[lxc-users] Short howto re lxd-container-on-LAN for impatient dummies?
Fajar A. Nugraha
list at fajar.net
Sun Apr 23 21:50:54 UTC 2017
On Mon, Apr 24, 2017 at 4:30 AM, Simos Xenitellis <
simos.lists at googlemail.com> wrote:
> On Sat, Apr 22, 2017 at 6:52 PM, Dan Kegel <dank at kegel.com> wrote:
> > TL;dr:
> >
> > For Ubuntu 16.04 users who have lxd-2.0.9 from xenial-updates,
> > what is the fast path towards simple lxd container-on-the-lan happiness?
> > (Extra credit: allow ssh between the host and the guest, also part of
> > Things Just Working.)
> >
>
> To SSH from the host to the guest, you can run the command
>
> cat ~/.ssh/id_rsa.pub | lxc exec mycontainer -- sudo --login --user
> ubuntu tee /home/ubuntu/.ssh/authorized_keys
>
>
I believe Dan was refering to macvlan, a way for the containers to be in
the same L2 network as host's eth0 without having to create a bridge. IIRC
the downside of this approach, is by default the container can communicate
with all ips on that network EXCEPT for the host (the host also needs a
macvlan interface).
Personally, I think:
- most users will be happy with default NAT setup
- port forwarding is the easy way to allow access to specific container
port from LAN (similar to what docker does):
https://help.ubuntu.com/lts/serverguide/lxc.html#lxc-network
- bridging host's eth0 is the way to go if you need 'real' LAN IP for the
container:
https://help.ubuntu.com/lts/serverguide/network-configuration.html#bridging
- xen had a good idea: automatically create the bridge (xenbr0) and
'magically' move eth0 name from the 'real' physical interface to veth, to
make it easier for 'networking newbies'. I don't like the implementation
though, and prefer to create my own bridge (which is the only way to get
vlan and bonding support).
--
Fajar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20170424/640e27c4/attachment.html>
More information about the lxc-users
mailing list