When I installed Debian 8 (Jessie), I hoped to be able to run Centos 7 containers easily. I would be disappointed. First, I had to find how to tell LXC to install Centos 7 and not Centos 6, which was the default. Then, well, it didn't worked out of the box, mainly because systemd inside systemd is kind of a hack at the moment. And then, I was not able to log inside it.
First things first
To give an argument to a template via lxc-create, you need to add "--" at the end of the lxc-create command. The next dashes are the real arguments. To create a Centos 7 container, you'll end up with the following command :
lxc-create -n smtp -t centos -- --release 7
In the common config of Centos in Debian 8, that you can find at
/usr/share/lxc/config/centos.common.conf, there are some mistakes. You need to add some capabilities, by removing
setpcap from the
lxc.cap.drop list. In the end you should end up with something like :
lxc.cap.drop = mac_admin mac_override lxc.cap.drop = sys_module sys_nice sys_pacct lxc.cap.drop = sys_rawio sys_time
This file is part of the lxc package on Debian, so it may be overridden by an update, you should keep an eye on that. IMO, it should be fixed upstream, maybe I could open a BR, but I'm not sure where.
Then, you will need to add two lines if they are missing in the config file of your container, for example
lxc.autodev = 1 lxc.kmsg = 0
Once your container is started in daemon mode with
lxc-start -n smtp -d, you will want to use it ... but lxc-console won't work, you will have a blank screen, not sure why. Anyway there is a simple workaround:
lxc-attach -n smtp .
You can now enjoy the many things CentOS can do for you. Like FreeIPA to build a "at home" fully functional mail service, with LDAP, Kerberos, Postfix and Dovecot =)
Maybe I'll write about that someday.