Then created a Centos 7.6 container and installed NGINX and RSync server.
Attached the IP assigned by the birdge as a fixed IP to the container assuming it is using the default bridge lxdbr0:
$ lxc stop
$ lxc network attach lxdbr0 eth0 eth0
$ lxc config device set eth0 ipv4.address [IP address]
$ lxc start
$ sudo firewall-cmd --add-masquerade
Forwarded port 80 on the host to the LXD container port 80
$ sudo firewall-cmd --add-forward-port=port=80:proto=tcp:toport=80:toaddr=[IP address]
Forwarded port 443 on the host to the LXD container port 443
$ sudo firewall-cmd --add-forward-port=port=443:proto=tcp:toport=443:toaddr=[IP address]
Forwarded port 873 on the host to the LXD container port 873
$ sudo firewall-cmd --add-forward-port=port=873:proto=tcp:toport=873:toaddr=
I can successfully access NGINX both from the host and remotely but I can’t access http or https from the container after forwarding the ports.
For instance, if I run
curl http://google.com I get the homepage of NGINX installed on the container.
And if I remove MASQUERADE:
$ sudo firewall-cmd --remove-masquerade
Trying to run
curl http://google.com times out despite being able to ping Google from the container.
I could use a different port for NGINX on the container but I’m afraid I can’t run the RSync server on a different port.
I’m trying to avoid using the proxy directly on LXD for performance reasons as this server may have a bit of traffic.
Am I doing anything wrong? Any suggestions?