Installation Procedure
At first, you need to install the libvirt-sandbox package:
# yum install -y libvirt-sandbox
Note: Before RHEL 7 was released (RHEL 7 Beta, RHEL 7 RC, etc), there was a libvirt-sandbox package available in the main repository.
It’s not the case anymore and you need to build it manually through http://sandbox.libvirt.org/.
Then, you need to start the libvirtd daemon:
# systemctl start libvirtd
And to enable it at boot:
# systemctl enable libvirtd
Now, create the following bash script called cont:
#!/bin/bash case $1 in create) virt-sandbox-service -c lxc:/// create --copy --unit $3 $2 ;; delete) virt-sandbox-service -c lxc:/// delete $2 ;; start) systemctl start $2_sandbox ;; stop) systemctl stop $2_sandbox ;; list) virsh -c lxc:/// list --all ;; connect) virt-sandbox-service connect $2;; enable) virsh -c lxc:/// autostart $2;; disable) virsh -c lxc:/// autostart --disable $2;; dominfo) virsh -c lxc:/// dominfo $2;; esac
And, make it executable:
# chmod u+x cont
Now, it’s time to test.
Let’s say, we want a httpd server container called apache:
# ./cont create apache httpd Created sandbox container dir /var/lib/libvirt/filesystems/apache Created unit file /etc/systemd/system/apache_sandbox.service Created sandbox config /etc/libvirt-sandbox/services/apache/config/sandbox.cfg
We want to start it:
# ./cont start apache
Is it really started?
# ./cont list Id Name State ---------------------------------------------------- 6818 apache running
Is it possible to get more details?
# ./cont dominfo apache Id: 6818 Name: apache UUID: cc897ced-4b82-4a38-ad4d-55b28023e093 OS Type: exe State: running CPU(s): 1 CPU time: 0.6s Max memory: 524288 KiB Used memory: 6808 KiB Persistent: yes Autostart: disable Managed save: unknown Security model: selinux Security DOI: 0 Security label: system_u:system_r:svirt_lxc_net_t:s0 (enforcing)
We want it to start at boot:
# ./cont enable apache Domain apache marked as autostarted
We want to connect to it:
# ./cont connect apache sh-4.2#
Now, we want to leave it:
sh-4.2# exit
If we don’t need it anymore, we can stop it and destroy it:
# ./cont stop apache # ./cont delete apache
Note1: As it was marked as autostarted, if we didn’t destroy it, it would have been restarted at the next reboot of the host.
Note2: The cont script is only there to avoid typing more complicated commands.
Additional Resources
In addition, you can look at Dan Walsh’s presentation at DevConf.cz 2014 or watch his videos:
Loading...
Upcoming Events (Local Time) 
Loading ...
What repo are you using for the libvirt-sandbox rpm? I’m trying to install but says it doesn’t exist in repo or on the RedHat 7 cd. Any information would be appreciated.
Hi,
Before RHEL 7 was released (RHEL 7 Beta, RHEL 7 RC, etc), there was a libvirt-sandbox package available in the main repository.
It’s not the case anymore and you need to build it manually through http://sandbox.libvirt.org/.
I got things compiling, (RHEL 7.3) and installed but get the following when trying to follow the tutorial:
Traceback (most recent call last):
File “/bin/virt-sandbox-service”, line 25, in
gi.require_version(‘LibvirtSandbox’, ‘1.0’)
File “/usr/lib64/python2.7/site-packages/gi/__init__.py”, line 81, in require_version
raise ValueError(‘Namespace %s not available’ % namespace)
ValueError: Namespace LibvirtSandbox not available
[root@Builder 3.10.0-514.2.2.el7.x86_64]#
I did enable ‘namespaces’ in the boot options, but no idea how to fix it.
This tutorial was written before the RHEL 7.0 release. However, I’m not sure whether it is still working with a newer version (Systemd evolution …).
Should I look at using systemd stuff instead of this?
Yes, I think so.
I see. Is systemd newness as secure?
Systemd is becoming a standard.
Systemd is taking over everything nowadays, just wait until it gets its own kernel and becomes a new OS.
I agree. Systemd could become a new OS.
From what I know RedHat and Centos have moved to docker. It looks like (at a quick search) either there is version conflict or a dependency issue.