caveat
These steps are my understanding of LXC/LXD containers at the time they were created. I am still learning. (Here there be dragons.)
Linux Mint
FYI: To see how I initially configure my Linux desktops click HERE
.
This will be the host (server) for the containers.
Note:
Install UWF (Uncomplicated Firewall) on the host
UFW is a simplified interface to iptables.
After installation enable it, if it isn't already.
Update all packages on the host
Install Apache2
Disable the host OS firewall
Note: I don't know which ports "lxc launch" (and other steps) require open so I temporarily open them all.
Launch an ubuntu container (named webserver)
Note: At the time of these steps 24.04 is the latest ubuntu LTS distribution. If there is a newer one use it.
List containers
Install Apache2 (in the container)
Enable the host's firewall
Test the web server (Apache2)
You should see the HTML for the home page. This verifies the web server is working and is available from the host.
At this point the web server (Apache2) is accessible from the host but not the outside world. (Host-only access.) Next is to allow external access to the web server. Note: In a host-only setup, LXC containers utilize the host's network namespace. This means they share the same network interfaces, IP addresses, and routing tables as the host system.
First Method - Proxy
Allow the WWW ports
This command will allow port 80 and potentially port 443 if the application profile for "www" includes it.
Display the firewall status
Make the web server visible outside the host via a Proxy
Connect the container to the external world.
Expose a container port to the host with a proxy. My LXC/LXD Proxy InformationSecond Method - UFW Forwarding ????
Since ufw 0.34 ufw supports forward rules.
Example
You also need to make sure you have the sysctl net.ipv4.ip_forward enabled. For most distributions, that's done by editing /etc/sysctl.conf and running sysctl -p or rebooting.
Note: UFW does not support NAT through its easy interface.
serverfault.com/questions/238563/can-i-use-ufw-to-setup-a-port-forward
How to configure UFW to allow IP Forwarding?
More Methods - More Architectures
Are there other methods? What about multiple independent web servers (containers) on a single host? What about DHCP? Routable vs non-routable IP address? What about NAT?
Test access to the web server from external systems.
Start adding web pages to the server. The root folder
(directory) is "/var/www/html/".
(
HTML Tutorial )
ifconfig notes
ifconfig (Wikipedia)
In a Linux system, "eno1" is a naming convention for the first onboard Ethernet network interface card (NIC). It signifies that the network adapter is integrated directly into the computer's motherboard and is the first such device recognized by the system.Note: eth0, eth1, ... were traditionally the names used for Ethernet interfaces, but modern systems often use predictable naming schemes like "eno1" for better consistency.
An LXC bridge network allows Linux containers (LXC) to communicate with each other and with the host machine as if they were on the same physical network segment. It effectively creates a virtual switch, enabling direct communication between containers and the host, similar to how virtual machines or physical devices on a network interact.
Links
Building a Network of Websites/Web Servers With LXD, for Beginners
How to Configure Bridge Networking in LXD
How to configure LXD network to host bridge?
LXC Container on same network as host with internet access
Apache HTTP Server (Wikipedia)
How to configure ufw to forward port 80/443 to internal server hosted on LAN
lxc container assigned ip address by external dhcp server
UFW (Ubuntu - Community Help Wiki)
Configure Networking for LXD Virtual Machines on Ubuntu Linux (YouTube)
Configure Networking for LXD Virtual Machines on Ubuntu Linux
(YouTube)