LXC/LXD Cheetsheet

Launch a new container of a particular release of an image

lxc launch [repository:][image][/release] [name]
lxcuser@lxcuser:~$ lxc launch ubuntu:16.04 ubuntu
Creating ubuntu
Starting ubuntu

List all images

lxc image list [remote:]
lxcserver@lxcuser:~$ lxc image list +-----------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+|   ALIAS   | FINGERPRINT  | PUBLIC |                 DESCRIPTION                 |  ARCH  |   SIZE   |         UPLOAD DATE         |+-----------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+| alpinetest     | 2db6c5231090 | no     | Alpine 3.5 amd64 (20180111_17:50)           | x86_64 | 1.70MB   | Jan 11, 2018 at 8:31pm (UTC) |t+-----------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+| alpine | 5e5de5c34749 | no     | Alpine 3.5 amd64 (20180112_17:50)           | x86_64 | 1.70MB   | Jan 12, 2018 at 8:36pm (UTC) |+-----------+--------------+--------+---------------------------------------------+--------+----------+------------------------------+|           | 725b9d539a4a | no     | ubuntu 16.04 LTS amd64 (release) (20180112) | x86_64 | 156.09MB | Jan 13, 2018 at 6:07pm (UTC) |

Create a container but do not start it

lxc init [repository:][imagename]

lxcserver@lxcuser:~$ lxc init
Generating a client certificate. This may take a minute...
Do you want to configure a new storage pool (yes/no) [default=yes]? yes
Name of the storage backend to use (dir or zfs) [default=dir]:\ Would you like LXD to be available over the network (yes/no) [default=no]? yes
Address to bind LXD to (not including port) [default=all]: Port to bind LXD to [default=8443]: 
Trust password for new clients:
Again: 
Do you want to configure the LXD bridge (yes/no) [default=yes]? 
# A network configuration screen will appear at this point. 
Warning: Stopping lxd.service, but it can still be activated by:  lxd.socket
LXD has been successfully configured.

List all containers (running and stopped)

lxc info [remote:]
lxcserver@lxcuser:~$ lxc info 
api_extensions: 
  - id_map
  - id_map_base
  - resource_limits
api_status: stable
api_version: "1.0"
auth: trusted
auth_methods: []
config: 
  core.https_address: "[::]:8443"
  core.trust_password: true
environment: 
  addresses: 
    - "172.31.114.110:8443"
    - "10.7.119.1:8443"
    - "[fd3:3b2f:660c:df1a::1]:8443"
  architectures: 
    - x86_64
    - i686
  certificate: |
      -----BEGIN CERTIFICATE-----
       removed
       -----END CERTIFICATE-----
  certificate_fingerprint: removed
 driver: lxc
  driver_version: "2.0.8"
  kernel: Linux
  kernel_architecture: x86_64
  kernel_version: 4.4.0-1048-aws
  server: lxd
  server_pid: 2123
  server_version: "2.0.11"
  storage: dir
  storage_version: ""
public: false

Get detailed information about a particular container

lxc info [remote:][name]
lxcserver@lxcuser:~$ lxc info ubuntu
Name: ubuntu
Remote: unix://
Architecture: x86_64
Created: 2018/01/11 20:33 UTC
Status: Running
Type: persistent
Profiles: default
Pid: 13970
Ips:  
  eth0: inet    10.191.207.251  vethY9R9CN  
  eth0: inet6   fd85:4265:5a21:1307:216:3eff:fe13:3c4e  vethY9R9CN 
  lo:   inet    127.0.0.1  lo:   inet6   ::1
Resources:
  Processes: 11
  Memory usage:    Memory (current): 1.70MB
  Memory (peak): 2.06MB
Network usage:
    lo:
      Bytes received: 0B
      Bytes sent: 0B
      Packets received: 0
      Packets sent: 0
   eth0:
      Bytes received: 3.10kB
      Bytes sent: 1.46kB
      Packets received: 28
      Packets sent: 12
Snapshots:  initialconfig (taken at 2018/01/11 20:51 UTC)(stateless)

Start a stopped container

lxc start [remote:][name]
lxcserver@lxcuser:~$ lxc start ubuntu

Stop a container

lxc stop [remote:][name]
lxcserver@lxcuser:~$ lxc stop ubuntu

Restart a container

lxc restart [remote:][name]
lxcserver@lxcuser:~$ lxc restart web

Suspend a container so its processes do not consume CPU resources

lxc pause [remote:][name]
lxcserver@lxcuser:~$ lxc pause ubuntu
lxcserver@lxcuser:~$ lxc list +-------+--------+---------------------+----------------------------------------------+------------+-----------+| NAME  | STATE  |        IPV4         |                     IPV6                     |    TYPE    | SNAPSHOTS |+-------+--------+---------------------+----------------------------------------------+------------+-----------+| ubuntu | FROZEN | 10.7.119.236 (eth0) | fd3:3b2f:660c:df1a:216:3eff:fee5:c125 (eth0) | PERSISTENT | 0         |+-------+--------+---------------------+----------------------------------------------+------------+-----------+

Remove a stopped container

lxc delete [remote:][name]
note: stop container before running this command
lxcserver@lxcuser:~$ lxc stop ubuntu

Remove a running container

lxc delete --force [remote:][name]
lxcserver@lxcuser:~$ lxc stop ubuntu  --force

Live edit a specific containers configuration

lxc config edit [remote:][name] 
lxcserver@lxcuser:~$ lxc config edit ubuntu

List the available container “flavors”

lxc profile list [remote:]
lxcserver@lxcuser:~$ lxc profile list
default
docker

List details of a particular profile

lxc profile show [remote:][profilename]
lxcserver@lxcuser:~$ lxc profile show docker
config: 
  linux.kernel_modules: "overlay, nf_nat"
  security.nesting: "true"
description: "Profile supporting docker in containers"
devices: 
  aadisable: 
    path: /sys/module/apparmor/parameters/enabled
    source: /dev/null
    type: disk
name: docker
used_by: []

Change the details in a profile

lxc profile edit [remote:][profilename]
lxcserver@lxcuser:~$ lxc profile edit docker

Change a single key/value pair on the configuration of a specific container

lxc config set [remote:][containername] [key] [value]

Show detailed configuration information about a particular container

lxc config show [remote:][name]
lxcserver@lxcuser:~$ lxc config show ubuntu
architecture: x86_64
config: 
  volatile.base_image: 67486ad6cc93bf0b51517bc1e8da58275cf9d0336bef326a5fcd12b988928785
  volatile.eth0.hwaddr: "00:16:3e:7b:a2:51"
  volatile.idmap.base: "0"
  volatile.idmap.next: "[{\"Isuid\":true,\"Isgid\":false,\"Hostid\":100000,\"Nsid\":0,\"Maprange\":65536},{\"Isuid\":false,\"Isgid\":true,\"Hostid\":100000,\"Nsid\":0,\"Maprange\":65536}]"
  volatile.last_state.idmap: "[{\"Isuid\":true,\"Isgid\":false,\"Hostid\":100000,\"Nsid\":0,\"Maprange\":65536},{\"Isuid\":false,\"Isgid\":true,\"Hostid\":100000,\"Nsid\":0,\"Maprange\":65536}]"
  volatile.last_state.power: STOPPED
description: ""
devices: 
  root: 
    path: /
    type: disk
ephemeral: false
profiles: 
  - default
stateful: false
description: ""

Run a command in a container

lxc exec [remote:][name] -- [command]
lxcserver@lxcuser:~$ lxc exec ubuntu -- ls -lath
total 20K
drwx------  2 root root 4.0K Jan 13 18:10 .ssh
drwx------  3 root root 4.0K Jan 13 18:10 .
drwxr-xr-x 22 root root 4.0K Jan 12 14:32 ..
-rw-r--r--  1 root root 3.1K Oct 22  2015 .bashrc
-rw-r--r--  1 root root  148 Aug 17  2015 .profile

Run bash (assuming it’s installed) interactively in a container

lxc exec [remote:][name] -- /bin/bash
lxcserver@lxcuser:~$ lxc exec ubuntu -- /bin/bash
root@ubuntu:~#

Download a copy from a container to a specific destination

lxc file pull [remote:][container]/[path] [destination]
lxcserver@lxcuser:~$ lxc file pull web1/tmp/example2

Upload a file into a container

lxc file push [filename] [remote][container]/[path]
lxcserver@lxcuser:~$ lxc file push examplefile1  ubuntu/tmp/examplefile1

Download a file from a container, open it in your default text editor, and upload it back upon save

lxc file edit [remote:][container]/[path]
lxcserver@lxcuser:~$ lxc file edit ubuntu/tmp/examplefile1

Create a snapshot of a container with a specified name

lxc snapshot [remote:][container] [name]
lxcserver@lxcuser:~$ lxc snapshot ubuntu 2.0

Restore a container from a previous snapshot

lxc snapshot restore [remote:][destination container] [snapshot name]
lxcserver@lxcuser:~$ lxc snapshot restore ubuntu 2.0

Create a new container from an existing container’s snapshot

lxc copy [remote:][source container]/[snapshot name] [remote:][new container name]
lxcserver@lxcuser:~$ lxc copy ubuntu/2.0 ubuntu_2

Delete an existing snapshot

lxc delete [remote:][container]/[snapshot]
lxcserver@lxcuser:~$ lxc delete ubuntu/2.0

List all remotes

lxc remote list 
lxcserver@lxcuser:~$ lxc remote list+-----------------+------------------------------------------+---------------+--------+--------+|      NAME       |                   URL                    |   PROTOCOL    | PUBLIC | STATIC |+-----------------+------------------------------------------+---------------+--------+--------+| images          | https://images.linuxcontainers.org       | simplestreams | YES    | NO     |+-----------------+------------------------------------------+---------------+--------+--------+| local (default) | unix://                                  | lxd           | NO     | YES    |+-----------------+------------------------------------------+---------------+--------+--------+| ubuntu          | https://cloud-images.ubuntu.com/releases | simplestreams | YES    | YES    |+-----------------+------------------------------------------+---------------+--------+--------+| ubuntu-daily    | https://cloud-images.ubuntu.com/daily    | simplestreams | YES    | YES    |