Great suggestions from Fajar. A couple more ideas if you only have one public IP on your container:
* Use HAProxy on the container’s main IP address with Server Name Identification (SNI) and a local DNS server. This way, all your sites are tied to the same IP address as the container with private addresses behind it. * Use nginx with local DNS lookups. Similar to haproxy except nginx redirects the web requests to the appropriate backend. -Ron > On May 20, 2017, at 9:34 AM, Fajar A. Nugraha <l...@fajar.net> wrote: > > On Sat, May 20, 2017 at 10:31 AM, Thomas Ward <tew...@ubuntu.com> wrote: > I've been able to switch this to a bridged method, with the > host interfaces set to 'manual', an inet0 bridge created that is static > IP'd for the host system to have its primary IP, and can have manual IP > assignments to containers on that bridged network for the other > non-primary IPs. > > > For sake of completeness: > - converting eth0 to be a slave is the "standard" approach: > https://help.ubuntu.com/lts/serverguide/lxc.html#lxc-network > https://help.ubuntu.com/lts/serverguide/network-configuration.html#bridging > > - an easier approach is to use macvlan. Especially if the host doesn't need > to communicate directly with the container (which should also be what happens > in your case, as it appears the host on the containers are on different > subnet) > https://github.com/lxc/lxd/blob/master/doc/containers.md#type-nic > > - however both approach won't work if your provider limits only ONE mac > address on your port. In this case you'd need either proxy-arp (somewhat > complicated, but possible), or simply use iptables to forward all traffic for > the secondary IP to the container. > > -- > Fajar > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users _______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
