Re: [lxc-users] Bind public IP that is available on host's ens3:1 to a specific LXD container?

Sat, 20 May 2017 00:55:26 -0700 

Hello Thomas,

I use a nginx-reverse-proxy for accessing the container(s) webspace(s).

If I need to access something (a specific port) of a container from the
outside world, I use iptables to reach it, in your case i.e. to access your
containers ssh-server (on outside-port 22022) you can use:

interface=ens3
ipt_src_port=22022
ipt_src_port=1.2.3.107
ipt_dst_ip_addr=$your_container_ip
ipt_dst_port=22
sudo iptables -i {$interface} -t nat -A PREROUTING -p tcp -m tcp --dport {$ipt_src_port} -j DNAT --to {$ipt_dst_ip_addr}:{$ipt_dst_port} 

Hope that helps anybody too..
PS: I use LXD/LXC to highly separate wordpress-installations from each other. If anybody on the list is also doing nginx-webhosting within containers, I am highly interested on others experiences and contacts, - I am highly satisfied 
how far LXD/LXC has developed so far. If you are working in the same 'field'
you can contact me for exchange.

Greetings from Germany,
Ingo Baab https://baab.de

Am 20.05.2017 um 04:01 schrieb Thomas Ward:

Hello.

I've got a VDS from RamNode - which is essentially a KVM VPS with
dedicated CPUs, and larger RAM capacity.  This VDS has three IPs.  I'm
going to obfuscate them here, but essentially the host box is configured
like this:


# The primary network interface
auto ens3
iface ens3 inet static
     address 1.2.3.107
     netmask 255.255.255.0
     gateway 1.2.3.1
     dns-nameserver 8.8.8.8 8.8.4.4

auto ens3:1
iface ens3:2 inet static
     address 1.2.4.17
     netmask 255.255.255.0
     gateway 1.2.4.1
     dns-nameserver 8.8.8.8 8.8.4.4

auto ens3:2
iface ens3:2 inet static
     address 1.2.4.34
     netmask 255.255.255.0
     gateway 1.2.4.1
     dns-nameserver 8.8.8.8 8.8.4.4


Now, I've got a container I'd like to route the 1.2.4.17 to a specific
container once I've created it, but ens3 is the only actual physical NIC
on the system, and I don't have the ability to add any more physical NICs.

How would I go about routing 1.2.4.17 to the 'new' container I'm going
to create?

Note that by default, new containers are attached to an 'lxdbr0' which
NATs container traffic, this new container would have to reside outside
that obviously, but I'm not fluent in LXC/LXD networking so a guide
and/or how-tos for this would be wonderful to have.


------

Thomas

_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users


_______________________________________________
lxc-users mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-users

Reply via email to