Virtualisation / LXC on NetModule Wireless Routers

Netmodule Routers offer virtualisation through lxc containers which offer a great way of implementing your own custom services. The following page will give you an overview about lxc containers, their concept as well as example use cases and ready to use containers.

Possibilities

  • Server functionalities / replacing PCs
  • Dedicted services (ex: running a webserver)
  • More functions than SDK
  • Personal freedom on a specific product
  • No worries about connectivity

Limits

  • No Microsoft Windows
  • Kernel is predefined on the host (no additional kernel modules)
  • Flash/Space
  • No High-End CPU power
  • Only ARM based software
  • Not suitable Use-Cases: Live Video Encoding, Bitcoin Mining

Internals

LXC containers allow you to run multiple isolated Linux systems or applications on a single host. They differ from traditional virtual machines because there is no hypervisor nor full OS required meaning that the containers all use the same kernel from the host system each running in their own isolated environment (done through cgroups and namespaces). Therefore they offer an environment as close as possible to a full VM but without the overhead that comes with running a separate kernel and simulating all the hardware.

Devices

Depending on the extension modules you do have in your router, there is the possibility of passing the device into the container. This way you can make the hardware available for the system running in your container. Common use cases are CAN or Bluetooth modules. The devices that are available to map into the container are automatically shown on the webgui. Here is an exmample with bluetooth available.

Serial-Interface

Serial-Interfaces can be also used inside of the lxc Container please check the page serial-interface for details.

Networking

To establish network connectivity from a container to the outside world you have two main options. Please be aware that the amount of available interfaces depends on your router model.

Generally you can either create a routed interface, where you set your own IP settings that will connect the router (through a virtual interface, virt0) to the guest interface of your cotnainer. The other option is that you bridge the containers interface to an existing one on the router.

If you are using a routed interface please be sure you networking file is setting the ethernet interface into manual mode and not dhcp:

Example on an alpine guest:

Default in alpine template from linuxcontainers:

USER
/ $ cat /etc/network/interfaces auto eth0 iface eth0 inet dhcp hostname $(hostname) / $

Need to be switched to

USER
/ $ cat /etc/network/interfaces auto eth0 iface eth0 inet manual hostname $(hostname) / $

Container Templates

Always up-to-date generic containers can be found on the official jenkins of linuxcontainers.org. Once you select the Linux OS of your flavor, be sure that you download your container for the armhf architecture to ensure it will be compatible with the router.

This is a great way to have a fresh start for your own container or to try a newer version of a specific OS. Please be aware that those contain just a basic container OS that can then be customized to ones needs.

The following list contains some generic OS based Containers, that are available through our ftp server:

  • Ubuntu Bionic Beaver 18.04 LTS (armhf) / md5sum: f91b9f6ff431fdc01194bc100fde296f / Download
  • Debian Stretch (armhf) / md5sum: 6b716a50df69404dfe54f61021374008 / Download
  • Debian Jessie (armhf) / md5sum: b3907135c41721a70cfbd72cc2873cda / Download
  • Alpine Linux 3.8 (armhf) / md5sum: 80bfd7775c48757d37124c844b88d5e9 / Download

Example Containers

Here are some ready to use containers and descriptions about the setup:

virt_logo_bluetooth.jpg

  • Download - md5sum: b3907135c41721a70cfbd72cc2873cda

  • Download - md5sum: efbf0e0f0bc6b3d4e1c2a55127b762e0

  • Download - md5sum: 7d520cbf4ac55a7484e80deebfc67a26

  • Download - md5sum: df26b99fb333f5baf53d6239bb0d2530

  • Download - md5sum: 35658e3cb6de96efe9e42379a5eaa976

nc-setup.jpg

  • Download - md5sum: 5bb1a90637ae5f1c46a0d994c8785a38

virt_logo_traefik.jpg

  • Download - md5sum: 63ba17029d2db8f62f981874eb4fe3b8
*  [[virtualisation:pihole_lxc_container|pi-hole]]

Integrating Software into a Container

The link below describes hello-world examples in different languages and how they could be setup within a container. Normally you need to install the required environment (interpreter & libraries) first to be able to write & compile code.

Integrating Software

Lifecycle

The topics below show a brief introduction on ideas about provisioning, installing and maintaining containers. Please be aware that the containers are supposed to run on our routers and therefore provisioning and maintenance is a task that you have to think of and adapt to your environment. However there are a lot of different approaches that you can use from complex build-chains to simplified shell-scripts.

Provisioning

If you do run a large amount of different containers provisioning currently needs to be done by you. Since this is currently not supported on our devices as they provide the runtime environment. There are a lot of options like Ansible, Puppet, Chef or others that could help you setup your containers. In a smaller environment you could just use a shell script, that your run after unpacking you base-image to provision your container and then deploy the packed archive. Put your packed and compressed archive on a WebServer or FTP of yours and use the automated installation on the router to extract your archive to the system.

Installing

Setting up a container can either be done automatically via the WebGui or manually via Shell. The link below shows you how to get your image onto a router.

How to setup a container

Maintaining Containers

Maintaining containers could be done over shell scripts, excecuted via ssh remotly on the routers for small updates or even manually per container. When your fleet and amount of containers grow in size you might think of a plan to regularily release tested and provisioned containers that you could then download over the web from a central side to your routers (via automated install option).