1/3: Setting Up a Remote Container.
Or: Creating, and Softening, Linux Containers.
Thank you for reading this post.
My name is Brian and I'm a developer from New Zealand. I've been interested in computers since the early 1990s. My first language was QBASIC. (Things have changed since the days of MS-DOS.)
I am the managing director of a one-man startup called Digital Core (NZ) Limited. I have accepted the "12 Startups in 12 Months" challenge so that DigitalCore will have income-generating products by April 2024.
This blog will follow the "12 Startups" project during its design, development, and deployment, cover the Agile principles and the DevOps philosophy that is used by the "12 Startups" project, and delve into the world of AI, machine learning, deep learning, prompt engineering, and large language models.
I hope you enjoyed this post and, if you did, I encourage you to explore some others I've written. And remember: The best technologies bring people together.
Containers are used to "contain" running processes from interfering with each other and the host system. They belong to the Second Wave of Software Emulators, where Virtual Machines were the First Wave and WASM/WASI is the Third Wave. Emulators "pretend" to be operating systems so processes can run in them.
Prerequisites.
A Linux-based distro (I use Ubuntu), and
An LXD installation, if required.
Creating a New Container.
The "container-name" below is a placeholder. This placeholder should be replaced with an actual container name.
- From the
homelabterminal, I create a new container:
lxc launch ubuntu:22.04 container-name
- Then I bash into the container:
lxc exec container-name -- bash
- I update and upgrade the container:
sudo apt clean && \
sudo apt update && \
sudo apt dist-upgrade -y && \
sudo apt --fix-broken install && \
sudo apt autoclean && \
sudo apt autoremove -y
Adding a User Account to the Container.
- From the
homelabterminal (CTRL+ALT+T) connected to the container, I create a new user:
adduser yt
- I add the new user to the 'sudo' group:
usermod -aG sudo yt
usermod let's me (-a)ppend the sudo (-G)roup to the 'yt' account.
- I exit the container:
exit
The next step is to fix the home directory problem.
Fixing the Home Directory Problem.
I can use Nano to add an entry to the .bashrc file.
- From the
homelabterminal, I log in to the container with the 'yt' account:
lxc exec container-name -- su yt
- I open the
.bashrcfile with Nano:
sudo nano ~/.bashrc
- I add the following to the bottom of the file, save the changes, and exit Nano:
cd ~
- I reboot the container:
sudo reboot
The next step is to install OpenSSH within the container.
Installing OpenSSH within the Container.
I can use OpenSSH to block access to this container.
- From the
homelabterminal, I log in to the container with the 'yt' account:
lxc exec container-name -- su yt
- I install OpenSSH:
sudo apt install openssh-server -y
- I can check the status of OpenSSH:
sudo systemctl status sshd
- If needed, I can enable OpenSSH:
sudo systemctl enable --now ssh
The next step is to configure the SSH file in the container.
'Softening' the Container.
In this section, I will 'soften down' the container so it can be accessed with a username and password. This is the reason why I added a user account, and password, in the sections above: To gain access to the container from my workstation terminal.
THIS IS A TEMPORARY CONDITION AND WILL BE FIXED IN THE NEXT LAB.
- From the
homelabterminal (CTRL+ALT+T) that is connected to the container, I open the "sshd_config" file:
sudo nano /etc/ssh/sshd_config
- I edit, and save, the following "sshd_config" setting:
PasswordAuthentication yes
NOTE: I will return to this file in the next post to fix this, and other, settings.
- I restart the SSH system:
sudo systemctl restart ssh.service
- I
sudo rebootthe container:
sudo reboot
- And finally, on the remote
homelabsystem, I display the IP address for the new container:
lxc ls
Now that I have OpenSSH installed, the next step is to set up a remote connection.
And remember: Be safe, be kind, be awesome.
