Skip to content

Latest commit

 

History

History
66 lines (51 loc) · 3.04 KB

README.rst

File metadata and controls

66 lines (51 loc) · 3.04 KB

TurnKey LXC LinuX Containers - 1 host, multiple TurnKey apps

TurnKey LXC simplifies downloading and deploying multiple TurnKey apps side-by-side on the same host in securely isolated lightweight containers while handling tricky details such as network routing. LXC (AKA LinuX Containers) is the rising star lightweight virtualization technology that powers Docker and other next generation software deployment platforms.

This appliance includes all the standard features in TurnKey Core, and on top of that:

  • Includes TurnKey LXC template:

    • Download and create a container of any TurnKey appliance.
    • Insert specified inithooks.conf into container for preseeding.
    • Supports configuration of network link (e.g., br0, natbr0, none).
    • Supports configuration of apt proxy.
    • Verifies GPG signatures when available
    • Wrapper for lxc-destroy cleans up after container is removed
    • Supports LVM on TurnKey's default volume group 'turnkey'
    • Allows TurnKey Ansible appliance to manage LXC containers
    • Generic enough to be used on any LXC enabled distribution.
  • Easily expose NAT containers services:

    • nginx-proxy: Expose a containers web services to the network by creating an nginx site configuration to proxy all web requests (ports 80, 443, 12320, 12321, 12322) destined for a specific domain to the container on the corresponding ports.
    • iptables-nat: Expose a containers non-web (e.g., SSH) service to the network by configuring iptables on the host to forward the traffic it receives on port X to the container on port Y.
  • LXC appliance configurations:

    • Preconfigured network bridge interface (br0).
    • Preconfigured network NAT bridge interface (natbr0).
    • Preconfigured dnsmasq on natbr0 providing DHCP and DNS services. Containers can be referenced by hostname or hostname.local.lxc
    • Includes apt-cacher-ng, binding to br0 interface.
    • Includes TurnKey web control panel (convenience).
    • Includes example inithooks configuration for preseeding (convenience).
    • IP forwarding and control groups enabled.
  • LXC limitations:

    • The LXC appliance cannot run in nested mode i.e. within an LXC container without additional configuration. This mode is not recommended for production systems because of security concerns.

See the Usage documentation for further details.

Credentials (passwords set at first boot)

  • Webmin, SSH: username root