How hard would it be to patch
proxy device to make local port available to remote container?
proxy, when added from remote LXD client, still operates on LXD host ports. This config, unfortunately, makes
127.0.0.1:3333 from the host available to the container, not
127.0.0.1:3333 from the local machine running client:
$ lxc config device add IPython remoteshared proxy listen=tcp:127.0.0.1:3333 \ connect=tcp:127.0.0.1:3333 bind=host $ lxc config device show IPython remoteshared: bind: host connect: tcp:127.0.0.1:3333 listen: tcp:127.0.0.1:3333 type: proxy
As a result, I can not use my local services if LXD container is remote. I share my project folder by NFS, sign keys over socket, authenticate git etc.
I am thinking that either new
bind=remote or new device like
tunnel could reuse already encrypted LXD connection to forward ports.