I just installed lxd version 3.0.3 on my master host. My master host ip address is 10.0.5.140
Inside this master host I’ve deployed a lxc container CentOS 8.
So my container centos8 is on ip address 10.100.112.37 (eth0).
I have installed httpd on container centos 8. I have not done any website yet. I just want the apache main page to display out.
My question is how can i get the website to display from my laptop / pc that I’m sitting now on ip address 10.0.5.110
I wish to test just for port 80 and no need port 443 yet.
Previously I have no issues on using macvlan or getting same IP same subnet from the local LAN IP, now I’m trying on different stuff. This idea may be wrong but I’m not sure and unable to get more info.
You need to expose the web server port of the container to your local LAN. By doing so, other computers on your LAN would connect using the IP address of the lxd host and a port of your choosing (for example, 80, if it is not used already by the host).
The LXD proxy documentation certainly makes it work, I follow the steps and it is working good. Can I ask if I could also do this below on one of the steps related to this lxd proxy.
Can I do this below?
lxc config device add newcentos8 newcentos8port80 proxy listen=tcp:0.0.0.0:80 connect=tcp:10.100.112.37:80
The reason for IP 10.100.112.37:80 was because I am sitting on another computer running on LAN IP address which is 10.0.5.110 and from the browser I launch I type http://10.100.112.37 or http://10.100.112.37:80 nothing works.
The computer I’m sitting is on same LAN IP range with the master host of this LXD which is IP address 10.0.5.140
It’s ok i’ve manage to get it working. I’ve also read somewhere and try using linux command from the host called “redir” which is a package to do redirection of TCP port. It is working as well.
I wish to ask let say in one master host I have more than 1 containers all wanted to expose to web port 80 & 443 and since I understand using “localhost” does not work and instead relying on IP address of each containers, how can we best allow this to work on using LXD?
While “localhost” does not work, you can use 127.0.0.1 instead. The reason for not accepting localhost is that a malicious container could define localhost to be a another’s container IP address and therefore trick lxd in exposing another container.
You would want to use 127.0.0.1 instead of the container’s IP address just for simplicity. It is easier to manage the commands if you do not need to keep track of whichever IP address was given to the container. Assumes that the web server binds to localhost. But if you insist on using the container’s IP address, you are free to use it.
When you use 127.0.0.1, LXD knows that it refers to the 127.0.0.1 of that particular container because you specify the container by name.
If you have more than one container with web servers and you want to expose all to port 80 on the host, then you need to use a reverse proxy and also setup hostnames. Or, instead use a different port for each container.
All these are required when each container is on a private bridge. Instead with macvlan, each container is already on the LAN and no proxy device is required.
Yes it can be done on different port define for each container. As you mention using reverse proxy and setup hostname, how can this be done? Can share more info?