[mirror_lxcfs.git] / README.md

# lxcfs

## Introduction
LXCFS is a small FUSE filesystem written with the intention of making Linux
containers feel more like a virtual machine. It started as a side-project of
`LXC` but is useable by any runtime.

LXCFS will take care that the information provided by crucial files in `procfs`
such as:

```
/proc/cpuinfo
/proc/diskstats
/proc/meminfo
/proc/stat
/proc/swaps
/proc/uptime
/sys/devices/system/cpu/online
```

are container aware such that the values displayed (e.g. in `/proc/uptime`)
really reflect how long the container is running and not how long the host is
running.

Prior to the implementation of cgroup namespaces by Serge Hallyn `LXCFS` also
provided a container aware `cgroupfs` tree. It took care that the container
only had access to cgroups underneath it's own cgroups and thus provided
additional safety. For systems without support for cgroup namespaces `LXCFS`
will still provide this feature.

## Usage
The recommended command to run lxcfs is:

    sudo mkdir -p /var/lib/lxcfs
    sudo lxcfs /var/lib/lxcfs

A container runtime wishing to use `LXCFS` should then bind mount the
approriate files into the correct places on container startup.

### LXC
In order to use lxcfs with systemd-based containers, you can either use
LXC 1.1 in which case it should work automatically, or otherwise, copy
the `lxc.mount.hook` and `lxc.reboot.hook` files (once built) from this tree to
`/usr/share/lxcfs`, make sure it is executable, then add the
following lines to your container configuration:
```
lxc.mount.auto = cgroup:mixed
lxc.autodev = 1
lxc.kmsg = 0
lxc.include = /usr/share/lxc/config/common.conf.d/00-lxcfs.conf
```

## Upgrading LXCFS without breaking running containers
LXCFS is implemented using a simple shared library without any external
dependencies other than `FUSE`. It is completely reloadable without having to
umount it. This ensures that container can be kept running even when the shared
library is upgraded.

To force a reload of the shared library at the next possible instance simply
send `SIGUSR1` to the pid of the running `LXCFS` process. This can be as simple
as doing:

    kill -s USR1 $(pidof lxcfs)

## Using with Docker

```
docker run -it -m 256m --memory-swap 256m \
      -v /var/lib/lxcfs/proc/cpuinfo:/proc/cpuinfo:rw \
      -v /var/lib/lxcfs/proc/diskstats:/proc/diskstats:rw \
      -v /var/lib/lxcfs/proc/meminfo:/proc/meminfo:rw \
      -v /var/lib/lxcfs/proc/stat:/proc/stat:rw \
      -v /var/lib/lxcfs/proc/swaps:/proc/swaps:rw \
      -v /var/lib/lxcfs/proc/uptime:/proc/uptime:rw \
      ubuntu:18.04 /bin/bash
 ```

 In a system with swap enabled, the parameter "-u" can be used to set all values in "meminfo" that refer to the swap to 0.

 sudo lxcfs -u /var/lib/lxcfs
Commit	Line	Data
60f73aff SG	1	# lxcfs
60f73aff SG	2
c397924a	3	## Introduction
12993ccc CB	4	LXCFS is a small FUSE filesystem written with the intention of making Linux
	5	containers feel more like a virtual machine. It started as a side-project of
	6	`LXC` but is useable by any runtime.
758ad80c	7
12993ccc CB	8	LXCFS will take care that the information provided by crucial files in `procfs`
	9	such as:
	10
	11	```
	12	/proc/cpuinfo
	13	/proc/diskstats
	14	/proc/meminfo
	15	/proc/stat
	16	/proc/swaps
	17	/proc/uptime
71f17cd2	18	/sys/devices/system/cpu/online
12993ccc CB	19	```
	20
	21	are container aware such that the values displayed (e.g. in `/proc/uptime`)
	22	really reflect how long the container is running and not how long the host is
	23	running.
	24
	25	Prior to the implementation of cgroup namespaces by Serge Hallyn `LXCFS` also
	26	provided a container aware `cgroupfs` tree. It took care that the container
	27	only had access to cgroups underneath it's own cgroups and thus provided
	28	additional safety. For systems without support for cgroup namespaces `LXCFS`
	29	will still provide this feature.
955ce662	30
c397924a	31	## Usage
758ad80c SH	32	The recommended command to run lxcfs is:
758ad80c SH	33
c397924a	34	sudo mkdir -p /var/lib/lxcfs
40dd7f1b	35	sudo lxcfs /var/lib/lxcfs
7456f3b5	36
12993ccc CB	37	A container runtime wishing to use `LXCFS` should then bind mount the
	38	approriate files into the correct places on container startup.
	39
	40	### LXC
7456f3b5 SG	41	In order to use lxcfs with systemd-based containers, you can either use
7456f3b5 SG	42	LXC 1.1 in which case it should work automatically, or otherwise, copy
77647bf9 EG	43	the `lxc.mount.hook` and `lxc.reboot.hook` files (once built) from this tree to
	44	`/usr/share/lxcfs`, make sure it is executable, then add the
	45	following lines to your container configuration:
5b1e45dd	46	```
77647bf9	47	lxc.mount.auto = cgroup:mixed
1a188fcb	48	lxc.autodev = 1
ef65395d	49	lxc.kmsg = 0
77647bf9	50	lxc.include = /usr/share/lxc/config/common.conf.d/00-lxcfs.conf
5b1e45dd	51	```
12993ccc CB	52
	53	## Upgrading LXCFS without breaking running containers
	54	LXCFS is implemented using a simple shared library without any external
	55	dependencies other than `FUSE`. It is completely reloadable without having to
	56	umount it. This ensures that container can be kept running even when the shared
	57	library is upgraded.
	58
	59	To force a reload of the shared library at the next possible instance simply
	60	send `SIGUSR1` to the pid of the running `LXCFS` process. This can be as simple
	61	as doing:
	62
	63	kill -s USR1 $(pidof lxcfs)
7e60aa1b	64
	65	## Using with Docker
	66
	67	```
	68	docker run -it -m 256m --memory-swap 256m \
	69	-v /var/lib/lxcfs/proc/cpuinfo:/proc/cpuinfo:rw \
	70	-v /var/lib/lxcfs/proc/diskstats:/proc/diskstats:rw \
	71	-v /var/lib/lxcfs/proc/meminfo:/proc/meminfo:rw \
	72	-v /var/lib/lxcfs/proc/stat:/proc/stat:rw \
	73	-v /var/lib/lxcfs/proc/swaps:/proc/swaps:rw \
	74	-v /var/lib/lxcfs/proc/uptime:/proc/uptime:rw \
	75	ubuntu:18.04 /bin/bash
	76	```
	77
	78	In a system with swap enabled, the parameter "-u" can be used to set all values in "meminfo" that refer to the swap to 0.
	79
	80	sudo lxcfs -u /var/lib/lxcfs