Lxd Container for Webserver

Configuring LXD

Log in to the server with the non-root account (User deploy in this example) and add the user to the lxd group:

sudo usermod --append --groups lxd deploy

Log out of the server and log in again!

Install ZFS filesystem:

sudo apt-get update
sudo apt-get install zfsutils-linux

Now configure LXD and choose the default options:

sudo lxd init
  • NAT IPv4 traffic
  • No IPv6 Network, because we only route the traffic from the outside to our internal IPv4 address.

Create Container for the webserver

Create and start a container with containername ‘webserver’:

lxc launch ubuntu:16.04 webserver

The following command should list your container now:

lxc list

Connect to the container

To connect to the container use:

lxc exec webserver -- sudo --login --user ubuntu

ubuntu is the default user of the Ubuntu image.

Or to connect as root:

lxc exec webserver bash

Install Apache inside the webserver container

sudo apt install apache2

Logout and test from the host:

curl http://[IPV4-Adress-of-Container]

This should print out the content of the default index.html on the console.

Forward incoming connections to the webserver container

PUBLIC_PORT=80 CONTAINER_PORT=80 PUBLIC_IP=your_server_ip CONTAINER_IP=your_container_ip 

sudo iptables -t nat -I PREROUTING -i eth0 -p TCP -d $PUBLIC_IP --dport $PUBLIC_PORT -j DNAT --to-destination $CONTAINER_IP:$CONTAINER_PORT -m comment --comment "forward to the Nginx container"

Check rules:

sudo iptables -t nat -L PREROUTING

Persist rules:

sudo apt install iptables-persistent

If you want to persist rules again, you can call

iptables-save

Expand the Loop backed ZFS pool

Find out the pools name and the path to the file:

sudo zpool status

Output:

sudo zpool status
  pool: <pool name>
 state: ONLINE
  scan: none requested
config:

        NAME              STATE     READ WRITE CKSUM
        <pool name>       ONLINE       0     0     0
          <path to file>  ONLINE       0     0     0

Now grow the pool

sudo truncate -s +5G <path to file>
sudo zpool set autoexpand=on <pool name>
sudo zpool online -e <pool name> <path to file>
sudo zpool set autoexpand=off <pool name>

Check

sudo zpool list