[Plugin] LXC Plugin

[ich777]

1 hour ago, wy586 said:

I need CentOS 7 to use certain applications.

Can you please upload your Diagnostics?

[wy586]

20 minutes ago, ich777 said:

Can you please upload your Diagnostics?

Thank you for your prompt response. I have already uploaded it.

tower-diagnostics-20240608-1902.zip

[ich777]

22 minutes ago, wy586 said:

Thank you for your prompt response. I have already uploaded it.

Hmmm, I also now just tried it and it is a bit more complicated that I thought.

On my machine Centos7 also doesn't start properly and it fails starting, sure you can connect to the terminal but the container is not started properly and that's the main issue.

I already found a few similar issues but I have to take a deeper look into why it's failing to start.

 

For now please run Centos7 in a VM if possible, I will definitely look into that but you have to give me a few days.

 

EDIT: Oh I found the answer:

Quote

You cannot boot centos7 on a cgroup2 system.

Source: https://discuss.linuxcontainers.org/t/debian-11-do-not-start-lxc-containers/12581/3 (this is from one of the main developers from LXC)

 

Since Unraid is a cgroup2 system you can't run it, however you barely wont be able to run it on another system because almost everything nowadays is using cgroup2

 

Sure you could switch Unraid to cgroup v1 but then the newer containers won't work and you also have to rebuild all your Docker containers because switching cgroups would require that because cgroup2 is not backward compatible.

Maybe you could run a Centos7 based Docker container and run these "older" services that you are trying to run in there?

 

Sorry for not having better news for you.

[wy586]

14 hours ago, ich777 said:

Hmmm, I also now just tried it and it is a bit more complicated that I thought.

On my machine Centos7 also doesn't start properly and it fails starting, sure you can connect to the terminal but the container is not started properly and that's the main issue.

I already found a few similar issues but I have to take a deeper look into why it's failing to start.

 

For now please run Centos7 in a VM if possible, I will definitely look into that but you have to give me a few days.

 

EDIT: Oh I found the answer:

Source: https://discuss.linuxcontainers.org/t/debian-11-do-not-start-lxc-containers/12581/3 (this is from one of the main developers from LXC)

 

Since Unraid is a cgroup2 system you can't run it, however you barely wont be able to run it on another system because almost everything nowadays is using cgroup2

 

Sure you could switch Unraid to cgroup v1 but then the newer containers won't work and you also have to rebuild all your Docker containers because switching cgroups would require that because cgroup2 is not backward compatible.

Maybe you could run a Centos7 based Docker container and run these "older" services that you are trying to run in there?

 

Sorry for not having better news for you.

Thank you very much for your response. Thank you for your work on The LXC plugin, The LXC plugin is excellent.

[stefan44]

Hi there,

I have a problem with docker inside LXC containers - all extractions are very slow and it takes about 30 minutes to run docker container for the first time when it installs all dependencies.  I didnt have this problem on regular VM using the same disk for system.

Edited June 9 by stefan44

[ich777]

47 minutes ago, stefan44 said:

I have a problem with docker inside LXC containers - all extractions are very slow and it takes about 30 minutes to run docker container for the first time when it installs all dependencies.

Can you please share a bit more details?

What container are you using, what disk are you using, what Backing Storage type are you using. What path are you using?

 

Please also post your Diagnostics.

 

Just as a side note, I updated all my Docker container images a few days ago and I build them inside a LXC container (about 15GB of Docker images) this took around ~1,5 hours, which seems totally fine to me because I have around 160 Docker containers to update, you also have to include the installation from all the necessary packages inside the container images and upload to DockerHub and GHCR.

[stefan44]

Ok, I double checked and my problem was caused by using the wrong path in the LXC settings (/mnt/user/...). 
I changed that and everything works fine. Thanks for your help.

Edited June 10 by stefan44

[BillDStrong]

On 5/24/2024 at 3:10 PM, ich777 said:

I don't know anything about Turnkey, can you explain that a bit in detail, is this a Distribution or something that gets installed or is Turnkey installed in a container?

Turnkey is a set of custom Linux Distributions that are set up for specific usecases. Each use case gets its own installer, such a a Wordpress server, or JS dev stack or MySQL server or a LAMP stack.

 

Turnkey has both baremetal and LXC instances, and Proxmox includes the LXC instances for use in their system. Proxmox uses their own custom branded LCX and do the work to make them work there.

 

https://www.turnkeylinux.org/

 

They are siimilar but orthogonal to the Bitnami style APP/USECASE focused setups.

[ich777]

17 minutes ago, BillDStrong said:

Turnkey has both baremetal and LXC instances, and Proxmox includes the LXC instances for use in their system. Proxmox uses their own custom branded LCX and do the work to make them work there.

Thanks for the explanation.

 

This is something that I plan to release, basically pre-made container archives witch certain applications installed that can be downloaded directly through the CA App.

 

I already have a few proof of concept containers, the most complete one is here.

 

BTW, this container can already be installed:

1. Open a Unraid terminal and execute:

   wget -O /tmp/lxc_container_template.xml https://github.com/ich777/unraid_lxc_pihole/raw/main/lxc_container_template.xml

2. Open a browser and go to http://<YOUERSERVERIP>/LXCAddTemplate
3. Install it

[BillDStrong]

8 hours ago, ich777 said:

Thanks for the explanation.

 

This is something that I plan to release, basically pre-made container archives witch certain applications installed that can be downloaded directly through the CA App.

 

I already have a few proof of concept containers, the most complete one is here.

 

BTW, this container can already be installed:

1. Open a Unraid terminal and execute:

   wget -O /tmp/lxc_container_template.xml https://github.com/ich777/unraid_lxc_pihole/raw/main/lxc_container_template.xml

2. Open a browser and go to http://<YOUERSERVERIP>/LXCAddTemplate
3. Install it

I am going to try out your pihole container now. This is a very cool feature, if it means we will be able to do the same ourselves.

 

I will say Turn key has more than 100+ applications they have been finetuning for more than a decade, and have other niceties such as backup to S3 and other features built in. Adding them is an easy win for you not having to support all those apps.

 

Turnkey is based on Debian Stable, and they provide support for their installs.

 

The apps they provide are less for home use like pihole is, and more for business and work related things. Wordpress setups, CRM, Storefronts etc.

 

They are great to practice on as a dev environment before pushing them to a live server. I think they would be orthogonal to what you are doing.

 

Anyway, thanks for looking.

[SolidFyre]

Is it possible to have the lxc path set to something else than the cache or the array?

I am trying to put it on a separate nvme that I use for all my docker containers and it doesn't accept the path.

 

/mnt/disks/Samsung_SSD_970_EVO_Plus_1TB_S4EWNF0M532569N/lxc

 

[ich777]

4 hours ago, SolidFyre said:

 

Is it possible to have the lxc path set to something else than the cache or the array?

 

Sure, look at the example, you are missing the trailing /

[bmartino1]

do you have a recommend path for updating containers to next gen containers of same distro?

Ubuntu as example

if I edit the source file and distro upgrade, it will upgrade off the old version and install the next gen packages.
 

[ich777]

5 hours ago, bmartino1 said:

do you have a recommend path for updating containers to next gen containers of same distro?

Do it as usual like if it's installed on a physical machine, nothing would stop you from doing a distribution upgrade.

 

5 hours ago, bmartino1 said:

Ubuntu as example

If you execute something like from within the container should do the job just fine (please note that this is specific to Ubuntu) :

apt update
apt install -y ubuntu-release-upgrader-core
apt full-upgrade -y
do-release-upgrade

(here the release upgrader is also installed because it is not installed IIRC)

 

5 hours ago, bmartino1 said:

if I edit the source file and distro upgrade, it will upgrade off the old version and install the next gen packages.

No, LXC is basically a VM but with shared resources/Kernel and you have to upgrade it manually. It does nothing on it's own because it acts like a VM.

[mournful-hive3872]

Good evening. Today I made some changes to my server which required moving a couple of DebianVNC LXC containers I created quite awhile ago. I moved them and updated the configs and saw they started but I did not check if they got any further before completing an unrecoverable change to the disk they previously lived. No big deal, I thought, they are handling something simple and easy to setup, I'll just create new containers. Unfortunately, it looks like the DebianVNC option is no longer available. If the feature is no longer a simple button, does anyone happen to have a copy+paste of the commands to install the necessary packages before I try to figure it out on my own?

[ich777]

1 hour ago, mournful-hive3872 said:

If the feature is no longer a simple button, does anyone happen to have a copy+paste of the commands to install the necessary packages before I try to figure it out on my own?

Please give me a bit and I will present a solution that is easy to install.

[ich777]

@mournful-hive3872 please make sure to update the plugin before doing the following because I pushed a bugfix to the plugin:

1. Open up a Unraid terminal and execute this command:

   wget -O /tmp/lxc_container_template.xml https://raw.githubusercontent.com/ich777/unraid_lxc_debian_novnc/master/lxc_container_template.xml

2. In your Browser navigate to: http://YOURSERVERIP/LXCAddTemplate
3. Click "Apply"
4. Wait for the Done button to appear (this can take a bit depending on your Internet connection)

After that you have a fully Debian Bookworm container as before, you even can click the container icon and select WebUI which will take you to the WebUI from the container:

 

Hope that helps.

[mournful-hive3872]

2 hours ago, ich777 said:

 

Hope that helps.

Thank you so much, I'm back up and running! You are an invaluable member of this community, sir, and I hope you know how much you are appreciated!

[Flyinace2000]

Hey All,

 

I'm running the Unify controller following the instructions here: 

 

 

During the update command I get the following error.  

 

 

root@UniFiController:/# sudo apt-get update && sudo apt-get install unifi -y
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [129 kB]
Hit:2 http://archive.ubuntu.com/ubuntu jammy InRelease                                                                          
Ign:4 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 InRelease                                                      
Hit:5 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release
Get:6 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [128 kB]
Get:7 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release.gpg [801 B]
Ign:7 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release.gpg                  
Get:3 https://dl.ui.com/unifi/debian stable InRelease [2,292 B]              
Get:8 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [1,791 kB]
Get:9 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1,100 kB]
Reading package lists... Done                         
W: https://repo.mongodb.org/apt/ubuntu/dists/bionic/mongodb-org/3.6/Release.gpg: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: GPG error: https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release: The following signatures were invalid: EXPKEYSIG 58712A2291FA4AD5 MongoDB 3.6 Release Signing Key <packaging@mongodb.com>
E: Repository 'https://dl.ui.com/unifi/debian stable InRelease' changed its 'Codename' value from 'unifi-8.1' to 'unifi-8.2'
N: This must be accepted explicitly before updates for this repository can be applied. See apt-secure(8) manpage for details.
root@UniFiController:/# 

 

[Flyinace2000]

never mind, I can't read.  There was a note at the bottom that walks you through updating.

 

thanks all.

[bmartino1]

7 hours ago, Flyinace2000 said:

Hey All,

 

I'm running the Unify controller following the instructions here: 

 

 

During the update command I get the following error.  

 

 

root@UniFiController:/# sudo apt-get update && sudo apt-get install unifi -y
Get:1 http://security.ubuntu.com/ubuntu jammy-security InRelease [129 kB]
Hit:2 http://archive.ubuntu.com/ubuntu jammy InRelease                                                                          
Ign:4 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 InRelease                                                      
Hit:5 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release
Get:6 http://archive.ubuntu.com/ubuntu jammy-updates InRelease [128 kB]
Get:7 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release.gpg [801 B]
Ign:7 https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release.gpg                  
Get:3 https://dl.ui.com/unifi/debian stable InRelease [2,292 B]              
Get:8 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [1,791 kB]
Get:9 http://archive.ubuntu.com/ubuntu jammy-updates/universe amd64 Packages [1,100 kB]
Reading package lists... Done                         
W: https://repo.mongodb.org/apt/ubuntu/dists/bionic/mongodb-org/3.6/Release.gpg: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
W: GPG error: https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 Release: The following signatures were invalid: EXPKEYSIG 58712A2291FA4AD5 MongoDB 3.6 Release Signing Key <packaging@mongodb.com>
E: Repository 'https://dl.ui.com/unifi/debian stable InRelease' changed its 'Codename' value from 'unifi-8.1' to 'unifi-8.2'
N: This must be accepted explicitly before updates for this repository can be applied. See apt-secure(8) manpage for details.
root@UniFiController:/# 

 

review:
 

You have to fix your source list. and grab the gpg key and sign/secure it.

https://help.ui.com/hc/en-us/articles/220066768-Updating-and-Installing-Self-Hosted-UniFi-Network-Servers-Linux

 

This was my end script to maintain and use mongo db 4.4:
https://repo.mongodb.org/apt/ubuntu

#older 3.6
#deb [trusted=yes] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/3.6 multiverse

deb [trusted=yes arch=amd64 signed-by=/etc/apt/trusted.gpg] https://repo.mongodb.org/apt/ubuntu/ bionic/mongodb-org/4.4 multiverse 

#Depricated key?
deb [trusted=yes arch=amd64 signed-by=/etc/apt/trusted.gpg] https://repo.mongodb.org/apt/ubuntu/ jammy/mongodb-org/4.4 multiverse

Sometime to get unifi to update:
apt-get update --allow-releaseinfo-change

 

Edited July 7 by bmartino1

[ich777]

4 hours ago, bmartino1 said:

You have to fix your source list. and grab the gpg key and sign/secure it.

Hey! Thanks for creating the tutorial.

Are you interested in a premade container archive which users easily can deploy?

[bmartino1]

10 hours ago, ich777 said:

Hey! Thanks for creating the tutorial.

Are you interested in a premade container archive which users easily can deploy?

 

I would love too! But I don't know the first thing about how to create and deploying a LXC.

Earlier is why I asked about proxmox / this plugin on how i could add my own template.

I would love to learn and add something similar.

[bmartino1]

In theory, I would need to add a lxc container conf and a way to add secondary Container URL to the lxc templates:

Not sure if you can add 3rd party or not.
 

I'm not sure how the archive system would work. I have no problem making a default snapshot of a premade image.

Not sure how that would work and be implemented:

I'm not sure if the plugin has the LXC/LXD commands:

 

Turn your container into an image and export it.

lxc stop NAME

lxc publish NAME --alias backup

lxc image export backup .

lxc image delete backup

[ich777]

1 hour ago, bmartino1 said:

I'm not sure if the plugin has the LXC/LXD commands:

No because LXD is now in the hands of Canonical and I am not planning to include Incus.

 

1 hour ago, bmartino1 said:

Turn your container into an image and export it.

It's actually way easier, at least I think.

The LXC plugin for Unraid already supports templates, take for example this repository:

https://github.com/ich777/unraid_lxc_pihole

 

You just do the following directly on your server:

1. Open up a terminal and issue this command:

   wget -O /tmp/lxc_container_template.xml https://github.com/ich777/unraid_lxc_pihole/raw/main/lxc_container_template.xml

2. After that go to: http://<YOURSERVERIP>/LXCAddTemplate
3. Change whatever you need to change and click Apply
4. Wait for the Done button to appear

 

If you want to create such a template just clone the repository to your Unraid server, look into the build directory, do the necessary changes for your application (create scripts/files and startup routines), open up "createLXCarchive.sh" in the main directory, change the variables here (except for line 9 and 11) to fit your needs and finally execute the script.

 

What it does in the background is it executes each script in the build directory starting with a number in a temporary LXC container and produces a highly compressed LXC container for you to put in the releases tab here.

 

It maybe sounds a bit complicated but it is really not, you can for example search my GitHub for example containers (the linked above is the first documented one).

 

For more information please feel free to send me a DM.