LXD From Scratch
Jump to navigation
Jump to search
# sudo lxc network create lxdbr0 sudo lxc network set lxdbr0 ipv4.nat false sudo lxc network set lxdbr0 ipv6.nat false sudo lxc network set lxdbr0 ipv6.firewall false sudo lxc network set lxdbr0 ipv4.firewall false sudo apt install nftables sudo lxc storage create default zfs source=/dev/sdb cat default-profile.yaml | sudo lxc profile edit default sudo lxc launch ubuntu:20.04 host1 sudo lxc network show lxdbr0 sudo lxc profile show default sudo lxc storage show default # Other tools sudo apt install zfsutils-linux sudo zfs list sudo apt install bridge-utils sudo brctl show curl -k --resolve host1.example.com:443:10.x.x.x https://host1.example.com
/etc/nftables
#!/usr/sbin/nft -f
flush ruleset
define wan_int = bond0
define lxd_net_lxdbr0 = 10.y.x.0/24
define nat_ip = 10.x.x.x
define adc_ip = 10.y.x.x
table inet filter {
chain input {
type filter hook input priority 0; policy accept;
}
chain forward {
type filter hook forward priority 0; policy accept;
}
chain output {
type filter hook output priority 0; policy accept;
}
}
table ip router {
chain prerouting {
type nat hook prerouting priority 0; policy accept;
iifname $wan_int ip daddr $nat_ip tcp dport 443 dnat to $adc_ip:443
iifname $wan_int ip daddr $nat_ip tcp dport 80 dnat to $adc_ip:80
}
chain postrouting {
type nat hook postrouting priority 100; policy accept;
oifname $wan_int ip saddr $lxd_net_lxdbr0 snat to $nat_ip
}
}
/etc/netplan/00-installer-config.yaml
# This is the network config written by 'subiquity'
network:
bonds:
bond0:
dhcp4: true
interfaces:
- ens160
parameters:
mode: balance-rr
ethernets:
ens160: {}
version: 2