Some quick notes about installing LXD on gentoo

diff --git a/content/lxd_as_docker_replacment.rst b/content/lxd_as_docker_replacment.rst
new file mode 100644 (file)
index 0000000..38e8fc9
--- /dev/null
+++ b/content/lxd_as_docker_replacment.rst
@@ -0,0 +1,56 @@
+LXD is a suitable Docker alternative
+====================================
+
+:date: 2019-05-29 11:34 
+:category: System Administration
+:tags: lxd, docker, container, virtualisation 
+:authors: Maximilian Friedersdorff
+:summary: LXD is a suitable alternative to Docker on Gentoo
+:status: draft
+
+LXD is a good solution for OS level virtualisation (containers) on Gentoo. 
+The package is up to date and the wiki article sufficiently detailed.
+
+Installation (on Gentoo)
+------------------------
+
+Installation proceeded fine using the usual methods.  The kernel configuration
+for this package is rather critical.  Recent versions of the linux kernel (5.2?)
+have replaced the `NF_NAT_MASQUERADE_IPV4` and `NF_NAT_MASQUERADE_IPV6` kernel
+options with a version agnostic `NF_NAT_MASQUERADE` option. LXD may complain 
+about this when it installs.  Additionally, it requires full ipv6 support for 
+iptables, even when the ipv6 useflag is disabled, this took me a while to 
+realise.
+
+Graphical applications in containers with xpra
+----------------------------------------------
+
+Graphical applications can be run in the container using ssh forwarding. An
+arguably better solution is using xpra; it allows reattaching to the running
+sessions after a loss of the network.  I currently run spotify in the container
+using `xpra start ssh/cerium --start-child spotify`, which uses ssh as the
+transport and authentication mechanism.  Both the host and the container need
+to have xpra installed.
+
+The Snappy package manager appears not to work
+----------------------------------------------
+
+When installing spotify using the snappy package manager on an ubuntu container,
+it complains about not being allowed to mount a squashfs container:
+
+.. code-block:: bash
+
+    $ lxc exec cerium -- snap install spotify
+    error: system does not fully support snapd: cannot mount squashfs image using "squashfs":
+           mount: /tmp/sanity-mountpoint-808218672: mount failed: Operation not permitted.
+
+I'm sure the workaround for this is relatively straightforward once I've 
+figured it out what it is.  In the mean time, installing spotify from the debian
+package was the easier solution.
+
+Networking
+----------
+
+I've resolved to creating a network bridge managed by the OS rather than LXD 
+itself.  The host machine already sits behind a NAT and the automagical
+networking that LXD was doing was causing some hard to diagnose issues.