lxc-create-new

#!/bin/bash

eth0ipv4="1.2.3.4";
eth0prefix=32;
eth0gateway=`ip a |grep "scope global" | awk '{print$2}'|grep-ip |grep -v "255" |grep -v "^10."`


debian_version=bullseye
name=node01
memory=4G
disk=20G

# optional configuration (defaults used) 
LVM=SPEED
cpus=0-1
br=br0
gpg_keyserver=keyserver.ubuntu.com

####################################################################
[ -d "/var/lib/lxc/${name}" ] && echo "/var/lib/lxc/${name} exists, exiting..." && exit 1

[ "${gpg_keyserver}" == "" ] && gpg_keyserver=keyserver.ubuntu.com
export DOWNLOAD_KEYSERVER=${gpg_keyserver}

lxcstart=`which lxc-start`
[ "${lxcstart}" == "" ] && apt-get update && apt-get -y install lxc 

brctl=`which brctl` 
[ "$brctl" == "" ] && apt-get update && apt-get -y install bridge-utils xfsprogs iproute2 lvm2

#echo 'USE_LXC_BRIDGE="true"' > /etc/default/lxc-net
#systemctl start lxc-net

lvm_vg=`pvs |grep -v 'PFree' |grep -vi 'slow' |awk '{print$2}'`
[ "${LVM}" == "" ] && LVM=${lvm_vg}

cpu_cores=`cat /proc/cpuinfo |grep 'processor' | tail -n +2  |wc -l`
[ "${cpus}" == "" ] && cpus="0-${cpu_cores}"

br_if=`brctl show | grep -v 'bridge name' |awk '{print$1}'`
[ "${br}" == "" ] && br=$br_if

lvcreate -n ${name} -L${disk} ${LVM}
mkfs.xfs /dev/${LVM}/${name}

mkdir -p /var/lib/lxc/${name}
echo "/dev/${LVM}/${name} /var/lib/lxc/${name} xfs auto,nofail,noatime,rw    0   0" >> /etc/fstab
mount /dev/${LVM}/${name}
df -h 

echo "lxc-start --name ${name}" >> /etc/rc.local

lxc-create -n ${name} -t download -- -d debian -r ${debian_version} -a amd64

if [ -z ${eth0ipv4+x} ] 
then
echo "no eth0"
else
if [ "${eth0prefix}" -eq "32" ]
then
#cat >> /etc/network/interfaces <<EOF
#up ip route add ${eth0ipv4}/${eth0prefix} dev ${br}
#EOF

cat >> /etc/rc.local <<EOF
ip route add ${eth0ipv4}/${eth0prefix} dev ${br}
EOF

else
echo "prefix is: ${eth0prefix}";
fi
fi

mkdir -p /backup/lxc/${name}

cat > /var/lib/lxc/${name}/config <<EOF
lxc.start.auto = 1
lxc.uts.name = ${name}
lxc.cgroup.memory.limit_in_bytes = ${memory}
lxc.cgroup.cpuset.cpus = ${cpus}
lxc.rootfs.path = /var/lib/lxc/${name}/rootfs
EOF

if [ "${debian_version}" == "bullseye" ] || [ "${debian_version}" == "bookworm" ]
then
cat >> /var/lib/lxc/${name}/config <<EOF 
lxc.include = /usr/share/lxc/config/common.conf
EOF
else
cat >> /var/lib/lxc/${name}/config <<EOF
lxc.include = /usr/share/lxc/config/debian.common.conf
EOF
fi

cat >> /var/lib/lxc/${name}/config <<EOF
#lxc.mount.fstab = /var/lib/lxc/${name}/fstab
lxc.arch = amd64
lxc.autodev = 1
lxc.apparmor.profile = unconfined
lxc.cgroup.devices.allow = a
lxc.cap.drop=
lxc.mount.auto=proc:rw sys:rw
linux.kernel_modules = ip_tables,ip6_tables,br_netfilter,netlink_diag,nf_nat,overlay
security.privileged = 1
security.nesting = 1

lxc.mount.entry = /backup/lxc/${name} backup none bind,create=dir 0 0

lxc.net.0.type = veth
lxc.net.0.flags = up
lxc.net.0.name = eth0
lxc.net.0.link = ${br}
lxc.net.0.ipv4.address = ${eth0ipv4}/${eth0prefix}
lxc.net.0.ipv4.gateway = ${eth0gateway}
EOF

rm -f /var/lib/lxc/${name}/rootfs/etc/network/interfaces
ip route add ${eth0ipv4}/${eth0prefix} dev ${br}
#copy ssh keys

rsync -avP /root/.ssh /var/lib/lxc/${name}/rootfs/root/
rsync -avP /etc/resolv.conf /var/lib/lxc/${name}/rootfs/etc/

mkdir /var/lib/lxc/${name}/rootfs/etc/docker
cat > /var/lib/lxc/${name}/rootfs/etc/docker/daemon.json <<EOF
{
  "storage-driver": "overlay2"
}
EOF

chroot /var/lib/lxc/${name}/rootfs/ /bin/bash -c "rm -f /etc/resolv.conf; echo 'nameserver 8.8.8.8' > /etc/resolv.conf; apt-get update; apt-get -y install ssh gpg curl vim wget screen git; systemctl disable systemd-networkd systemd-networkd-wait-online systemd-resolved.service; "

echo "DONE:"
df -h |grep ${name}
lxc-ls -f |grep ${name}

echo "check config: /var/lib/lxc/${name}/config"
echo "start server: lxc-start ${name}"