<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'><div>Hi All,</div>I have 2 containers created with 2 different config like as shown below and I am running a shell in both containers using the command<div><br><div>sudo lxc-execute -n left -f /home/srinivas/lxcpersonal.conf /bin/</div><div><br><div><div><b>lxcpersonal_right.conf</b></div><div>lxc.utsname = right </div><div>lxc.network.type = veth</div><div>lxc.network.flags = up</div><div>lxc.network.link = lxcbr0</div><div>lxc.network.hwaddr = 4a:59:c4:d4:e5:f6 </div><div>lxc.network.ipv4 = 192.168.0.122/24 </div><div>lxc.network.ipv4.gateway = 192.168.0.1</div><div>lxc.network.name = xeth1</div><div>lxc.tty = 3</div><div>lxc.mount = /home</div><div><br></div><div><b>lxcpersonal.conf </b></div><div><div>lxc.utsname = test</div><div>lxc.network.type = veth</div><div>lxc.network.flags = up</div><div>lxc.network.link = lxcbr0</div><div>lxc.network.hwaddr = 4a:59:c3:d4:e5:f6 </div><div>lxc.network.ipv4 = 192.168.0.123/24 </div><div>lxc.network.ipv4.gateway = 192.168.0.2</div><div>lxc.network.name = xeth0 </div><div>lxc.tty = 2</div><div>lxc.mount = /home/srinivas</div></div><div><br></div><div><div>sudo lxc-execute -n left -f /home/srinivas/lxcpersonal.conf /bin/sh</div></div><div><div>sudo lxc-execute -n right -f /home/srinivas/lxcpersonal_right.conf /bin/sh</div></div><div><br></div><div><br></div><div>I can ping IP address between containers and could some one tell me how to ping outside world from container</div><div>lets </div><div>ping google.com from one container</div><div><br></div><div>Thanks</div><div>Srinivas</div><div><br></div><div><br></div><div><br></div><div><br></div><br><div><hr id="stopSpelling">From: srinuk@outlook.com<br>To: jay@jaytaylor.com; aartipsawant10@gmail.com; lxc-users@lists.sourceforge.net<br>Subject: RE: [Lxc-users] reg iptables usage in containers<br>Date: Wed, 25 Sep 2013 16:06:44 -0700<br><br>
<style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
--></style>
<div dir="ltr">Hi Jay <div>Thank you ,of Great help indeed</div><div>I had one more question </div><div>Can we limit number of processes in a container ?</div><div>How to detect that a processes is trying to get created in a container?</div><div>Thanks</div><div>Srinivas<br><br><div><hr id="ecxstopSpelling">From: jay@jaytaylor.com<br>Date: Wed, 25 Sep 2013 09:24:40 -0700<br>Subject: Re: [Lxc-users] reg iptables usage in containers<br>To: aartipsawant10@gmail.com<br>CC: srinuk@outlook.com; lxc-users@lists.sourceforge.net<br><br><div dir="ltr">Hi <span style="font-family:arial,sans-serif;font-size:13px;">Srini</span>,<div><br></div><div>Learning the iptables rules can be tricky at first, especially when you're new to LXC. I highly recommend finding a way to automate the process.</div>
<div><br></div><div>Here is a real-world example of how iptables can be setup on a per-container basis in LXC:</div><div><br></div><div> <a href="https://github.com/Sendhub/shipbuilder/blob/master/src/scripts.go#L38" target="_blank">https://github.com/Sendhub/shipbuilder/blob/master/src/scripts.go#L38</a></div>
<div><br></div><div>This is a python script which is run to clone and launch a new container and setup the iptables TCP port-forwarding for it.</div><div><br></div><div>Hope this is useful.</div><div><br></div><div>Best regards,</div>
<div>Jay</div></div><div class="ecxgmail_extra"><br><br><div class="ecxgmail_quote">On Tue, Sep 24, 2013 at 2:21 AM, Aarti Sawant <span dir="ltr"><<a href="mailto:aartipsawant10@gmail.com" target="_blank">aartipsawant10@gmail.com</a>></span> wrote:<br>
<blockquote class="ecxgmail_quote" style="border-left:1px #ccc solid;padding-left:1ex;"><div dir="ltr">hello,<div><br></div><div>Bellow link might be useful for setting up iptables per conatiners</div><div>
<a href="http://openvz.org/Setting_up_an_iptables_firewall" target="_blank">http://openvz.org/Setting_up_an_iptables_firewall</a><br>
</div><div><br></div><div>Thanks,</div><div>Aarti Sawant</div><div>NTTDATA OSS Center Pune</div></div><div class="ecxgmail_extra"><br><br><div class="ecxgmail_quote"><div><div class="h5">On Tue, Sep 24, 2013 at 5:37 AM, srinivas k <span dir="ltr"><<a href="mailto:srinuk@outlook.com" target="_blank">srinuk@outlook.com</a>></span> wrote:<br>
</div></div><blockquote class="ecxgmail_quote" style="border-left:1px #ccc solid;padding-left:1ex;"><div><div class="h5">
<div><div dir="ltr">Hi Group.<div><br><div>I am new to lxc and I am trying to create containers for the first time.</div><div><br></div><div>My plan is to create 2 containers using lxc-create and do some networking between 2containers using a br0 as bridge between 2 containers </div>
<div><br></div><div>What is the basic procedure to do the below</div><div><br></div><div>1.How to setup iptables per container </div><div><br></div><div>2.How to filter out incoming traffic traffic per container using iptables with respect to that particular container</div>
<div><br></div><div>Will be thankful for any help or pointers </div><div><br></div><div>Regards</div><div>Srini</div></div> </div></div>
<br></div></div>------------------------------------------------------------------------------<br>
October Webinars: Code for Performance<br>
Free Intel webinars can help you accelerate application performance.<br>
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from<br>
the latest Intel processors and coprocessors. See abstracts and register ><br>
<a href="http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk" target="_blank">http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk</a><br>_______________________________________________<br>
Lxc-users mailing list<br>
<a href="mailto:Lxc-users@lists.sourceforge.net" target="_blank">Lxc-users@lists.sourceforge.net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/lxc-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/lxc-users</a><br>
<br></blockquote></div><br></div>
<br>------------------------------------------------------------------------------<br>
October Webinars: Code for Performance<br>
Free Intel webinars can help you accelerate application performance.<br>
Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from<br>
the latest Intel processors and coprocessors. See abstracts and register ><br>
<a href="http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk" target="_blank">http://pubads.g.doubleclick.net/gampad/clk?id=60133471&iu=/4140/ostg.clktrk</a><br>_______________________________________________<br>
Lxc-users mailing list<br>
<a href="mailto:Lxc-users@lists.sourceforge.net">Lxc-users@lists.sourceforge.net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/lxc-users" target="_blank">https://lists.sourceforge.net/lists/listinfo/lxc-users</a><br>
<br></blockquote></div><br></div></div></div> </div></div></div></div></div> </div></body>
</html>