1. Home
  2. Training Library
  3. Containers
  4. Courses
  5. Getting started with Docker

Docker's foundations: LXC


What is Docker?
Docker's foundations: LXC

It's hardly an exaggeration to say that there hasn't been an innovation in app development and deployment over the past year or two that's been bigger than Docker. The open source platform for building, shipping, and running distributed applications in isolated virtual containers has literally changed the very fabric of the cloud. Thanks to Docker, software developers can reliably create and deploy applications with all their dependencies in Docker images that can be made available to anybody, and launched in seconds.

This introductory course, crafted by the expert Linux System Administrator David Clinton, will teach you everything you need to know to get started with Docker: What is the LXC software that it's built upon? How is it different from traditional virtualization technologies? How you can install and run it on your machine? By the end of this course, you'll have all the basic tools you'll need to run simple Docker applications.

Who should take this course

Being an introductory course, no previous knowledge of the software is needed. Nevertheless, you will definitely need at least some experience with the Linux Command Line Interface. Also, some familiarity with the Linux file system, kernel and networking basics might came in handy for some lectures.

Do you have questions on this course? Contact our cloud experts in our community forum.


Hi, and welcome to CloudAcademy.com's Video Series on Docker the development oriented virtualization service. In this video, we're going to explore LXC (Linux Container), which is the parent platform on which Docker is built. We're going to look at the LXC system in its native environment Ubuntu.

How to work with Linux Containers

First of all, just about all operations in the LXC environment require root permissions. Therefore, it's simply more convenient to become root. Let's take a look at the LXC environment. Lxc-ls, which is list --fancy. Now I don't know why we need the second dash or the word fancy for that matter. It is a bit tedious after a while typing it over and over again but that's the way they did it. This will list all of the LXC containers that currently exist on this system. I have two, one's called my place. It's currently stopped. The other is called older. Each of these is a full instance of, in this case, Ubuntu running as virtual machines or at least existing if not running as virtual machines on my computer.

They take up very, very little extra system resources. In fact, I recently gaged it that having two running takes up less than a tenth of a gigabyte of RAM. That is two fully functional virtual machines take up something like 100 megabytes of RAM, which in these days is virtually nothing.

Create and access a new Linux Container

Let's create an LXC, "lxc-create -t" or the template in which case we're going to choose Unbuntu -n for the name. And we'll call it new name. So the installation is complete. Obviously, we skipped some of the process for the purpose of this video but different systems will allow this to complete more quickly than others. Either way though the LXC system does all the work behind the scenes. Let's just now confirm that it's actually there by again running "lxc-ls" to list our instances.

There's a new instance, new name and it's currently stopped. We don't need this so we'll destroy it. Just "lxc-destroy -n" for the name, new name and make sure before we click "Enter" that this is actually the one we want to destroy. This is the brand new one, new name.

And one more time, "lxc-ls -fancy" new name is gone. If we want to start my place you would type "lxc-start -n" for name, "my-place" to identify the container you' like to get started and then "-d" for detach. Because if you start My Place without detach, it'll be impossible to cleanly break away from the instance without actually bringing it down. So "-d" will start it. We'll go again to list our running instances and my place is now running. It's been given a DHCP IP address at 10.03.239 and for all intents and purposes we can go inside and take a look. So "lxc-console -m my-place".

However, there is at least one other way to go in through SSH. You would SSH to the IP address 10.03.239 but first Ubuntu at 10.03.239 because the default user of a, at least a Ubuntu LXC is Ubuntu and the default password is Ubuntu. Obviously, you're going to want to change both of those pretty quickly. In the meantime though, let's "lxc-console" into my place We'll login as Ubuntu and my very secret password I will enter. We're in.

You see there's a full and normal Linux file system available and there are the resources that you're used to using in any other Linux environment or Unix environment are available to you. "Ps" is available.

You can see the memory available to the system and the volumes available to our system. Even though these happen to be virtual. It's a fully functioning environment. Let's leave the environment.

In order to break away from the LXC shell cleanly you hit "ctrl-a" and then "q" and you're back to your original command line prompt.

How a Linux Container is connected to your file system

This really though is only a small part of the usefulness and lightweight nature of LXC. There's a whole other layer of versatility in the file system in the way the file system is arranged. Let's "cd" to /var/lib/lxc, which is where everything really happens. "Ls" to list the contents of this LXC directory. You see a directory called my place and a directory called older. Those are the names of the two LXCs we had running.

Let's "cd" change directories into My place. "Ls" and there are two files and a directory. The first file, config is where the important configuration of this container are to find. So type "ls config" to take a look inside this file. It's a plain text file as most are in in the Unix environment.

And if you notice for instance there is a virtual MAC address assigned to a virtual network interface. That's so this container can connect and network with any other resource anywhere in the internet just as though it was a real machine with real hardware.

Here the file defines where the root fs that is the file system itself is situated on the hypervisor in the mother system. And here the file defines where the special LXC FS tab file, which defines the volumes that are mounted in the system when it loads. It's where this is defined.

You could also use this file to define a static IP address. Let's take a look at the FS tab and this is not the same FS tab that you'd normally find in /etc/fstab but this is a unique FS tab that controls all the volumes mounted in the LXC from the perspective of the hypervisor.

In more recent versions of LXC, actually some of these lines wouldn't exist and not only wouldn't be necessary but in some cases may prevent the LXC from loading properly. So you should be aware that there had been changes and mostly positive changes, in fact almost all positive changes in the LXC environment over the last few months.

Finally and perhaps most significantly, there's the root fs directory. Root fs stands for root file system that is all the files. Everything that you would access while logged into this instance you can get to, even if the instance isn't running. So for instance, if your container crashes and can't boot again, no problem. Just get sudo rights in the hypervisor and "cd" into root fs and you have full access to the whole file system including the home directories, where individual users files are kept but also the configuration directories like ETC.

So if we had to for instance edit the network interfaces file to correct some error in networking you can do that from the hypervisor without the container even running.

About the Author
David Clinton
Linux SysAdmin
Learning Paths

David taught high school for twenty years, worked as a Linux system administrator for five years, and has been writing since he could hold a crayon between his fingers. His childhood bedroom wall has since been repainted.

Having worked directly with all kinds of technology, David derives great pleasure from completing projects that draw on as many tools from his toolkit as possible.

Besides being a Linux system administrator with a strong focus on virtualization and security tools, David writes technical documentation and user guides, and creates technology training videos.

His favorite technology tool is the one that should be just about ready for release tomorrow. Or Thursday.