How to switch off networking for a container?

vrms · November 19, 2019, 9:57am

I have an application running inside ax LXD container which serves a UI to the users browser.
It has some offline capabilties and in order to test those I want to cut off a certain container from the internal LXD network.

My test instance runs on my local laptop and I access it vie the lxd internal network (10.19.225.xxx in my case), so just de-connecting my laptop from internet access does not do the trick. is there any easy way to disable/enable network for a certain container (of even all) container(s)?

At present I am disabling nginx inside that mentioned container, which I am not certain does the trick entirely because it ‘only’ renders the web interface inaccessible.

stgraber · November 19, 2019, 10:45pm

You could just remove the eth0 device from the container.

Assuming that yours is coming from a profile, you’ll need to mask it with something like:

lxc config device add NAME eth0 none

Then to have it show back up, remove the mask with:

lxc config device remove NAME eth0

Note that most Linux distributions will not perform DHCP when the device re-appears so you may want to just restart the container then.

vrms · November 20, 2019, 6:53pm

actually just stopping the container and switching it back on when I need the connection back may just do what I need. Somehow this didn’t come to my mind before. So thanks for seeding that thought.