Run Linux Containers with LXC/LXD on Rocky Linux 8|AlmaLinux 8

Posted on 259 views

Welcome to this guide on how to run Linux containers with LXC/LXD on Rocky Linux 8|AlmaLinux 8. But before we dive into the crux of this matter, we will discuss and get to know what LXC/LXD is.

What is LXC/LXD?

The term LXD is an acronym for Linux Container Daemon. This is an open-source tool that provides a set of tools, templates, libraries as well as language bindings used to manage Linux containers. LXC stands for Linux containers, this virtualizes applications at the operating system level. LXD just like Docker was created as an extension of the LXC. This makes it easy to manage the LXD container using the LXC pre-defined set of commands. LXD has an amazing interface that offers amazing features such as image controls and snapshots. Both LXD and LXC are developed by Canonical

Features of LXC

LXC offers the following features:

  • Chroots (using pivot_root)
  • Seccomp policies
  • CGroups (control groups)
  • Kernel capabilities
  • Apparmor and SELinux profiles
  • Kernel namespaces (ipc, uts, mount, pid, network and user)

Features of LXD

LXD offers a lot of features that include:

  • Secure by design through unpriviliged containers, resource restrictions e.t.c
  • It is scalable.
  • It is simple with a clear API and crisp command line
  • Support for Cross-host container and image transfer
  • It has an advanced resource control tool for the cpu, memory, disk usage e.t.c
  • Storage management with support for multiple storage backends, storage pools and storage volumes
  • Network management that includes bridge creation and configuration, cross-host tunnels e.t.c

Install and Use LXC/LXD on Rocky Linux 8|AlmaLinux 8

This guide aims to provide you with the required knowledge to run Linux Containers with LXC/LXD on Rocky Linux 8|AlmaLinux 8.

Step 1 – Prepare your Rocky Linux 8|AlmaLinux 8 system

We will ensure that the available packages are updated to their latest available versions as below:

sudo dnf update

Install the required packages for the installation.

sudo dnf -y install vim curl

Set SELinux inpermissive mode as below.

sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

Step 2 – Add the EPEL repository on Rocky Linux 8|AlmaLinux 8

We need to add the EPEL repository to our system to be able to install the required packages on Rocky Linux 8|AlmaLinux 8.

Add the EPEL repository as below.

sudo yum -y install
sudo dnf makecache

Step 3 – Install Snap on Rocky Linux 8|AlmaLinux 8

Since LXD is available on Snap, we need to install and enable the snapd service on our system.

Install snap on Rocky Linux 8|AlmaLinux 8 using the command:

sudo dnf -y install snapd

Start and enable snap.

sudo systemctl enable --now snapd.socket

Enable classic snap support by creating the below symbolic link.

sudo ln -s /var/lib/snapd/snap /snap

Step 4 – Configure the Rocky Linux 8|AlmaLinux 8 Kernel

There are some Kernel configurations required by LXD. These configurations are made to the Kernel using the below commands:

Begin by switching to the root user.

sudo su -

Using Grubby, make the below configurations.

grubby --args="user_namespace.enable=1" --update-kernel="$(grubby --default-kernel)"
grubby --args="namespace.unpriv_enable=1" --update-kernel="$(grubby --default-kernel)"
echo "user.max_user_namespaces=3883" | sudo tee -a /etc/sysctl.d/99-userns.conf

To apply the above Kernel configurations, we need to reboot the system.

sudo reboot -i

Step 5 – Install LXC/LXD on Rocky Linux 8|AlmaLinux 8

We will install LXD as a snap package on our system using the below command:

sudo snap install lxd

Sample Output:

Setup snap "snapd" (14295) security profiles                                   /

2021-12-28T07:59:55-05:00 INFO Waiting for automatic snapd restart...
lxd 4.21 from Canonical✓ installed

In order to be able to run the LXD commands without using sudo, we need to add the system user to the LXD group. This is achieved by running the command:

sudo usermod -aG lxd $USER
newgrp lxd

Step 6 – Configure LXD on Rocky Linux 8|AlmaLinux 8

We will now configure the LXD environment by making the settings as illustrated below.

First, initialize LXD:

lxd init

Now proceed to the storage pool configuration. Here you can choose between LVM and the default brtfs.

Would you like to use LXD clustering? (yes/no) [default=no]: 
Do you want to configure a new storage pool? (yes/no) [default=yes]: 
Name of the new storage pool [default=default]: 
Name of the storage backend to use (btrfs, dir, lvm, ceph) [default=btrfs]: lvm

Set the disk space and proceed with more configurations.

Create a new LVM pool? (yes/no) [default=yes]: 
Would you like to use an existing empty block device (e.g. a disk or partition)? (yes/no) [default=no]: 
Size in GB of the new loop device (1GB minimum) [default=7GB]: 5GB
Would you like to connect to a MAAS server? (yes/no) [default=no]: 
Would you like to create a new local network bridge? (yes/no) [default=yes]: 
What should the new bridge be called? [default=lxdbr0]: 
What IPv4 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: 
What IPv6 address should be used? (CIDR subnet notation, “auto” or “none”) [default=auto]: 
Would you like the LXD server to be available over the network? (yes/no) [default=no]: 
Would you like stale cached images to be updated automatically? (yes/no) [default=yes] 
Would you like a YAML "lxd init" preseed to be printed? (yes/no) [default=no]:

Now allow the lxdbr0 network bridge through the firewall.

sudo firewall-cmd --add-interface=lxdbr0 --zone=trusted --permanent
sudo firewall-cmd --reload

Step 7 – Create and Manage Linux Containers with LXC/LXD

Once the above configuration has been done, we are set to launch and manage Linux containers using the lxc command.

1. Create a Linux Container

To create a container, the below syntax is used.

lxc launch images:[distro]/[version]/[architecture] [your-container-name]

In the command, replace:

  • distro with the Linux distribution to run, i.e CentOS, RedHat
  • version with the Version of the distribution.
  • Architecture with the CPU architecture i.e amd4, i386, ppc64el e.t.c
  • your-container-name the desired name for the container to be created.

For example, to create an Ubuntu 20.04(focal) amd64 container, I will issue the command:

$ lxc launch images:ubuntu/20.04/amd64 Ubuntu20
Creating Ubuntu20
Starting Ubuntu20 

2. List available Containers

It is possible to run multiple containers, once created, you can list them using the command:

$ lxc list

Sample Output:


3. Stop, Start and Delete LXC containers

Once the containers have been created, you can manage them by starting, stopping, and deleting them when there is a need to.

These actions can be achieved using the commands:

lxc start container-name
lxc stop container-name
lxc restart container-name
lxc delete container-name

For example, the created Ubuntu20 container can be stopped as below.

lxc stop Ubuntu20

Now view the status of the container.


4. View Container information

The information of a container can be viewed as below:

lxc info container-name

For example, the information about the Ubuntu20 container can ve viewed as below.

$ lxc info Ubuntu20
Name: Ubuntu20
Type: container
Architecture: x86_64
PID: 10756
Created: 2021/12/28 08:08 EST
Last Used: 2021/12/28 08:13 EST

  Processes: 14
  Disk usage:
    root: 538.77MiB
  CPU usage:
    CPU usage (in seconds): 0
  Memory usage:
    Memory (current): 101.87MiB
    Memory (peak): 104.12MiB
  Network usage:
      Type: loopback
      State: UP
      MTU: 65536
      Bytes received: 0B
      Bytes sent: 0B
      Packets received: 0
      Packets sent: 0
      IP addresses:
        inet: (local)
        inet6: ::1/128 (local)
      Type: broadcast

5. Execute ad hoc commands in containers

Similar to docker, you can also execute the commands inside the LXD container. The syntax used is as below.

lxc exec container-name <command>

For example, to install Apache on our Ubuntu20 container, we will execute:

lxc exec Ubuntu20 -- apt -y install apache2

6. Access Container bash

To execute commands, you can also access the container’s bash as below.

lxc exec Ubuntu20 -- /bin/bash

Once in the shell, you can execute desired commands.


Step 8 – Use LXD GUI to manage LXC containers

For those who are not comfortable with the command line, you can as well use the LXD GUI to manage LXC containers.

Install lxdmosaic from Snap as below.

$ sudo snap install lxdmosaic
lxdmosaic 0+git.2124524 from Daniel Hope (turtle0x1) installed

Assign and allow the required ports through the firewall.

sudo snap set lxdmosaic ports.http=81 ports.https=444
sudo firewall-cmd --zone=public --add-port=81/tcp --permanent
sudo firewall-cmd --zone=public --add-port=444/tcp --permanent
sudo firewall-cmd --reload

Configure the LXD GUI by setting a preferred password to access the web page.

lxc config set core.https_address [::]
lxc config set core.trust_password your-password

In the above command, replace your-password with your preferred password.

Restart snap on your system.

sudo systemctl restart snapd

Step 9 – Access the LXD Web UI

Use the URL https://IP_address:444 to access the LXD Web UI on Chrome or any other powerful browser. Fill in the required details.


Enter the LXD server IP address and password set above. Also, create an admin user for LXD Mosaic. Once all the details are filled in, launch LXD Mosaic as below.


Now login using the created admin user credentials.


That is it! You will now have the LXD GUI to manage the containers



That marks the end of this amazing guide. I hope are now in a position to create and manage Linux Containers with LXC/LXD on Rocky Linux 8|AlmaLinux 8.

Gravatar Image
A systems engineer with excellent skills in systems administration, cloud computing, systems deployment, virtualization, containers, and a certified ethical hacker.