How to run Ubuntu KVM host in an unprivileged LXC container

Monday, October 26th, 2015

I like things containerized. It makes migration simple and painless. I also like my containers unprivileged. This of course brings some inconveniences while making huge strides ahead in terms of security. This is one of the reasons for having my KVM hosts containerized. The other is the fact that sometimes getting KVM on LXC host itself is cumbersome. Others have done significant work at bringing ease of VM operation to Linux, and I like to build on top of that work. This guide is for using Ubuntu KVM host inside unprivileged LXC container.

Migrate/convert existing full CentOS 6 server to LXC container

Sunday, October 11th, 2015

“Containerization is a great thing!” Ok, great. So, what now? How do I containerize my servers?

Converting whole servers that served more than single purpose goes against main reason for containerization: using dedicated containers for each service and thus eliminating package (and other) dependency conflicts. But sometimes your whole servers (or VMs) need to be containerized for various reasons: they were already used for single purpose, or services on them are enough unimportant and consume very little resources and thus moving HW (or VM) server to container just makes sense from resource conservation’s point of view.

Recently I was tasked with containerizing CentOS 6 host. Below follow steps I did to make it work.