Outside world access for Linux Containers

If you have ever used a virtual machine, you know how useful they can be. Linux has a special lightweight virtual machine-like interface that reuses the kernel, but installs the remaining portion of the operating system in a separate container. It uses less memory and integrates nicely with an existing system.

There are many advantages to these, but this is a functional post. Here is what you need. Note, I will be showing you instructions for Ubuntu 13.04.

First, install LXC (stands for LinuX Containers) and other needed software:

sudo apt-get install lxc bridge-utils -y

Next, download the web interface for Linux Containers

  sudo su
  wget http://lxc-webpanel.github.com/tools/install.sh -O - | bash

Note that root is required for the wget command because it is piped to a bash install script that requires root. Entering “sudo” before wget will not be enough.

At this point, you have linux containers. Go to http://localhost:5000 and login using user name ‘admin’ and password ‘admin’.

But utilities like this are no fun if they cannot be accessed through your normal router. Right now, all Containers will be created on a private 10.?.?.? network. Only your computer can access them. If that is all you need, stop here. If you would like to assign real ip addresses on your network, continue…

Note that Ubuntu uses the network manager app by default. Once we make our configuration, it is important to realize that future network changes need to be done through the command line. As soon as we modify the network settings file, all Network Manager interfaces will be overridden. This means that if you fail to setup network interfaces that already exist, they will not exist after restart.

So let us configure the network. Your setting may be different.

I use vim as my editor, you can use nano, vim, or anything else. Enter the following command:

sudo vim /etc/network/interfaces

This brings you into the main configuration for your networks. This is where you setup dns servers, interfaces, etc. The file I use is based on a dhcp connection (I create static assignments in the router for specific mac addresses.). Mine looks like this:

# interfaces(5) file used by ifup(8) and ifdown(8)

# This defines my wired interface.
auto eth0
iface eth0 inet manual

# This is the network bridge, the only thing that might need changing is the network interface name.
auto br0
iface br0 inet dhcp
bridge_ports eth0 lxcbr0

# This is the loopback – It was probably in the file by default
auto lo
iface lo inet loopback

After all that is done, restart the computer. After restart, verify that network connections work and then go to http://localhost:5000 and add a container. Make sure you change the network address to something in your network’s range (you can assign an ip, as long as it is in your subnet). If you do not assign something, an ip will be given in the range defined in your config for lxc. Also make sure that the network interface for the device is called “br0”

Tip 1: A couple of quick tips. DO NOT do this over ssh from the outside world. I’ve cut off my access a few times trying that. That being said, you probably will anyway, so maybe work on writing a script to reset settings in /etc/network/interfaces, then restart at a certain time of day if you don’t cancel it. That way, you will automatically regain access without having to be physically present.

Tip 2: If you installed on ubuntu, it probably has a default username and password of ubuntu. So ssh in with this command: (assuming the container is at 192.168.1.15)

ssh ubuntu@192.168.1.15
password: ubuntu

Tip 3: You can go to /var/lib/lxc/[NAME_OF_CONTAINER]/rootfs/ and access the folders of the file system for your virtual machine. This makes it easy to copy settings and other items into the virtual instance.

Tip 4: A good use of containers is for websites (they can each have their own ip address). Other good uses would include Caching dns servers for your network, media servers, anonybox setups, vpns, and anything else that you wish to install without screwing up your ubuntu installation settings.

Leave a Reply