lxc-start

Start the lxc service

$ systemctl start lxc-net

$ sudo lxc-start [container_name]

$ sudo lxc-start [container_name] [[-F|--foreground]]

$ sudo lxc-stop [container_name]

$ lxc-start [[-?|--help]]

lxc-start [OPTIONS] -n name [-- command]

-n, --name <container_name>
    
Specifies the name of the container to start. This is a mandatory option.

-F, --foreground
    
Runs the container in the foreground. If a command is specified after --, this is the default behavior; otherwise, the container's init process runs in the foreground. The command waits for the container's process to exit.

-d, --daemon
    
Runs the container in the background as a daemon. The lxc-start command will return immediately after successfully starting the container.

-f, --config <config_file>
    
Specifies an alternate configuration file for the container. By default, LXC looks for lxc.conf within the container's directory (e.g., /var/lib/lxc/<name>/config).

-o, --rcfile <rc_file>
    
Specifies a path to a file containing lxc-start options. Each non-empty line in the file is interpreted as a command-line argument.

-L, --logfile <logfile_path>
    
Specifies a path to the log file where lxc-start's own logs will be written. By default, logs go to stderr or syslog.

-P, --logpriority <priority>
    
Sets the log priority level for lxc-start's output. Accepted values include TRACE, DEBUG, INFO, NOTICE, WARN, ERROR, and FATAL.

-c, --console <tty_number>
    
Connects to a specific virtual console (TTY) of the container. If not specified, it connects to tty0. This implies foreground operation.

-t, --tty <tty_number>
    
Equivalent to --console. Connects to a specific virtual console of the container.

-s, --setuid <uid>
    
Specifies the UID to drop privileges to after initializing the container, for unprivileged LXC environments.

-g, --setgid <gid>
    
Specifies the GID to drop privileges to after initializing the container, for unprivileged LXC environments.

-W, --wait <timeout>
    
Waits for a specified timeout (in seconds) for the container to reach the RUNNING state. The command returns a non-zero exit code if the timeout is exceeded.

--
    
Separates lxc-start options from the command to be executed inside the container. If a command is specified, it replaces the container's default init process (e.g., /sbin/init) for this specific startup.

-v, --version
    
Displays the program version number and exits.

-h, --help
    
Displays a help message describing the command's options and exits.

lxc-start is a command-line utility used to initiate a previously created and stopped Linux Containers (LXC) instance. It manages the complex process of bringing a container into an active, running state by handling kernel features like cgroup isolation and namespace creation (PID, UTS, IPC, network, mount, user). This command executes the container's configured init process or a specific command provided by the user.

Users can choose to run containers in the foreground, attaching to their console, or detach them to run in the background as a daemon. Successful startup heavily relies on proper container configuration, especially concerning network setup, storage mounts, and resource limits defined in the container's configuration file.

• Root Privileges: lxc-start typically requires root privileges to interact with kernel features like namespaces and cgroups, unless explicitly configured for unprivileged containers.
• Container State: The container must be in a 'STOPPED' state to be started. Attempting to start an already 'RUNNING' container will result in an error. Use lxc-ls to check the state.
• Resource Availability: Ensure the host system has sufficient resources (CPU, memory, disk I/O) to accommodate the container. Resource limits can be defined in the container's configuration.
• Network Configuration: Any network setup defined in the container's configuration file (lxc.conf) must be valid and supported by the host system to ensure proper network connectivity within the container.
• Foreground vs. Daemon: When running in foreground (-F or with -- command), closing the terminal will typically terminate the container's processes. For persistent background operation, the -d (daemon) option is recommended.

lxc-start is a critical step in the container's lifecycle, transitioning it from an inactive (STOPPED) state to an active, isolated environment. After starting, the container's init process (or the specified command after --) takes over, responsible for the container's internal operations and managing its services.

While traditionally requiring root privileges, modern LXC implementations extensively support unprivileged containers. In such setups, lxc-start can be run by a non-root user, relying on user namespace remapping to achieve isolation without elevated privileges, significantly enhancing security.

LXC (Linux Containers) emerged as an early lightweight virtualization technology, leveraging Linux kernel features like namespaces and cgroups that became available in the early 2000s. The lxc-start command is a core component of the LXC user-space tools, developed as part of the broader LXC project, which aimed to provide a user-friendly interface for managing containers. It predates and influenced the development of more modern container runtimes like Docker, demonstrating the fundamental principles of containerization before the rise of comprehensive container platforms. Its design and functionality have evolved with the Linux kernel and user-space tooling to support more robust isolation and resource management, including the advent of unprivileged containers.

lxc-create(1), lxc-stop(1), lxc-destroy(1), lxc-ls(1), lxc-attach(1), lxc-execute(1), lxc(7)