I'm trying to set up several lxc's on an amazon ec2 instance, for others to be able to ssh into an individual container and work in each instance.
As a test I set up an ec2 instance, and created an lxc.
I created a network bridge:
brctl addbr br0
brctl setfd br0 0
ifconfig br0 192.168.3.1 up
Then set up some network rules:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
sysctl -w net.ipv4.ip_forward=1
Then edited /etc/dnsmasq.conf:
domain-needed
bogus-priv
interface = br0
listen-address = 127.0.0.1
listen-address = 192.168.3.1
expand-hosts
domain = containers
dhcp-range = 192.168.3.50,192.168.3.200,1h
And in /etc/dhcp/dhclient.conf:
prepend domain-name-servers 127.0.0.1;
prepend domain-search "containers.";
And renew the DHCP
dhclient3 -e IF_METRIC=100 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp3/dhclient.eth0.leases eth0
Finally restart dnsmasq:
service dnsmasq restart
I started the lxc and saw it's internal IP for br0 is 192.168.3.1
Then, I log into the lxc, edit /etc/ssh/sshd_config to listen on port 25001, then restart the ssh service.
I then on the host ec2 instance run:
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 25001 -j DNAT --to-destination 192.168.3.1:25001
After this I should be able to, on my local machine run :
ssh -i pemfile.pem -p 25001 ubuntu@ec2-instance-ip.compute-1.amazonaws.com
And then the ssh should be forwarded into the lxc, however it times out. Can anybody offer any suggestions as to what if anything I did incorrectly? Thanks.
Aucun commentaire:
Enregistrer un commentaire