Difference between revisions of "LXD From Scratch"
Jump to navigation
Jump to search
| (One intermediate revision by the same user not shown) | |||
| Line 10: | Line 10: | ||
sudo lxc storage create default zfs source=/dev/sdb | sudo lxc storage create default zfs source=/dev/sdb | ||
| + | # sudo lxc storage create default dir | ||
cat default-profile.yaml | sudo lxc profile edit default | cat default-profile.yaml | sudo lxc profile edit default | ||
sudo lxc launch ubuntu:20.04 host1 | sudo lxc launch ubuntu:20.04 host1 | ||
| Line 25: | Line 26: | ||
curl -k --resolve host1.example.com:443:10.x.x.x https://host1.example.com | curl -k --resolve host1.example.com:443:10.x.x.x https://host1.example.com | ||
| + | ``` | ||
| + | |||
| + | default-profile.yml | ||
| + | ``` | ||
| + | config: {} | ||
| + | description: Default LXD profile | ||
| + | devices: | ||
| + | eth0: | ||
| + | nictype: bridged | ||
| + | parent: lxdbr0 | ||
| + | type: nic | ||
| + | root: | ||
| + | path: / | ||
| + | pool: default | ||
| + | type: disk | ||
| + | name: default | ||
``` | ``` | ||
Latest revision as of 16:32, 18 August 2020
# sudo lxc network create lxdbr0 sudo lxc network set lxdbr0 ipv4.nat false sudo lxc network set lxdbr0 ipv6.nat false sudo lxc network set lxdbr0 ipv6.firewall false sudo lxc network set lxdbr0 ipv4.firewall false sudo apt install nftables sudo lxc storage create default zfs source=/dev/sdb # sudo lxc storage create default dir cat default-profile.yaml | sudo lxc profile edit default sudo lxc launch ubuntu:20.04 host1 sudo lxc network show lxdbr0 sudo lxc profile show default sudo lxc storage show default # Other tools sudo apt install zfsutils-linux sudo zfs list sudo apt install bridge-utils sudo brctl show curl -k --resolve host1.example.com:443:10.x.x.x https://host1.example.com
default-profile.yml
config: {}
description: Default LXD profile
devices:
eth0:
nictype: bridged
parent: lxdbr0
type: nic
root:
path: /
pool: default
type: disk
name: default
/etc/nftables
#!/usr/sbin/nft -f
flush ruleset
define wan_int = bond0
define lxd_net_lxdbr0 = 10.y.x.0/24
define nat_ip = 10.x.x.x
define adc_ip = 10.y.x.x
table inet filter {
chain input {
type filter hook input priority 0; policy accept;
}
chain forward {
type filter hook forward priority 0; policy accept;
}
chain output {
type filter hook output priority 0; policy accept;
}
}
table ip router {
chain prerouting {
type nat hook prerouting priority 0; policy accept;
iifname $wan_int ip daddr $nat_ip tcp dport 443 dnat to $adc_ip:443
iifname $wan_int ip daddr $nat_ip tcp dport 80 dnat to $adc_ip:80
}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
oifname $wan_int ip saddr $lxd_net_lxdbr0 snat to $nat_ip
}
}
/etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
bonds:
bond0:
dhcp4: true
interfaces:
- ens160
parameters:
mode: balance-rr
ethernets:
ens160: {}
version: 2