[lxc-users] preferred way to redirect ports to containers with private IPs?
Tomasz Chmielewski
mangoo at wpkg.org
Wed Apr 5 09:41:54 UTC 2017
Is there any "preferred" way of redirecting ports to containers with
private IPs, from host's public IP(s)?
host 12.13.14.15:53/udp (public IP) -> container 10.1.2.3:53/udp
(private IP)
I can imagine at least a few approaches:
1) in kernel:
- use iptables to map a port from host's public IP to container's
private IP
- use LVS/ipvs/ldirectord to map a port from host's public IP to
container's private IP
2) userspace:
- use a userspace proxy, like haproxy (won't work for all protocols,
some information is lost for the container, i.e. origin IP)
They all however need some manual (or scripted) configuration, will stay
even if the container is stopped/removed (unless some more
configuration/scripting is done etc.).
Does LXD have any built-in mechanism to "redirect ports"? Or, what would
be the preferred way to do it?
Tomasz Chmielewski
https://lxadm.com
More information about the lxc-users
mailing list