The only difference I have is I have defined my own IPv4 subnet range (10.0.2.1/24) for lxc containers during the lxd init (page bottom of Candid authentication for LXD | Ubuntu)
My problem is to configure the network on the server VM to route the candid container on that VM through its IP (doing http://10.0.0.1:8081 on the client VM to access to the container located into the LXD subnet).
Is there a way to do this directly when configuring lxd init or I have to configure this myself with something like IP forwarding or NAT on the host VM ?
NB. This howto seems to not allow LXD to be available over the network and in my case I don’t want to use same network IPs for VM and containers
If you don’t want to connect your container directly to the external network (e.g. via an unmanaged bridge or a macvlan NIC connected to the external interface) then you can instead use the proxy device on the specific container to listen on an IP/port(s) of the LXD host and forward inbound connections into the container.
It can operate in NAT mode, which allows the source IP address to be maintained, but this requires that your container’s NIC device is configured with a static DHCP allocation on the managed parent bridge (likely lxdbr0).
E.g.
lxc network show lxdbr0 # Look for ipv4.address to indicate the subnet of the managed bridge
lxc config device override c1 eth0 ipv4.address=<n.n.n.n> # A free IP in the bridge's network subnet.
lxc config device add c1 myproxy proxy listen=tcp:<host_ip>:<host_port> connect=tcp:<container_ip>:<container_port> nat=true
