For cPanel & WHM version 11.52
cPanel, Inc. supports the use of cPanel & WHM inside of a Linux Container (LXC). An LXC container provides an environment that resembles a standard Linux installation, but does not require a separate kernel. For more information about LXC containers, read the Linux Containers documentation.
Run cPanel & WHM inside a Linux Container
To run cPanel & WHM inside an LXC container, we strongly recommend that you use the following settings:
We strongly recommend that you use Red Hat® Enterprise Linux (RHEL) 7, CloudLinux™ 7, or CentOS 7 as your LXC host. This ensures the best compatibility with cPanel & WHM. While other Linux distributions may work, they require that the system administrator performs additional steps, which we do not support.
We strongly recommend that your LXC containers use CentOS, RHEL, or CloudLinux 6 as the guest. A CentOS, RHEL, or CloudLinux 7 installation requires additional steps to use it as the guest.
Privileged vs unprivileged containers
cPanel & WHM functions in both privileged and unprivileged containers. We strongly recommend that you run cPanel & WHM in a privileged container, because it expects unrestricted access to the system.
The following limitations are inherent to an unprivileged container:
- The host operating system treats the
rootuser as a non-
- You cannot raise the hard limit of a process if you previously lowered it. This action could cause EasyApache 3 to fail.
- Subtle behavior differences may occur.
Required changes for CentOS 7, RHEL 7, or CloudLinux 7
You must make the following configuration changes to run cPanel & WHM inside an LXC container:
After you create the LXC container, change the
lxc.includeline in the
lxc.conffile to the following line:
lxc.conffile to drop
setpcapcapabilities. To do this, comment the following lines:
If your system uses AppArmor, you must uncomment the following line in the
Some system configurations will not run properly with cron inside an LXC container. Individual cron jobs fail to execute even though the cron daemon is active. This issue is a direct result of the incompatibility between the container environment and the
1. To resolve this conflict, disable the
pam_loginuidmodule for cron with the following comment in the
2. Updates to your cron package, such as cronie, may cause the service to reactivate. Inspect this file for changes after each system update.