>Control group</title>
      <para>This configuration will setup several control groups for
      the application, cpuset.cpus restricts usage of the defined cpu,
      cpus.share prioritize the control group, devices.allow makes
      usable the specified devices.</para>

      <variablelist>
    <varlistentry>
      <term>lxc.cgroup.cpuset.cpus = 0,1</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.cgroup.cpu.shares = 1234</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.cgroup.devices.deny = a</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.cgroup.devices.allow = c 1:3 rw</term>
      <listitem><para></para></listitem>
    </varlistentry>

    <varlistentry>
      <term>lxc.cgroup.devices.allow = b 8:0 rw</term>
      <listitem><para></para></listitem>
    </varlistentry>
      </variablelist>

    </refsect2>

    <refsect2>
      <title>Complex configuration</title>
      <para>This example show a complex configuration making a complex
      network stack, using the control groups, setting a new hostname,
      mounting some locations and a changing the root file
      system.</para>

      <variablelist>
    <varlistentry>
      <term>lxc.utsname = complex</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.type = veth</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.flags = up</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.link = br0</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.hwaddr = 4a:49:43:49:79:bf</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv4 = 1.2.3.5/24</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3597</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv6 = 2003:db8:1:0:214:5432:feab:3588</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.type = macvlan</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.flags = up</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.link = eth0</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.hwaddr = 4a:49:43:49:79:bd</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv4 = 1.2.3.4/24</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv4 = 192.168.10.125/24</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3596</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.type = phys</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.flags = up</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.link = dummy0</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.hwaddr = 4a:49:43:49:79:ff</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv4 = 1.2.3.6/24</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.network.ipv6 = 2003:db8:1:0:214:1234:fe0b:3297</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.cgroup.cpuset.cpus = 0,1</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.cgroup.cpu.shares = 1234</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.cgroup.devices.deny = a</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.cgroup.devices.allow = c 1:3 rw</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.cgroup.devices.allow = b 8:0 rw</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.mount = /etc/fstab.complex</term>
      <listitem><para></para></listitem>
    </varlistentry>
    <varlistentry>
      <term>lxc.rootfs = /mnt/rootfs.complex</term>
      <listitem><para></para></listitem>
    </varlistentry>
      </variablelist>
    </refsect2>

  </refsect1>

  <refsect1>
    <title>See Also</title>
    <simpara>
      <citerefentry>
    <refentrytitle><command>lxc-create</command></refentrytitle>
    <manvolnum>1</manvolnum>
      </citerefentry>,

      <citerefentry>
    <refentrytitle><command>lxc-execute</command></refentrytitle>
    <manvolnum>1</manvolnum>
      </citerefentry>,

      <citerefentry>
    <refentrytitle><command>chroot</command></refentrytitle>
    <manvolnum>1</manvolnum>
      </citerefentry>,

      <citerefentry>
    <refentrytitle><command>pivot_root</command></refentrytitle>
    <manvolnum>8</manvolnum>
      </citerefentry>,

      <citerefentry>
    <refentrytitle><filename>fstab</filename></refentrytitle>
    <manvolnum>5</manvolnum>
      </citerefentry>

    </simpara>
  </refsect1>

  <refsect1>
    <title>Author</title>
    <para>Daniel Lezcano <email>daniel.lezcano@free.fr</email></para>
  </refsect1>

</refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:2
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:nil
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
-->