[lxc-users] lxc image copy from behind NAT

Christoph Mathys eraserix at gmail.com
Tue Jun 13 06:33:52 UTC 2017


Thanks for your input!

On Tue, Jun 13, 2017 at 2:35 AM, Fajar A. Nugraha <list at fajar.net> wrote:
> On Mon, Jun 12, 2017 at 10:22 PM, Christoph Mathys <eraserix at gmail.com>
> wrote:
>>
>> In a test setup, I run an VM with lxd in a NATed network. When I try
>> to copy an image to another server (on the other side of the NAT), it
>> cannot do that because the other server tries to connect to the IP of
>> the VM behind the NAT. I tried with portforwarding, but I think I
>> would also need to tell the lxd behind the NAT what its reachable IP
>> is.
>>
>
> The destination lxd will try to connect to the source lxd directly to
> perform the copy.
>
> You can probably try something like this:
> lxc copy local:src_vm remote_name:dst_vm

Unfortunately, this does not work either.

> where "local" is the literal string local. If that doesn't work, try adding
> the local IP as another remote (e.g. "lxc remote add local_instance
> 127.0.0.1") and then retry the copy with "lxc copy local_instance:src_vm
> remote_name:dst_vm".
>
> The idea is to treat both src and dst lxd as remotes, so that traffic will
> go thru lxc process instead of directly between lxd daemons. Last time I
> tested it works.

Routing traffic through lxc-client sounds reasonable. I couldn't get
it to work thou :(.
I tried this:
lxc remote add local_instance <IP|Hostname>
lxc image copy local_instance:imagename <remote>:

I get different errors depending on what I set "local_instance" to
(both do not work):
- When setting to the hostname of the VM:
error: Get https://ch10dd307vm-2:8443/1.0/images/webserver: lookup
ch10dd307vm-2 on 127.0.1.1:53: server misbehaving

- When setting to 127.0.0.1:
error: Get https://127.0.0.1:8443/1.0/images/webserver: x509:
certificate is valid for ch10dd397, not ch10dd307vm-2

ch10dd397 is the remote, and ch10dd307vm-2 is the local VM behind NAT.
For now I resorted to copy the image by export and scp.

Christoph


More information about the lxc-users mailing list