I have been experimenting with LXC/LXD on Ubuntu 14.04 and it's all working great. I just need to figure out how to get shared directories working between my host machine and a container so I can ditch Virtualbox once and for all.
I have seen this page: https://wiki.gentoo.org/wiki/LXD
Which provides instructions, but I just keep getting errors.
Does anyone know of any simple, clear instructions to get this working? Any help much appreciated.
The instructions on https://wiki.gentoo.org/wiki/LXD that you mention are correct but may need a bit more explanation.
On the host you first check the ownership of the directory in which the container data is stored. Run
and check the owner of the container you would like to share the directory with. In my case the
uidandgidboth were 100000.Next, use these to change the ownership of the directory you want to share:
Share the directory with the container in the way you indicated in your comment:
Now, in the container, you will see that the directory
/tmp/share_on_guest(I wouldn't advise to mount your directory as/tmpbecause that is used by the system for other stuff and has special permissions) is owned by root. From here on you can usechownin the container to change the ownership to the appropriateuidandgidfor your user in the container.As a side note, after changing the ownership in the container to e.g. a user with
uid33 you will see on the host that theuidthere is now 100033, which makes total sense.Here is an updated answer to this question.
Mount the host folder
/var/wwwas/var/testin the container.You can assign additional devices to the container, and these can be host-accessible folders.
Note that
<device>is just an arbitrary name that you assign, which will be used as an ID for subsequent device management.For example, to mount the host folder "./host" as "/mnt/host" in the container...
There remains one problem -- if you want this folder to be writable by both the host and the container, the ownership and permissions need to be configured accordingly. This is complicated by the default mode of LXD which virtualizes the numeric ranges for user and group
idvalues. There is an easy solution, however: bypass this virtualization by configuring the container to run with host-equivalent privileges...The full host-security implications of this approach are unclear to me at this time, but would seem to be somewhat "contained" by the virtualization. The practical risk depends on how and why you will be using the container. See technical notes at https://insights.ubuntu.com/2017/06/15/custom-user-mappings-in-lxd-containers
Further note that this approach probably works best if you normally operate in the container as a non-root user, such as if you attach with...
Based on the excellent answer of ph0t0nix, I propose the following step-by-step approach for my Ubuntu 18.04 server:
In host determine UID of owner of rootfs:
In container determine UID of ubuntu (i.e. user in container):
Create shared folder in host and add it to container:
Adjust in host UID of shared folder (UID = UID host + UID guest):
Guest (user ubuntu) has now access to shared folder and can adjust within container access to shared folder using
chmod.I now have a working, safe solution to this issue, using LXD profiles to handle the mapping between UID and GID in the container and on the host.
A very useful gist may be found here:
https://gist.github.com/bloodearnest/ebf044476e70c4baee59c5000a10f4c8