I want an isolated (guest) Linux environment on my computer that I can mess up without worrying about the host. E.g. install a lot of stuff from source without package management, pollute environment environment variables etc., then spawn another guest environment when the old guest gets too cluttered.
I’ve had some fun using Virtualbox with Tinycore linux, but at least the way I use it, I don’t think the Virtualbox overhead is entirely necessary. For one thing, if possible, I would like to use the same kernel as my host.
Also, as I’ve run through the Linux From Scratch tutorial, I learned a little about chroot, which seemed like it might be what I am looking for. To be honest though, there was a lot I didn’t really understand in LFS, chroot being one of them. I would try playing around with chroot if I wasn’t so afraid it might mess up my current environment.
So I’m looking for a virtualization program that uses the fact that I’m on a linuxbox (I’m using PinguyOS btw), to speed up virtualization, or a reference on how to use chroot as an isolated playground.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
Chroot is the lightest weight environment that could suit you. It allows you to install another distribution (or another installation of the same distribution), with the same users, with the same network configuration, etc. Chroot only provides some crude isolation at the filesystem level. Browsing this site for chroot might help, if you’re still not sure what chroot can and can’t do.
If you’re looking for the next step up, LXC is now included in the kernel mainline. An LXC guest (called a container) has its own filesystem, process and network space. Root in the container is also root on the host; LXC protects against many accidental actions by a guest root but not against a malicious guest root (this is a planned feature, watch this space).
Other technologies that are somewhat similar to LXC are VServer and OpenVZ. An important feature that OpenVZ provides but not VServer or LXC is checkpoints: you can take a snapshot of a running machine and restore it later. Yet another candidate is User-mode Linux, which runs a complete Linux system inside a process that runs as an ordinary user in the host.
For the purposes of experimenting with another OS installation, chroot is fine. If you want to run services in the experimental installation or play with networking, go for LXC. If you want snapshots, use OpenVZ. If you want a completely separate kernel but little memory overhead, user User-mode Linux. If you want snapshots and a separate kernel, use VirtualBox.
Method 2
Docker makes LXC easier to use:
Notable features
Filesystem isolation: each process container runs in
a completely separate root filesystem.Resource isolation: system
resources like cpu and memory can be allocated differently to each
process container, using cgroups.Network isolation: each process
container runs in its own network namespace, with a virtual interface
and IP address of its own.Copy-on-write: root filesystems are created
using copy-on-write, which makes deployment extremely fast,
memory-cheap and disk-cheap.Logging: the standard streams
(stdout/stderr/stdin) of each process container is collected and
logged for real-time or batch retrieval.Change management: changes to a container’s filesystem can be committed into a new image and re-used to create more containers. No templating or manual configuration required.
Interactive shell: docker can allocate a pseudo-tty and
attach to the standard input of any container, for example to run a
throwaway interactive shell.Under the hood
Under the hood, Docker is built on the following components:
- The cgroup and namespacing capabilities of the Linux kernel
- AUFS, a
powerful union filesystem with copy-on-write capabilities- The Go
programming language- lxc, a set of convenience scripts to simplify
the creation of linux containers.
Method 3
Look into OpenVZ or Linux Containers, both of which implement a lightweight pseudo-virtualised environment with unique userlands on a common kernel.
OpenVZ is more mature at this stage.
Method 4
Maybe this can help you: aufs: an advanced multi layered unification filesystem
You have your system in the lower level. On top of it you can mount the aufs filesystem. Modifications (writes) are made on this aufs filesystem only, without changing the ‘real’ filesystem underneath.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0