Is it right to use LXD in the way like using virtual machine?

I used to use “VirtualBox” to have a Ubuntu 18.04 Linux operating system, and I use it to write python, R and some other programming tasks, and run those codes on that virtual machine.
But my colleague told me that the “VirtualBox” cost much CPU and memory resources.
So now I plan to use LXD, and do the jobs just like what I did when using “VirtualBox”. Is this right?
If it is possible to do it, I wonder how can I SSH connect to the LXD container? And how to expose the container’s network IP and port? Fox example, when I used “VirtualBox”, the virtual machine had an obvious IP address, and I could get it through command ip address, then in my local network, I could directly access it such as 192.168.0.10:8787 using a web browser. But how can I do this on LXD container?

I used to use “VirtualBox” to have a Ubuntu 18.04 Linux operating system, and I use it to write python, R and some other programming tasks, and run those codes on that virtual machine.
But my colleague told me that the “VirtualBox” cost much CPU and memory resources.
So now I plan to use LXD, and do the jobs just like what I did when using “VirtualBox”. Is this right?

Yes. Virtual box uses KVM and gives full virtualisation while LXD is Daemon based on liblxc offering a REST API to manage containers KVM belongs to “Virtualization Platform” category of the tech stack, while LXD can be primarily classified under "Virtual Machine Platforms & Containers"

If it is possible to do it, I wonder how can I SSH connect to the LXD container?
yes. you can directly bash into container from host by lxc exec bash. You can use putty. If you want a web-based terminal on go look at apache cockpit project. How have to do IP table rule or proxy with Nginx to port 22 of container to host IP : anyport

And how to expose the container’s network IP and port?

Fox example, when I used “VirtualBox”, the virtual machine had an obvious IP address, and I could get it through command ip address, then in my local network, I could directly access it such as 192.168.0.10:8787 using a web browser. But how can I do this on LXD container?

And About cockpit

https://dev.to/manishfoodtechs/unable-to-reach-terminal-through-putty-here-is-putty-alternative-browser-based-desktop-mobile-an-apache-project-pd5

LXD Community is wonderful . I learned everything here only :slight_smile: you can too.

The default network configuration for LXD uses a private bridge on the host so that the host and the containers on the system can communicate with each other. They can access the wider network and internet outbound only and their traffic is NATed to the host’s IP address on the external network.

If you need to hosts on the wider network to be able to reach your containers then there are several options available to you:

  1. If you want to expose a specified service to the wider network using the host’s IP on a particular set of ports then you can use the proxy device, see https://linuxcontainers.org/lxd/docs/master/instances#type-proxy.
  2. If you want the containers to appear as separate ‘nodes’ on the wider network then you can modify their NIC devices so that they are connected to the parent network. You can use a separate Linux bridge for this and then modify the parent setting on the container’s NIC to connect to it. See https://linuxcontainers.org/lxd/docs/master/instances#nictype-bridged

I want to set my lxc container a separate IP address.
Here is the network information of my physical machine and lxc container.

I want to set my lxc container’s IP to be 192.168.0.31, so that I can SSH connect to the lxc container no matter that I use Windows operating system machine or other Linux machine once I am in the local network 192.168.0.0.
How to configure it?

Another option is to setup a network route on your network with the LXD host as a gateway, so that you can access the container with its default network configuration:

If your router has an option to add a route, then that is the best way. You configure the router and every computer on the network can now access the container.
Otherwise, you can setup a route on each computer that you want to connect from.
For example, consider this configuration:
LXD host ip: 192.168.1.10
LXD container on above host: 10.1.2.3
On another Ubuntu desktop on the network, go to network settings (from the network icon of your desktop) -> IPV4 -> Routes:
address: 10.1.2.0
netmask: 255.255.255.0
Gateway: 192.168.1.10

On a Linux network server, you can run this:
route add -net 10.1.2.0 netmask 255.255.255.0 gw 192.168.1.10
Abd find a way to do this automatically at boot time.

1 Like

If I understand your question correctly , you want a public IP to attached to LXD containers. Look at IP aliasing. I did it once.

Another way , If you want reverse proxy:
suppose :
HOST :
Yourhost IP : 192.168.0.30
Cockpit listening to IP :192.168.0.30:9090
lxc container ip is : 192.168.0.1 and container name is c1

`lxc exec c1 bash`

You will be in c1 container :slight_smile:

I) install cockpit in c1 container , so now your c1 container will have cockpit terminal on 192.168.0.1:9090
2) we will use iptables to redirect port c1:9090 to host:9090
This can be achieved by running this command in host :
sudo -E bash -c 'iptables -t nat -I PREROUTING -i **eth0** -p TCP -d 192.168.0.30 --dport 5901 -j DNAT --to-destination192.168.0.1:9090 -m comment --comment " Phonix desk image Docker img IP"

Look what is bridge for your host ( ifconfig) and replace eth0 with your system bridge.

You are done : visit :192.168.0.30:5901 you can see visit your cockpit of container.

CARE :WHILE RUNNING DOCKER WITHIN LXD CONTAINER!!!

To achieve docker inside lxc :
: on host run this command
lxc launch ubuntu:20.04 c1 -c security.nesting=true

where c1 is lxd container. Now bash into lxd container lxc exec c1 bash and install docker.

now do ifconfig at host. This time you will see two ip address … one of LXD container and other of Docker container.

Now you have HOST —inside is --> LXD —inside is --> Docker.

Thank you.
My primary goal is to use LXD like VirtualBox! In VirtualBox, it’s so easy; just select the proper network mode in VirtualBox, and then turn on the virtual machine system; it’s done – the virtual machine looks like an absolutely separate machine, and then I can SSH connect to the virtual machine once I’m in the real local network, which means I can use my Microsoft Windows machine, or other Linux servers, and there’s nothing to do with the port transformation, which is not harmful to deploying daemon or services requiring some default ports, no matter on the physical host machine or on the virtual machine.
But I guess I don’t master the correct skill to handle LXD up to now.

By default, LXD containers get a private IP address, so that you need to be logged on the host to be able to then SSH to the containers. That is the default with Virtualbox.

However, with Virtualbox you can also use bridged networking so that the VM will get an IP address from the LAN, instead from the host. And the container will be accessible by other computers on the LAN.

You can do the same thing in LXD. You can use bridged networking (just like with VB), or macvlan (and a few other ways). With bridged networking, you would need to setup first the bridge on the host. With macvlan there is no need for additional configuration on the host, but the disadvantage is that the host cannot communicate with this container over the network.