How hard would it be to patch proxy
device to make local port available to remote container?
Right now proxy
, when added from remote LXD client, still operates on LXD host ports. This config, unfortunately, makes 127.0.0.1:3333
from the host available to the container, not 127.0.0.1:3333
from the local machine running client:
$ lxc config device add IPython remoteshared proxy listen=tcp:127.0.0.1:3333 \
connect=tcp:127.0.0.1:3333 bind=host
$ lxc config device show IPython
remoteshared:
bind: host
connect: tcp:127.0.0.1:3333
listen: tcp:127.0.0.1:3333
type: proxy
As a result, I can not use my local services if LXD container is remote. I share my project folder by NFS, sign keys over socket, authenticate git etc.
I am thinking that either new bind=remote
or new device like tunnel
could reuse already encrypted LXD connection to forward ports.